diff --git a/cmd/cli/kubectl-kyverno/commands/fix/policy/options.go b/cmd/cli/kubectl-kyverno/commands/fix/policy/options.go index c8f3e20320..dcf7250178 100644 --- a/cmd/cli/kubectl-kyverno/commands/fix/policy/options.go +++ b/cmd/cli/kubectl-kyverno/commands/fix/policy/options.go @@ -61,7 +61,7 @@ func (o options) execute(out io.Writer, dirs ...string) error { } func (o options) processFile(out io.Writer, path string) { - policies, vaps, vapBindings, err := policy.LoadWithLoader(policy.KubectlValidateLoader, nil, "", path) + policies, vaps, vapBindings, _, err := policy.LoadWithLoader(policy.KubectlValidateLoader, nil, "", path) if err != nil { return } diff --git a/cmd/cli/kubectl-kyverno/commands/oci/pull/options.go b/cmd/cli/kubectl-kyverno/commands/oci/pull/options.go index 8958e1265e..6709273440 100644 --- a/cmd/cli/kubectl-kyverno/commands/oci/pull/options.go +++ b/cmd/cli/kubectl-kyverno/commands/oci/pull/options.go @@ -86,7 +86,7 @@ func (o options) execute(ctx context.Context, dir string, keychain authn.Keychai if err != nil { return fmt.Errorf("reading layer blob: %v", err) } - policies, _, _, err := yamlutils.GetPolicy(layerBytes) + policies, _, _, _, err := yamlutils.GetPolicy(layerBytes) if err != nil { return fmt.Errorf("unmarshaling layer blob: %v", err) } diff --git a/cmd/cli/kubectl-kyverno/commands/oci/push/options.go b/cmd/cli/kubectl-kyverno/commands/oci/push/options.go index f824dc1d71..e0536e6ad1 100644 --- a/cmd/cli/kubectl-kyverno/commands/oci/push/options.go +++ b/cmd/cli/kubectl-kyverno/commands/oci/push/options.go @@ -35,7 +35,7 @@ func (o options) validate(policy string) error { } func (o options) execute(ctx context.Context, dir string, keychain authn.Keychain) error { - policies, _, _, err := policy.Load(nil, "", dir) + policies, _, _, _, err := policy.Load(nil, "", dir) if err != nil { return fmt.Errorf("unable to read policy file or directory %s (%w)", dir, err) } diff --git a/cmd/cli/kubectl-kyverno/report/report_test.go b/cmd/cli/kubectl-kyverno/report/report_test.go index ec6f917398..56c7ff7586 100644 --- a/cmd/cli/kubectl-kyverno/report/report_test.go +++ b/cmd/cli/kubectl-kyverno/report/report_test.go @@ -15,7 +15,7 @@ import ( ) func TestComputeClusterPolicyReports(t *testing.T) { - policies, _, _, err := policy.Load(nil, "", "../_testdata/policies/cpol-pod-requirements.yaml") + policies, _, _, _, err := policy.Load(nil, "", "../_testdata/policies/cpol-pod-requirements.yaml") assert.NilError(t, err) assert.Equal(t, len(policies), 1) policy := policies[0] @@ -49,7 +49,7 @@ func TestComputeClusterPolicyReports(t *testing.T) { } func TestComputePolicyReports(t *testing.T) { - policies, _, _, err := policy.Load(nil, "", "../_testdata/policies/pol-pod-requirements.yaml") + policies, _, _, _, err := policy.Load(nil, "", "../_testdata/policies/pol-pod-requirements.yaml") assert.NilError(t, err) assert.Equal(t, len(policies), 1) policy := policies[0] @@ -84,7 +84,7 @@ func TestComputePolicyReports(t *testing.T) { } func TestComputePolicyReportResultsPerPolicyOld(t *testing.T) { - policies, _, _, err := policy.Load(nil, "", "../_testdata/policies/cpol-pod-requirements.yaml") + policies, _, _, _, err := policy.Load(nil, "", "../_testdata/policies/cpol-pod-requirements.yaml") assert.NilError(t, err) assert.Equal(t, len(policies), 1) policy := policies[0] @@ -162,7 +162,7 @@ func TestMergeClusterReport(t *testing.T) { } func TestComputePolicyReportResult(t *testing.T) { - policies, _, _, err := policy.Load(nil, "", "../_testdata/policies/cpol-pod-requirements.yaml") + policies, _, _, _, err := policy.Load(nil, "", "../_testdata/policies/cpol-pod-requirements.yaml") assert.NilError(t, err) assert.Equal(t, len(policies), 1) policy := policies[0] diff --git a/pkg/autogen/autogen_test.go b/pkg/autogen/autogen_test.go index 00e7e3c09d..a5820c91bf 100644 --- a/pkg/autogen/autogen_test.go +++ b/pkg/autogen/autogen_test.go @@ -569,7 +569,7 @@ kA== for _, test := range testCases { t.Run(test.name, func(t *testing.T) { - policies, _, _, err := yamlutils.GetPolicy([]byte(test.policy)) + policies, _, _, _, err := yamlutils.GetPolicy([]byte(test.policy)) assert.NilError(t, err) assert.Equal(t, 1, len(policies)) rules := computeRules(policies[0]) @@ -580,7 +580,7 @@ kA== func Test_PodSecurityWithNoExceptions(t *testing.T) { policy := []byte(`{"apiVersion":"kyverno.io/v1","kind":"ClusterPolicy","metadata":{"name":"pod-security"},"spec":{"validationFailureAction":"enforce","rules":[{"name":"restricted","match":{"all":[{"resources":{"kinds":["Pod"]}}]},"validate":{"podSecurity":{"level":"restricted","version":"v1.24"}}}]}}`) - policies, _, _, err := yamlutils.GetPolicy([]byte(policy)) + policies, _, _, _, err := yamlutils.GetPolicy([]byte(policy)) assert.NilError(t, err) assert.Equal(t, 1, len(policies)) @@ -628,7 +628,7 @@ func Test_ValidateWithCELExpressions(t *testing.T) { } } `) - policies, _, _, err := yamlutils.GetPolicy([]byte(policy)) + policies, _, _, _, err := yamlutils.GetPolicy([]byte(policy)) assert.NilError(t, err) assert.Equal(t, 1, len(policies)) diff --git a/pkg/controllers/validatingadmissionpolicy-generate/policycheck_test.go b/pkg/controllers/validatingadmissionpolicy-generate/policycheck_test.go index c13e8cc7fd..6dfa678ec3 100644 --- a/pkg/controllers/validatingadmissionpolicy-generate/policycheck_test.go +++ b/pkg/controllers/validatingadmissionpolicy-generate/policycheck_test.go @@ -477,7 +477,7 @@ func Test_Can_Generate_ValidatingAdmissionPolicy(t *testing.T) { for _, test := range testCases { t.Run(test.name, func(t *testing.T) { - policies, _, _, err := yamlutils.GetPolicy([]byte(test.policy)) + policies, _, _, _, err := yamlutils.GetPolicy([]byte(test.policy)) assert.NilError(t, err) assert.Equal(t, 1, len(policies)) out, _ := canGenerateVAP(policies[0].GetSpec()) diff --git a/pkg/utils/yaml/loadpolicy_test.go b/pkg/utils/yaml/loadpolicy_test.go index 11e37b727a..179fe43a21 100644 --- a/pkg/utils/yaml/loadpolicy_test.go +++ b/pkg/utils/yaml/loadpolicy_test.go @@ -489,7 +489,7 @@ spec: }} for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - gotPolicies, gotValidatingAdmissionPolicies, gotBindings, err := GetPolicy(tt.args.bytes) + gotPolicies, gotValidatingAdmissionPolicies, gotBindings, _, err := GetPolicy(tt.args.bytes) if tt.wantErr { assert.Error(t, err) } else { diff --git a/pkg/validatingadmissionpolicy/validatingadmissionpolicy_test.go b/pkg/validatingadmissionpolicy/validatingadmissionpolicy_test.go index 30743a1627..10ba02d036 100644 --- a/pkg/validatingadmissionpolicy/validatingadmissionpolicy_test.go +++ b/pkg/validatingadmissionpolicy/validatingadmissionpolicy_test.go @@ -127,7 +127,7 @@ spec: for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - _, policy, _, _ := yamlutils.GetPolicy(tt.policy) + _, policy, _, _, _ := yamlutils.GetPolicy(tt.policy) kinds := GetKinds(policy[0]) if !reflect.DeepEqual(kinds, tt.wantKinds) { t.Errorf("Expected %v, got %v", tt.wantKinds, kinds) diff --git a/pkg/validation/policy/allowed_vars_test.go b/pkg/validation/policy/allowed_vars_test.go index 83267eaf4f..e06ad6ef6d 100644 --- a/pkg/validation/policy/allowed_vars_test.go +++ b/pkg/validation/policy/allowed_vars_test.go @@ -54,7 +54,7 @@ func TestNotAllowedVars_MatchSection(t *testing.T) { } `) - policy, _, _, err := yamlutils.GetPolicy(policyWithVarInMatch) + policy, _, _, _, err := yamlutils.GetPolicy(policyWithVarInMatch) assert.NilError(t, err) err = hasInvalidVariables(policy[0], false) @@ -106,7 +106,7 @@ func TestNotAllowedVars_ExcludeSection(t *testing.T) { } `) - policy, _, _, err := yamlutils.GetPolicy(policyWithVarInExclude) + policy, _, _, _, err := yamlutils.GetPolicy(policyWithVarInExclude) assert.NilError(t, err) err = hasInvalidVariables(policy[0], false) @@ -159,7 +159,7 @@ func TestNotAllowedVars_ExcludeSection_PositiveCase(t *testing.T) { } `) - policy, _, _, err := yamlutils.GetPolicy(policyWithVarInExclude) + policy, _, _, _, err := yamlutils.GetPolicy(policyWithVarInExclude) assert.NilError(t, err) err = hasInvalidVariables(policy[0], false) @@ -193,7 +193,7 @@ func TestNotAllowedVars_JSONPatchPath(t *testing.T) { } }`) - policy, _, _, err := yamlutils.GetPolicy(policyWithVarInExclude) + policy, _, _, _, err := yamlutils.GetPolicy(policyWithVarInExclude) assert.NilError(t, err) err = hasInvalidVariables(policy[0], false) @@ -238,7 +238,7 @@ func TestNotAllowedVars_JSONPatchPath_ContextRootPositive(t *testing.T) { } }`) - policy, _, _, err := yamlutils.GetPolicy(policyManifest) + policy, _, _, _, err := yamlutils.GetPolicy(policyManifest) assert.NilError(t, err) err = hasInvalidVariables(policy[0], false) @@ -281,7 +281,7 @@ func TestNotAllowedVars_JSONPatchPath_ContextSubPositive(t *testing.T) { } }`) - policy, _, _, err := yamlutils.GetPolicy(policyManifest) + policy, _, _, _, err := yamlutils.GetPolicy(policyManifest) assert.NilError(t, err) err = hasInvalidVariables(policy[0], false) @@ -315,7 +315,7 @@ func TestNotAllowedVars_JSONPatchPath_PositiveCase(t *testing.T) { } }`) - policy, _, _, err := yamlutils.GetPolicy(policyWithVarInExclude) + policy, _, _, _, err := yamlutils.GetPolicy(policyWithVarInExclude) assert.NilError(t, err) err = hasInvalidVariables(policy[0], false) @@ -347,7 +347,7 @@ spec: policyJSON, err := yaml.ToJSON(policyYAML) assert.NilError(t, err) - policy, _, _, err := yamlutils.GetPolicy(policyJSON) + policy, _, _, _, err := yamlutils.GetPolicy(policyJSON) assert.NilError(t, err) err = hasInvalidVariables(policy[0], false) @@ -435,7 +435,7 @@ func TestNotAllowedVars_VariableFormats(t *testing.T) { value: "foo.com" `, tc.input)) - policy, _, _, err := yamlutils.GetPolicy(policyYAML) + policy, _, _, _, err := yamlutils.GetPolicy(policyYAML) assert.NilError(t, err) err = hasInvalidVariables(policy[0], false) @@ -481,7 +481,7 @@ spec: policyJSON, err := yaml.ToJSON(policyYAML) assert.NilError(t, err) - policy, _, _, err := yamlutils.GetPolicy(policyJSON) + policy, _, _, _, err := yamlutils.GetPolicy(policyJSON) assert.NilError(t, err) err = hasInvalidVariables(policy[0], false)