mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-16 04:28:42 +00:00
Code Activity

converting patches to patchesJSON6902 (#1115)

Browse source 
* converting patches to patchesJSON6902

* updated readme

* removed patch section from readme
This commit is contained in:
Pooja Singh 2020-09-16 23:23:05 +05:30 committed by GitHub
parent 3fa745bc3e
commit ba5c656d76
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 51 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
documentation/writing-policies-mutate.md
View file

@ -138,6 +138,8 @@ spec:
Note, that if **remove** operation cannot be applied, then this **remove** operation will be skipped with no error. Note, that if **remove** operation cannot be applied, then this **remove** operation will be skipped with no error.
## Strategic Merge Patch ## Strategic Merge Patch
A `patchStrategicMerge` patch is [stategic-merge](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-api-machinery/strategic-merge-patch.md)-style patch. The `patchStrategicMerge` overlay resolves to a partial resource definition. A `patchStrategicMerge` patch is [stategic-merge](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-api-machinery/strategic-merge-patch.md)-style patch. The `patchStrategicMerge` overlay resolves to a partial resource definition.

49
pkg/policymutation/policymutation.go
View file

@ -44,9 +44,58 @@ func GenerateJSONPatchesForDefaults(policy *kyverno.ClusterPolicy, log logr.Logg
patches = append(patches, patch...) patches = append(patches, patch...)
convertPatch, errs := convertPatchToJSON6902(policy, log)
if len(errs) > 0 {
var errMsgs []string
for _, err := range errs {
errMsgs = append(errMsgs, err.Error())
log.Error(err, "failed to generate pod controller rule")
}
updateMsgs = append(updateMsgs, strings.Join(errMsgs, ";"))
}
patches = append(patches, convertPatch...)
return utils.JoinPatches(patches), updateMsgs return utils.JoinPatches(patches), updateMsgs
} }
func convertPatchToJSON6902(policy *kyverno.ClusterPolicy, log logr.Logger) (patches [][]byte, errs []error) {
patches = make([][]byte, 0)
for i, rule := range policy.Spec.Rules {
if !reflect.DeepEqual(rule.Mutation, kyverno.Mutation{}) {
if len(rule.Mutation.Patches) > 0 {
mutation := rule.Mutation
patchesJSON6902 := ""
for _, patch := range mutation.Patches {
patchesJSON6902 += fmt.Sprintf("- path : %s\n op : %s\n value: %s\n", patch.Path, patch.Operation, patch.Value)
}
mutation.PatchesJSON6902 = patchesJSON6902
mutation.Patches = []kyverno.Patch{}
jsonPatch := struct {
Path string `json:"path"`
Op string `json:"op"`
Value *kyverno.Mutation `json:"value"`
}{
fmt.Sprintf("/spec/rules/%s/mutate", strconv.Itoa(i)),
"replace",
&mutation,
}
patchByte, err := json.Marshal(jsonPatch)
if err != nil {
errs = append(errs, fmt.Errorf("failed to convert patch to patchesJson6902 for policy '%s': %v", policy.Name, err))
}
patches = append(patches, patchByte)
}
}
}
return patches, errs
}
func defaultBackgroundFlag(policy *kyverno.ClusterPolicy, log logr.Logger) ([]byte, string) { func defaultBackgroundFlag(policy *kyverno.ClusterPolicy, log logr.Logger) ([]byte, string) {
// set 'Background' flag to 'true' if not specified // set 'Background' flag to 'true' if not specified
defaultVal := true defaultVal := true