From ba9d00377450f65b9308fe2c11d3ab215271dd54 Mon Sep 17 00:00:00 2001 From: Jim Bugwadia Date: Wed, 3 Feb 2021 13:10:02 -0800 Subject: [PATCH] update APICall docs (#1534) Signed-off-by: Jim Bugwadia --- charts/kyverno/crds/crds.yaml | 12 ++++++------ .../crds/kyverno.io_clusterpolicies.yaml | 16 ++++++++++++---- definitions/crds/kyverno.io_policies.yaml | 16 ++++++++++++---- definitions/install.yaml | 12 ++++++------ definitions/install_debug.yaml | 12 ++++++------ pkg/api/kyverno/v1/policy_types.go | 18 +++++++++++++----- 6 files changed, 55 insertions(+), 31 deletions(-) diff --git a/charts/kyverno/crds/crds.yaml b/charts/kyverno/crds/crds.yaml index d81d3ebca0..065bb10e3f 100644 --- a/charts/kyverno/crds/crds.yaml +++ b/charts/kyverno/crds/crds.yaml @@ -53,13 +53,13 @@ spec: description: ContextEntry adds variables and data sources to a rule Context. Either a ConfigMap reference or a APILookup must be provided. properties: apiCall: - description: APICall is an API server request to retrieve data + description: APICall defines an HTTP request to the Kubernetes API server. The JSON data retrieved is stored in the context. properties: jmesPath: - description: JMESPath is an optional JSON Match Expression that can be used to transform the JSON response from the API server. + description: JMESPath is an optional JSON Match Expression that can be used to transform the JSON response returned from the API server. For example a JMESPath of "items | length(@)" applied to the API server response to the URLPath "/apis/apps/v1/deployments" will return the total count of deployments across all namespaces. type: string urlPath: - description: URLPath is the URL path to be used in the HTTP GET request + description: URLPath is the URL path to be used in the HTTP GET request to the Kubernetes API server (e.g. "/api/v1/namespaces" or "/apis/apps/v1/deployments"). The format required is the same format used by the `kubectl get --raw` command. type: string required: - urlPath @@ -1276,13 +1276,13 @@ spec: description: ContextEntry adds variables and data sources to a rule Context. Either a ConfigMap reference or a APILookup must be provided. properties: apiCall: - description: APICall is an API server request to retrieve data + description: APICall defines an HTTP request to the Kubernetes API server. The JSON data retrieved is stored in the context. properties: jmesPath: - description: JMESPath is an optional JSON Match Expression that can be used to transform the JSON response from the API server. + description: JMESPath is an optional JSON Match Expression that can be used to transform the JSON response returned from the API server. For example a JMESPath of "items | length(@)" applied to the API server response to the URLPath "/apis/apps/v1/deployments" will return the total count of deployments across all namespaces. type: string urlPath: - description: URLPath is the URL path to be used in the HTTP GET request + description: URLPath is the URL path to be used in the HTTP GET request to the Kubernetes API server (e.g. "/api/v1/namespaces" or "/apis/apps/v1/deployments"). The format required is the same format used by the `kubectl get --raw` command. type: string required: - urlPath diff --git a/definitions/crds/kyverno.io_clusterpolicies.yaml b/definitions/crds/kyverno.io_clusterpolicies.yaml index 3d118074a7..87c998694c 100644 --- a/definitions/crds/kyverno.io_clusterpolicies.yaml +++ b/definitions/crds/kyverno.io_clusterpolicies.yaml @@ -71,17 +71,25 @@ spec: must be provided. properties: apiCall: - description: APICall is an API server request to retrieve - data + description: APICall defines an HTTP request to the Kubernetes + API server. The JSON data retrieved is stored in the + context. properties: jmesPath: description: JMESPath is an optional JSON Match Expression that can be used to transform the JSON response - from the API server. + returned from the API server. For example a JMESPath + of "items | length(@)" applied to the API server + response to the URLPath "/apis/apps/v1/deployments" + will return the total count of deployments across + all namespaces. type: string urlPath: description: URLPath is the URL path to be used in - the HTTP GET request + the HTTP GET request to the Kubernetes API server + (e.g. "/api/v1/namespaces" or "/apis/apps/v1/deployments"). + The format required is the same format used by the + `kubectl get --raw` command. type: string required: - urlPath diff --git a/definitions/crds/kyverno.io_policies.yaml b/definitions/crds/kyverno.io_policies.yaml index 29582b5eca..729ad57202 100644 --- a/definitions/crds/kyverno.io_policies.yaml +++ b/definitions/crds/kyverno.io_policies.yaml @@ -72,17 +72,25 @@ spec: must be provided. properties: apiCall: - description: APICall is an API server request to retrieve - data + description: APICall defines an HTTP request to the Kubernetes + API server. The JSON data retrieved is stored in the + context. properties: jmesPath: description: JMESPath is an optional JSON Match Expression that can be used to transform the JSON response - from the API server. + returned from the API server. For example a JMESPath + of "items | length(@)" applied to the API server + response to the URLPath "/apis/apps/v1/deployments" + will return the total count of deployments across + all namespaces. type: string urlPath: description: URLPath is the URL path to be used in - the HTTP GET request + the HTTP GET request to the Kubernetes API server + (e.g. "/api/v1/namespaces" or "/apis/apps/v1/deployments"). + The format required is the same format used by the + `kubectl get --raw` command. type: string required: - urlPath diff --git a/definitions/install.yaml b/definitions/install.yaml index 7989ac4626..3688d5da12 100644 --- a/definitions/install.yaml +++ b/definitions/install.yaml @@ -58,13 +58,13 @@ spec: description: ContextEntry adds variables and data sources to a rule Context. Either a ConfigMap reference or a APILookup must be provided. properties: apiCall: - description: APICall is an API server request to retrieve data + description: APICall defines an HTTP request to the Kubernetes API server. The JSON data retrieved is stored in the context. properties: jmesPath: - description: JMESPath is an optional JSON Match Expression that can be used to transform the JSON response from the API server. + description: JMESPath is an optional JSON Match Expression that can be used to transform the JSON response returned from the API server. For example a JMESPath of "items | length(@)" applied to the API server response to the URLPath "/apis/apps/v1/deployments" will return the total count of deployments across all namespaces. type: string urlPath: - description: URLPath is the URL path to be used in the HTTP GET request + description: URLPath is the URL path to be used in the HTTP GET request to the Kubernetes API server (e.g. "/api/v1/namespaces" or "/apis/apps/v1/deployments"). The format required is the same format used by the `kubectl get --raw` command. type: string required: - urlPath @@ -1177,13 +1177,13 @@ spec: description: ContextEntry adds variables and data sources to a rule Context. Either a ConfigMap reference or a APILookup must be provided. properties: apiCall: - description: APICall is an API server request to retrieve data + description: APICall defines an HTTP request to the Kubernetes API server. The JSON data retrieved is stored in the context. properties: jmesPath: - description: JMESPath is an optional JSON Match Expression that can be used to transform the JSON response from the API server. + description: JMESPath is an optional JSON Match Expression that can be used to transform the JSON response returned from the API server. For example a JMESPath of "items | length(@)" applied to the API server response to the URLPath "/apis/apps/v1/deployments" will return the total count of deployments across all namespaces. type: string urlPath: - description: URLPath is the URL path to be used in the HTTP GET request + description: URLPath is the URL path to be used in the HTTP GET request to the Kubernetes API server (e.g. "/api/v1/namespaces" or "/apis/apps/v1/deployments"). The format required is the same format used by the `kubectl get --raw` command. type: string required: - urlPath diff --git a/definitions/install_debug.yaml b/definitions/install_debug.yaml index 2dc7da84ff..662e6908e8 100755 --- a/definitions/install_debug.yaml +++ b/definitions/install_debug.yaml @@ -58,13 +58,13 @@ spec: description: ContextEntry adds variables and data sources to a rule Context. Either a ConfigMap reference or a APILookup must be provided. properties: apiCall: - description: APICall is an API server request to retrieve data + description: APICall defines an HTTP request to the Kubernetes API server. The JSON data retrieved is stored in the context. properties: jmesPath: - description: JMESPath is an optional JSON Match Expression that can be used to transform the JSON response from the API server. + description: JMESPath is an optional JSON Match Expression that can be used to transform the JSON response returned from the API server. For example a JMESPath of "items | length(@)" applied to the API server response to the URLPath "/apis/apps/v1/deployments" will return the total count of deployments across all namespaces. type: string urlPath: - description: URLPath is the URL path to be used in the HTTP GET request + description: URLPath is the URL path to be used in the HTTP GET request to the Kubernetes API server (e.g. "/api/v1/namespaces" or "/apis/apps/v1/deployments"). The format required is the same format used by the `kubectl get --raw` command. type: string required: - urlPath @@ -1177,13 +1177,13 @@ spec: description: ContextEntry adds variables and data sources to a rule Context. Either a ConfigMap reference or a APILookup must be provided. properties: apiCall: - description: APICall is an API server request to retrieve data + description: APICall defines an HTTP request to the Kubernetes API server. The JSON data retrieved is stored in the context. properties: jmesPath: - description: JMESPath is an optional JSON Match Expression that can be used to transform the JSON response from the API server. + description: JMESPath is an optional JSON Match Expression that can be used to transform the JSON response returned from the API server. For example a JMESPath of "items | length(@)" applied to the API server response to the URLPath "/apis/apps/v1/deployments" will return the total count of deployments across all namespaces. type: string urlPath: - description: URLPath is the URL path to be used in the HTTP GET request + description: URLPath is the URL path to be used in the HTTP GET request to the Kubernetes API server (e.g. "/api/v1/namespaces" or "/apis/apps/v1/deployments"). The format required is the same format used by the `kubectl get --raw` command. type: string required: - urlPath diff --git a/pkg/api/kyverno/v1/policy_types.go b/pkg/api/kyverno/v1/policy_types.go index dcf7b9478e..b57f6fc4db 100755 --- a/pkg/api/kyverno/v1/policy_types.go +++ b/pkg/api/kyverno/v1/policy_types.go @@ -108,7 +108,8 @@ type ContextEntry struct { // ConfigMap is the ConfigMap reference. ConfigMap *ConfigMapReference `json:"configMap,omitempty" yaml:"configMap,omitempty"` - // APICall is an API server request to retrieve data + // APICall defines an HTTP request to the Kubernetes API server. The JSON + // data retrieved is stored in the context. APICall *APICall `json:"apiCall,omitempty" yaml:"apiCall,omitempty"` } @@ -122,15 +123,22 @@ type ConfigMapReference struct { Namespace string `json:"namespace,omitempty" yaml:"namespace,omitempty"` } -// APICall contains an API server URL path used to perform an HTTP GET request -// and an optional JMESPath to transform the retrieved data. +// APICall defines an HTTP request to the Kubernetes API server. The JSON +// data retrieved is stored in the context. An APICall contains a URLPath +// used to perform the HTTP GET request and an optional JMESPath used to +// transform the retrieved JSON data. type APICall struct { - // URLPath is the URL path to be used in the HTTP GET request + // URLPath is the URL path to be used in the HTTP GET request to the + // Kubernetes API server (e.g. "/api/v1/namespaces" or "/apis/apps/v1/deployments"). + // The format required is the same format used by the `kubectl get --raw` command. URLPath string `json:"urlPath" yaml:"urlPath"` // JMESPath is an optional JSON Match Expression that can be used to - // transform the JSON response from the API server. + // transform the JSON response returned from the API server. For example + // a JMESPath of "items | length(@)" applied to the API server response + // to the URLPath "/apis/apps/v1/deployments" will return the total count + // of deployments across all namespaces. // +optional JMESPath string `json:"jmesPath,omitempty" yaml:"jmesPath,omitempty"` }