mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-15 20:20:22 +00:00
chore: organize constants better (#7941)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
This commit is contained in:
parent
c38a014468
commit
b6251c9894
13 changed files with 24 additions and 24 deletions
|
@ -1,13 +1,13 @@
|
||||||
package kyverno
|
package kyverno
|
||||||
|
|
||||||
const (
|
const (
|
||||||
// PodControllersAnnotation defines the annotation key for Pod-Controllers
|
// Well known labels
|
||||||
PodControllersAnnotation = "pod-policies.kyverno.io/autogen-controllers"
|
LabelAppManagedBy = "app.kubernetes.io/managed-by"
|
||||||
// LabelAppManagedBy defines the label key for managed-by label
|
// Well known annotations
|
||||||
LabelAppManagedBy = "app.kubernetes.io/managed-by"
|
AnnotationAutogenControllers = "pod-policies.kyverno.io/autogen-controllers"
|
||||||
AnnotationPolicyCategory = "policies.kyverno.io/category"
|
AnnotationPolicyCategory = "policies.kyverno.io/category"
|
||||||
AnnotationPolicySeverity = "policies.kyverno.io/severity"
|
AnnotationPolicySeverity = "policies.kyverno.io/severity"
|
||||||
AnnotationPolicyScored = "policies.kyverno.io/scored"
|
AnnotationPolicyScored = "policies.kyverno.io/scored"
|
||||||
// ValueKyvernoApp defines the kyverno application value
|
// Well known values
|
||||||
ValueKyvernoApp = "kyverno"
|
ValueKyvernoApp = "kyverno"
|
||||||
)
|
)
|
||||||
|
|
|
@ -45,7 +45,7 @@ func Test_ClusterPolicy_Autogen_All(t *testing.T) {
|
||||||
ObjectMeta: metav1.ObjectMeta{
|
ObjectMeta: metav1.ObjectMeta{
|
||||||
Name: "policy",
|
Name: "policy",
|
||||||
Annotations: map[string]string{
|
Annotations: map[string]string{
|
||||||
kyverno.PodControllersAnnotation: "all",
|
kyverno.AnnotationAutogenControllers: "all",
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
@ -44,7 +44,7 @@ type ClusterPolicy struct {
|
||||||
// HasAutoGenAnnotation checks if a policy has auto-gen annotation
|
// HasAutoGenAnnotation checks if a policy has auto-gen annotation
|
||||||
func (p *ClusterPolicy) HasAutoGenAnnotation() bool {
|
func (p *ClusterPolicy) HasAutoGenAnnotation() bool {
|
||||||
annotations := p.GetAnnotations()
|
annotations := p.GetAnnotations()
|
||||||
val, ok := annotations[kyverno.PodControllersAnnotation]
|
val, ok := annotations[kyverno.AnnotationAutogenControllers]
|
||||||
if ok && strings.ToLower(val) != "none" {
|
if ok && strings.ToLower(val) != "none" {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
|
@ -45,7 +45,7 @@ func Test_Policy_Autogen_All(t *testing.T) {
|
||||||
Name: "policy",
|
Name: "policy",
|
||||||
Namespace: "abcd",
|
Namespace: "abcd",
|
||||||
Annotations: map[string]string{
|
Annotations: map[string]string{
|
||||||
kyverno.PodControllersAnnotation: "all",
|
kyverno.AnnotationAutogenControllers: "all",
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
@ -45,7 +45,7 @@ type Policy struct {
|
||||||
// HasAutoGenAnnotation checks if a policy has auto-gen annotation
|
// HasAutoGenAnnotation checks if a policy has auto-gen annotation
|
||||||
func (p *Policy) HasAutoGenAnnotation() bool {
|
func (p *Policy) HasAutoGenAnnotation() bool {
|
||||||
annotations := p.GetAnnotations()
|
annotations := p.GetAnnotations()
|
||||||
val, ok := annotations[kyverno.PodControllersAnnotation]
|
val, ok := annotations[kyverno.AnnotationAutogenControllers]
|
||||||
if ok && strings.ToLower(val) != "none" {
|
if ok && strings.ToLower(val) != "none" {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
|
@ -29,7 +29,7 @@ func ToJSON(in apiextensions.JSON) *apiextv1.JSON {
|
||||||
|
|
||||||
// ValidatePolicyName validates policy name
|
// ValidatePolicyName validates policy name
|
||||||
func ValidateAutogenAnnotation(path *field.Path, annotations map[string]string) (errs field.ErrorList) {
|
func ValidateAutogenAnnotation(path *field.Path, annotations map[string]string) (errs field.ErrorList) {
|
||||||
value, ok := annotations[kyverno.PodControllersAnnotation]
|
value, ok := annotations[kyverno.AnnotationAutogenControllers]
|
||||||
if ok {
|
if ok {
|
||||||
if value == "all" {
|
if value == "all" {
|
||||||
errs = append(errs, field.Forbidden(path, "Autogen annotation does not support 'all' anymore, remove the annotation or set it to a valid value"))
|
errs = append(errs, field.Forbidden(path, "Autogen annotation does not support 'all' anymore, remove the annotation or set it to a valid value"))
|
||||||
|
|
|
@ -45,7 +45,7 @@ func Test_ClusterPolicy_Autogen_All(t *testing.T) {
|
||||||
ObjectMeta: metav1.ObjectMeta{
|
ObjectMeta: metav1.ObjectMeta{
|
||||||
Name: "policy",
|
Name: "policy",
|
||||||
Annotations: map[string]string{
|
Annotations: map[string]string{
|
||||||
kyverno.PodControllersAnnotation: "all",
|
kyverno.AnnotationAutogenControllers: "all",
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
@ -44,7 +44,7 @@ type ClusterPolicy struct {
|
||||||
// HasAutoGenAnnotation checks if a policy has auto-gen annotation
|
// HasAutoGenAnnotation checks if a policy has auto-gen annotation
|
||||||
func (p *ClusterPolicy) HasAutoGenAnnotation() bool {
|
func (p *ClusterPolicy) HasAutoGenAnnotation() bool {
|
||||||
annotations := p.GetAnnotations()
|
annotations := p.GetAnnotations()
|
||||||
val, ok := annotations[kyverno.PodControllersAnnotation]
|
val, ok := annotations[kyverno.AnnotationAutogenControllers]
|
||||||
if ok && strings.ToLower(val) != "none" {
|
if ok && strings.ToLower(val) != "none" {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
|
@ -45,7 +45,7 @@ func Test_Policy_Autogen_All(t *testing.T) {
|
||||||
Name: "policy",
|
Name: "policy",
|
||||||
Namespace: "abcd",
|
Namespace: "abcd",
|
||||||
Annotations: map[string]string{
|
Annotations: map[string]string{
|
||||||
kyverno.PodControllersAnnotation: "all",
|
kyverno.AnnotationAutogenControllers: "all",
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
@ -44,7 +44,7 @@ type Policy struct {
|
||||||
// HasAutoGenAnnotation checks if a policy has auto-gen annotation
|
// HasAutoGenAnnotation checks if a policy has auto-gen annotation
|
||||||
func (p *Policy) HasAutoGenAnnotation() bool {
|
func (p *Policy) HasAutoGenAnnotation() bool {
|
||||||
annotations := p.GetAnnotations()
|
annotations := p.GetAnnotations()
|
||||||
val, ok := annotations[kyverno.PodControllersAnnotation]
|
val, ok := annotations[kyverno.AnnotationAutogenControllers]
|
||||||
if ok && strings.ToLower(val) != "none" {
|
if ok && strings.ToLower(val) != "none" {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
|
@ -127,7 +127,7 @@ func GetRequestedControllers(meta *metav1.ObjectMeta) []string {
|
||||||
if annotations == nil {
|
if annotations == nil {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
controllers, ok := annotations[kyverno.PodControllersAnnotation]
|
controllers, ok := annotations[kyverno.AnnotationAutogenControllers]
|
||||||
if !ok || controllers == "" {
|
if !ok || controllers == "" {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
@ -251,7 +251,7 @@ func computeRules(p kyvernov1.PolicyInterface) []kyvernov1.Rule {
|
||||||
desiredControllers = "none"
|
desiredControllers = "none"
|
||||||
}
|
}
|
||||||
ann := p.GetAnnotations()
|
ann := p.GetAnnotations()
|
||||||
actualControllers, ok := ann[kyverno.PodControllersAnnotation]
|
actualControllers, ok := ann[kyverno.AnnotationAutogenControllers]
|
||||||
if !ok || !applyAutoGen {
|
if !ok || !applyAutoGen {
|
||||||
actualControllers = desiredControllers
|
actualControllers = desiredControllers
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -281,22 +281,22 @@ func Test_GetRequestedControllers(t *testing.T) {
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
name: "annotation-empty",
|
name: "annotation-empty",
|
||||||
meta: metav1.ObjectMeta{Annotations: map[string]string{kyverno.PodControllersAnnotation: ""}},
|
meta: metav1.ObjectMeta{Annotations: map[string]string{kyverno.AnnotationAutogenControllers: ""}},
|
||||||
expectedControllers: nil,
|
expectedControllers: nil,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
name: "annotation-none",
|
name: "annotation-none",
|
||||||
meta: metav1.ObjectMeta{Annotations: map[string]string{kyverno.PodControllersAnnotation: "none"}},
|
meta: metav1.ObjectMeta{Annotations: map[string]string{kyverno.AnnotationAutogenControllers: "none"}},
|
||||||
expectedControllers: []string{},
|
expectedControllers: []string{},
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
name: "annotation-job",
|
name: "annotation-job",
|
||||||
meta: metav1.ObjectMeta{Annotations: map[string]string{kyverno.PodControllersAnnotation: "Job"}},
|
meta: metav1.ObjectMeta{Annotations: map[string]string{kyverno.AnnotationAutogenControllers: "Job"}},
|
||||||
expectedControllers: []string{"Job"},
|
expectedControllers: []string{"Job"},
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
name: "annotation-job-deployment",
|
name: "annotation-job-deployment",
|
||||||
meta: metav1.ObjectMeta{Annotations: map[string]string{kyverno.PodControllersAnnotation: "Job,Deployment"}},
|
meta: metav1.ObjectMeta{Annotations: map[string]string{kyverno.AnnotationAutogenControllers: "Job,Deployment"}},
|
||||||
expectedControllers: []string{"Job", "Deployment"},
|
expectedControllers: []string{"Job", "Deployment"},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
@ -1133,7 +1133,7 @@ func jsonPatchOnPod(rule kyvernov1.Rule) bool {
|
||||||
|
|
||||||
func podControllerAutoGenExclusion(policy kyvernov1.PolicyInterface) bool {
|
func podControllerAutoGenExclusion(policy kyvernov1.PolicyInterface) bool {
|
||||||
annotations := policy.GetAnnotations()
|
annotations := policy.GetAnnotations()
|
||||||
val, ok := annotations[kyverno.PodControllersAnnotation]
|
val, ok := annotations[kyverno.AnnotationAutogenControllers]
|
||||||
if !ok || val == "none" {
|
if !ok || val == "none" {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
Loading…
Add table
Reference in a new issue