mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-13 19:28:55 +00:00
Code Activity

fix: global context crd improvements (#9621)

Browse source 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
This commit is contained in:
Charles-Edouard Brétéché 2024-02-02 18:42:20 +01:00 committed by GitHub
parent 3142af64a0
commit b532525321
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
13 changed files with 178 additions and 74 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
api/kyverno/v1/common_types.go
View file

@ -87,7 +87,7 @@ type ContextEntry struct {
// APICall is an HTTP request to the Kubernetes API server, or other JSON web service.
// The data returned is stored in the context with the name for the context entry.
APICall *APICall `json:"apiCall,omitempty" yaml:"apiCall,omitempty"`
APICall *ContextAPICall `json:"apiCall,omitempty" yaml:"apiCall,omitempty"`
// ImageRegistry defines requests to an OCI/Docker V2 registry to fetch image
// details.
@ -161,6 +161,10 @@ type APICall struct {
// Service is an API call to a JSON web service
// +kubebuilder:validation:Optional
Service *ServiceCall `json:"service,omitempty" yaml:"service,omitempty"`
}
type ContextAPICall struct {
APICall `json:",inline" yaml:",inline"`
// JMESPath is an optional JSON Match Expression that can be used to
// transform the JSON response returned from the server. For example

19
api/kyverno/v1/zz_generated.deepcopy.go
View file

@ -443,6 +443,23 @@ func (in *ConfigMapReference) DeepCopy() *ConfigMapReference {
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ContextAPICall) DeepCopyInto(out *ContextAPICall) {
*out = *in
in.APICall.DeepCopyInto(&out.APICall)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContextAPICall.
func (in *ContextAPICall) DeepCopy() *ContextAPICall {
if in == nil {
return nil
}
out := new(ContextAPICall)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ContextEntry) DeepCopyInto(out *ContextEntry) {
*out = *in
@ -453,7 +470,7 @@ func (in *ContextEntry) DeepCopyInto(out *ContextEntry) {
}
if in.APICall != nil {
in, out := &in.APICall, &out.APICall
*out = new(APICall)
*out = new(ContextAPICall)
(*in).DeepCopyInto(*out)
}
if in.ImageRegistry != nil {

7
charts/kyverno/charts/crds/templates/kyverno.io/kyverno.io_globalcontextentries.yaml
View file

@ -63,13 +63,6 @@ spec:
- value
type: object
type: array
jmesPath:
description: JMESPath is an optional JSON Match Expression that
can be used to transform the JSON response returned from the
server. For example a JMESPath of "items | length(@)" applied
to the API server response for the URLPath "/apis/apps/v1/deployments"
will return the total count of deployments across all namespaces.
type: string
method:
default: GET
description: Method is the HTTP request type (GET or POST).

7
config/crds/kyverno/kyverno.io_globalcontextentries.yaml
View file

@ -57,13 +57,6 @@ spec:
- value
type: object
type: array
jmesPath:
description: JMESPath is an optional JSON Match Expression that
can be used to transform the JSON response returned from the
server. For example a JMESPath of "items | length(@)" applied
to the API server response for the URLPath "/apis/apps/v1/deployments"
will return the total count of deployments across all namespaces.
type: string
method:
default: GET
description: Method is the HTTP request type (GET or POST).

7
config/install-latest-testing.yaml
View file

@ -28204,13 +28204,6 @@ spec:
- value
type: object
type: array
jmesPath:
description: JMESPath is an optional JSON Match Expression that
can be used to transform the JSON response returned from the
server. For example a JMESPath of "items | length(@)" applied
to the API server response for the URLPath "/apis/apps/v1/deployments"
will return the total count of deployments across all namespaces.
type: string
method:
default: GET
description: Method is the HTTP request type (GET or POST).

70
docs/user/crd/index.html
View file

@ -610,7 +610,7 @@ PolicyStatus
</h3>
<p>
(<em>Appears on:</em>
<a href="#kyverno.io/v1.ContextEntry">ContextEntry</a>,
<a href="#kyverno.io/v1.ContextAPICall">ContextAPICall</a>,
<a href="#kyverno.io/v2alpha1.ExternalAPICall">ExternalAPICall</a>)
</p>
<p>
@ -677,21 +677,6 @@ ServiceCall
<p>Service is an API call to a JSON web service</p>
</td>
</tr>
<tr>
<td>
<code>jmesPath</code><br/>
<em>
string
</em>
</td>
<td>
<p>JMESPath is an optional JSON Match Expression that can be used to
transform the JSON response returned from the server. For example
a JMESPath of &ldquo;items | length(@)&rdquo; applied to the API server response
for the URLPath &ldquo;/apis/apps/v1/deployments&rdquo; will return the total count
of deployments across all namespaces.</p>
</td>
</tr>
</tbody>
</table>
<hr />
@ -1399,6 +1384,55 @@ string
</tbody>
</table>
<hr />
<h3 id="kyverno.io/v1.ContextAPICall">ContextAPICall
</h3>
<p>
(<em>Appears on:</em>
<a href="#kyverno.io/v1.ContextEntry">ContextEntry</a>)
</p>
<p>
</p>
<table class="table table-striped">
<thead class="thead-dark">
<tr>
<th>Field</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>
<code>APICall</code><br/>
<em>
<a href="#kyverno.io/v1.APICall">
APICall
</a>
</em>
</td>
<td>
<p>
(Members of <code>APICall</code> are embedded into this type.)
</p>
</td>
</tr>
<tr>
<td>
<code>jmesPath</code><br/>
<em>
string
</em>
</td>
<td>
<p>JMESPath is an optional JSON Match Expression that can be used to
transform the JSON response returned from the server. For example
a JMESPath of &ldquo;items | length(@)&rdquo; applied to the API server response
for the URLPath &ldquo;/apis/apps/v1/deployments&rdquo; will return the total count
of deployments across all namespaces.</p>
</td>
</tr>
</tbody>
</table>
<hr />
<h3 id="kyverno.io/v1.ContextEntry">ContextEntry
</h3>
<p>
@ -1451,8 +1485,8 @@ ConfigMapReference
<td>
<code>apiCall</code><br/>
<em>
<a href="#kyverno.io/v1.APICall">
APICall
<a href="#kyverno.io/v1.ContextAPICall">
ContextAPICall
</a>
</em>
</td>

17
pkg/client/applyconfigurations/kyverno/v1/apicall.go
View file

@ -25,11 +25,10 @@ import (
// APICallApplyConfiguration represents an declarative configuration of the APICall type for use
// with apply.
type APICallApplyConfiguration struct {
URLPath *string `json:"urlPath,omitempty"`
Method *v1.Method `json:"method,omitempty"`
Data []RequestDataApplyConfiguration `json:"data,omitempty"`
Service *ServiceCallApplyConfiguration `json:"service,omitempty"`
JMESPath *string `json:"jmesPath,omitempty"`
URLPath *string `json:"urlPath,omitempty"`
Method *v1.Method `json:"method,omitempty"`
Data []RequestDataApplyConfiguration `json:"data,omitempty"`
Service *ServiceCallApplyConfiguration `json:"service,omitempty"`
}
// APICallApplyConfiguration constructs an declarative configuration of the APICall type for use with
@ -74,11 +73,3 @@ func (b *APICallApplyConfiguration) WithService(value *ServiceCallApplyConfigura
b.Service = value
return b
}
// WithJMESPath sets the JMESPath field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the JMESPath field is set to the value of the last call.
func (b *APICallApplyConfiguration) WithJMESPath(value string) *APICallApplyConfiguration {
b.JMESPath = &value
return b
}

81
pkg/client/applyconfigurations/kyverno/v1/contextapicall.go Normal file
View file

@ -0,0 +1,81 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by applyconfiguration-gen. DO NOT EDIT.
package v1
import (
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
)
// ContextAPICallApplyConfiguration represents an declarative configuration of the ContextAPICall type for use
// with apply.
type ContextAPICallApplyConfiguration struct {
APICallApplyConfiguration `json:",inline"`
JMESPath *string `json:"jmesPath,omitempty"`
}
// ContextAPICallApplyConfiguration constructs an declarative configuration of the ContextAPICall type for use with
// apply.
func ContextAPICall() *ContextAPICallApplyConfiguration {
return &ContextAPICallApplyConfiguration{}
}
// WithURLPath sets the URLPath field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the URLPath field is set to the value of the last call.
func (b *ContextAPICallApplyConfiguration) WithURLPath(value string) *ContextAPICallApplyConfiguration {
b.URLPath = &value
return b
}
// WithMethod sets the Method field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Method field is set to the value of the last call.
func (b *ContextAPICallApplyConfiguration) WithMethod(value kyvernov1.Method) *ContextAPICallApplyConfiguration {
b.Method = &value
return b
}
// WithData adds the given value to the Data field in the declarative configuration
// and returns the receiver, so that objects can be build by chaining "With" function invocations.
// If called multiple times, values provided by each call will be appended to the Data field.
func (b *ContextAPICallApplyConfiguration) WithData(values ...*RequestDataApplyConfiguration) *ContextAPICallApplyConfiguration {
for i := range values {
if values[i] == nil {
panic("nil value passed to WithData")
}
b.Data = append(b.Data, *values[i])
}
return b
}
// WithService sets the Service field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Service field is set to the value of the last call.
func (b *ContextAPICallApplyConfiguration) WithService(value *ServiceCallApplyConfiguration) *ContextAPICallApplyConfiguration {
b.Service = value
return b
}
// WithJMESPath sets the JMESPath field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the JMESPath field is set to the value of the last call.
func (b *ContextAPICallApplyConfiguration) WithJMESPath(value string) *ContextAPICallApplyConfiguration {
b.JMESPath = &value
return b
}

4
pkg/client/applyconfigurations/kyverno/v1/contextentry.go
View file

@ -23,7 +23,7 @@ package v1
type ContextEntryApplyConfiguration struct {
Name *string `json:"name,omitempty"`
ConfigMap *ConfigMapReferenceApplyConfiguration `json:"configMap,omitempty"`
APICall *APICallApplyConfiguration `json:"apiCall,omitempty"`
APICall *ContextAPICallApplyConfiguration `json:"apiCall,omitempty"`
ImageRegistry *ImageRegistryApplyConfiguration `json:"imageRegistry,omitempty"`
Variable *VariableApplyConfiguration `json:"variable,omitempty"`
}
@ -53,7 +53,7 @@ func (b *ContextEntryApplyConfiguration) WithConfigMap(value *ConfigMapReference
// WithAPICall sets the APICall field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the APICall field is set to the value of the last call.
func (b *ContextEntryApplyConfiguration) WithAPICall(value *APICallApplyConfiguration) *ContextEntryApplyConfiguration {
func (b *ContextEntryApplyConfiguration) WithAPICall(value *ContextAPICallApplyConfiguration) *ContextEntryApplyConfiguration {
b.APICall = value
return b
}

8
pkg/client/applyconfigurations/kyverno/v2alpha1/externalapicall.go
View file

@ -74,14 +74,6 @@ func (b *ExternalAPICallApplyConfiguration) WithService(value *v1.ServiceCallApp
return b
}
// WithJMESPath sets the JMESPath field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the JMESPath field is set to the value of the last call.
func (b *ExternalAPICallApplyConfiguration) WithJMESPath(value string) *ExternalAPICallApplyConfiguration {
b.JMESPath = &value
return b
}
// WithRefreshInterval sets the RefreshInterval field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the RefreshInterval field is set to the value of the last call.

2
pkg/client/applyconfigurations/utils.go
View file

@ -69,6 +69,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} {
return &kyvernov1.ConditionApplyConfiguration{}
case v1.SchemeGroupVersion.WithKind("ConfigMapReference"):
return &kyvernov1.ConfigMapReferenceApplyConfiguration{}
case v1.SchemeGroupVersion.WithKind("ContextAPICall"):
return &kyvernov1.ContextAPICallApplyConfiguration{}
case v1.SchemeGroupVersion.WithKind("ContextEntry"):
return &kyvernov1.ContextEntryApplyConfiguration{}
case v1.SchemeGroupVersion.WithKind("CTLog"):

6
pkg/engine/apicall/apiCall.go
View file

@ -84,7 +84,7 @@ func (a *apiCall) Store(data []byte) ([]byte, error) {
return results, nil
}
func (a *apiCall) Execute(ctx context.Context, call *kyvernov1.APICall) ([]byte, error) {
func (a *apiCall) Execute(ctx context.Context, call *kyvernov1.ContextAPICall) ([]byte, error) {
if call.URLPath != "" {
return a.executeK8sAPICall(ctx, call.URLPath, call.Method, call.Data)
}
@ -104,7 +104,7 @@ func (a *apiCall) executeK8sAPICall(ctx context.Context, path string, method kyv
return jsonData, nil
}
func (a *apiCall) executeServiceCall(ctx context.Context, apiCall *kyvernov1.APICall) ([]byte, error) {
func (a *apiCall) executeServiceCall(ctx context.Context, apiCall *kyvernov1.ContextAPICall) ([]byte, error) {
if apiCall.Service == nil {
return nil, fmt.Errorf("missing service for APICall %s", a.entry.Name)
}
@ -152,7 +152,7 @@ func (a *apiCall) executeServiceCall(ctx context.Context, apiCall *kyvernov1.API
return body, nil
}
func (a *apiCall) buildHTTPRequest(ctx context.Context, apiCall *kyvernov1.APICall) (req *http.Request, err error) {
func (a *apiCall) buildHTTPRequest(ctx context.Context, apiCall *kyvernov1.ContextAPICall) (req *http.Request, err error) {
if apiCall.Service == nil {
return nil, fmt.Errorf("missing service")
}

18
pkg/engine/apicall/apiCall_test.go
View file

@ -73,9 +73,11 @@ func Test_serviceGetRequest(t *testing.T) {
assert.ErrorContains(t, err, "missing APICall")
entry.Name = "test"
entry.APICall = &kyvernov1.APICall{
Service: &kyvernov1.ServiceCall{
URL: s.URL,
entry.APICall = &kyvernov1.ContextAPICall{
APICall: kyvernov1.APICall{
Service: &kyvernov1.ServiceCall{
URL: s.URL,
},
},
}
@ -123,10 +125,12 @@ func Test_servicePostRequest(t *testing.T) {
entry := kyvernov1.ContextEntry{
Name: "test",
APICall: &kyvernov1.APICall{
Method: "POST",
Service: &kyvernov1.ServiceCall{
URL: s.URL + "/resource",
APICall: &kyvernov1.ContextAPICall{
APICall: kyvernov1.APICall{
Method: "POST",
Service: &kyvernov1.ServiceCall{
URL: s.URL + "/resource",
},
},
},
}