527 minor fixes

pkg/policy/status.go

@@ -2,6 +2,7 @@ package policy
 
 import (
 	"log"
+	"sort"
 	"sync"
 	"time"
 
@@ -118,6 +119,10 @@ func (s *StatSync) UpdateStatusWithMutateStats(response response.EngineResponse)
 		ruleStats = append(ruleStats, ruleStat)
 	}
 
+	sort.Slice(ruleStats, func(i, j int) bool {
+		return ruleStats[i].Name < ruleStats[j].Name
+	})
+
 	policyStatus.AvgExecutionTime = policyAverageExecutionTime.String()
 	policyStatus.Rules = ruleStats
 
@@ -154,13 +159,13 @@ func (s *StatSync) UpdateStatusWithValidateStats(response response.EngineRespons
 		if rule.Success {
 			policyStatus.RulesAppliedCount++
 			ruleStat.AppliedCount++
+		} else {
+			policyStatus.ViolationCount++
+			ruleStat.ViolationCount++
 			if response.PolicyResponse.ValidationFailureAction == "enforce" {
 				policyStatus.ResourcesBlockedCount++
 				ruleStat.ResourcesBlockedCount++
 			}
-		} else {
-			policyStatus.ViolationCount++
-			ruleStat.ViolationCount++
 		}
 
 		nameToRule[rule.Name] = ruleStat
@@ -176,6 +181,10 @@ func (s *StatSync) UpdateStatusWithValidateStats(response response.EngineRespons
 		ruleStats = append(ruleStats, ruleStat)
 	}
 
+	sort.Slice(ruleStats, func(i, j int) bool {
+		return ruleStats[i].Name < ruleStats[j].Name
+	})
+
 	policyStatus.AvgExecutionTime = policyAverageExecutionTime.String()
 	policyStatus.Rules = ruleStats
 
@@ -230,6 +239,10 @@ func (s *StatSync) UpdateStatusWithGenerateStats(response response.EngineRespons
 		ruleStats = append(ruleStats, ruleStat)
 	}
 
+	sort.Slice(ruleStats, func(i, j int) bool {
+		return ruleStats[i].Name < ruleStats[j].Name
+	})
+
 	policyStatus.AvgExecutionTime = policyAverageExecutionTime.String()
 	policyStatus.Rules = ruleStats
 

pkg/webhooks/generation.go

@@ -58,7 +58,6 @@ func (ws *WebhookServer) HandleGenerate(request *v1beta1.AdmissionRequest, polic
 	for _, policy := range policies {
 		policyContext.Policy = policy
 		engineResponse := engine.Generate(policyContext)
-		go ws.status.UpdateStatusWithGenerateStats(engineResponse)
 		if len(engineResponse.PolicyResponse.Rules) > 0 {
 			// some generate rules do apply to the resource
 			engineResponses = append(engineResponses, engineResponse)

pkg/webhooks/mutation.go

@@ -62,11 +62,11 @@ func (ws *WebhookServer) HandleMutation(request *v1beta1.AdmissionRequest, resou
 		}
 		engineResponse := engine.Mutate(policyContext)
 		engineResponses = append(engineResponses, engineResponse)
+		go ws.status.UpdateStatusWithMutateStats(engineResponse)
 		if !engineResponse.IsSuccesful() {
 			glog.V(4).Infof("Failed to apply policy %s on resource %s/%s\n", policy.Name, resource.GetNamespace(), resource.GetName())
 			continue
 		}
-		go ws.status.UpdateStatusWithMutateStats(engineResponse)
 		// gather patches
 		patches = append(patches, engineResponse.GetPatches()...)
 		glog.V(4).Infof("Mutation from policy %s has applied successfully to %s %s/%s", policy.Name, request.Kind.Kind, resource.GetNamespace(), resource.GetName())

pkg/webhooks/validation.go

@@ -69,11 +69,11 @@ func (ws *WebhookServer) HandleValidation(request *v1beta1.AdmissionRequest, pol
 			continue
 		}
 		engineResponses = append(engineResponses, engineResponse)
+		go ws.status.UpdateStatusWithValidateStats(engineResponse)
 		if !engineResponse.IsSuccesful() {
 			glog.V(4).Infof("Failed to apply policy %s on resource %s/%s\n", policy.Name, newR.GetNamespace(), newR.GetName())
 			continue
 		}
-		go ws.status.UpdateStatusWithValidateStats(engineResponse)
 	}
 	glog.V(4).Infof("eval: %v %s/%s/%s ", time.Since(evalTime), request.Kind, request.Namespace, request.Name)
 	// report time