mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-31 03:45:17 +00:00
Code Activity

522 added service account name in context

Browse source
This commit is contained in:
shravan 2020-03-04 19:38:33 +05:30
parent 044d55600a
commit b27a62b6bf
1 changed files with 9 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
pkg/openapi/validation.go
View file

@ -79,10 +79,17 @@ func ValidatePolicyMutation(policy v1.ClusterPolicy) error {
resource, _ := generateEmptyResource(openApiGlobalState.definitions[openApiGlobalState.kindToDefinitionName[kind]]).(map[string]interface{}) resource, _ := generateEmptyResource(openApiGlobalState.definitions[openApiGlobalState.kindToDefinitionName[kind]]).(map[string]interface{})
newResource := unstructured.Unstructured{Object: resource} newResource := unstructured.Unstructured{Object: resource}
newResource.SetKind(kind) newResource.SetKind(kind)
ctx := context.NewContext()
err := ctx.AddSA("kyvernoDummyUsername")
if err != nil {
glog.Infof("Failed to load service account in context:%v", err)
}
policyContext := engine.PolicyContext{ policyContext := engine.PolicyContext{
Policy: newPolicy, Policy: newPolicy,
NewResource: newResource, NewResource: newResource,
Context: context.NewContext(), Context: ctx,
} }
resp := engine.Mutate(policyContext) resp := engine.Mutate(policyContext)
if len(resp.GetSuccessRules()) != len(rules) { if len(resp.GetSuccessRules()) != len(rules) {
@ -94,7 +101,7 @@ func ValidatePolicyMutation(policy v1.ClusterPolicy) error {
} }
return fmt.Errorf(strings.Join(errMessages, "\n")) return fmt.Errorf(strings.Join(errMessages, "\n"))
} }
err := ValidateResource(resp.PatchedResource.UnstructuredContent(), kind) err = ValidateResource(resp.PatchedResource.UnstructuredContent(), kind)
if err != nil { if err != nil {
return err return err
} }