mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Code Activity

auto generating policy rules

Browse source
This commit is contained in:
NoSkillGirl 2020-07-11 17:52:52 +05:30
parent b23cfa9f93
commit c26a414182
3 changed files with 9 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
pkg/kyverno/apply/command.go
View file

@ -99,8 +99,12 @@ func Command() *cobra.Command {
newPolicies := make([]*v1.ClusterPolicy, 0) newPolicies := make([]*v1.ClusterPolicy, 0)
logger := log.Log.WithName("apply")
for _, policy := range policies { for _, policy := range policies {
patches, _ := policymutation.GenerateJSONPatchesForDefaults(policy, nil) patches, updateMsgs := policymutation.GenerateJSONPatchesForDefaults(policy, logger)
fmt.Println(updateMsgs)
type jsonPatch struct { type jsonPatch struct {
Path string `json:"path"` Path string `json:"path"`

19
pkg/policymutation/policymutation.go
View file

@ -37,11 +37,7 @@ func GenerateJSONPatchesForDefaults(policy *kyverno.ClusterPolicy, log logr.Logg
var errMsgs []string var errMsgs []string
for _, err := range errs { for _, err := range errs {
errMsgs = append(errMsgs, err.Error()) errMsgs = append(errMsgs, err.Error())
if log != nil { log.Error(err, "failed to generate pod controller rule")
log.Error(err, "failed to generate pod controller rule")
} else {
fmt.Println(err, " failed to generate pod controller rule")
}
} }
updateMsgs = append(updateMsgs, strings.Join(errMsgs, ";")) updateMsgs = append(updateMsgs, strings.Join(errMsgs, ";"))
} }
@ -91,9 +87,7 @@ func defaultvalidationFailureAction(policy *kyverno.ClusterPolicy, log logr.Logg
// set ValidationFailureAction to "audit" if not specified // set ValidationFailureAction to "audit" if not specified
Audit := common.Audit Audit := common.Audit
if policy.Spec.ValidationFailureAction == "" { if policy.Spec.ValidationFailureAction == "" {
if log != nil { log.V(4).Info("setting defautl value", "spec.validationFailureAction", Audit)
log.V(4).Info("setting defautl value", "spec.validationFailureAction", Audit)
}
jsonPatch := struct { jsonPatch := struct {
Path string `json:"path"` Path string `json:"path"`
@ -107,16 +101,11 @@ func defaultvalidationFailureAction(policy *kyverno.ClusterPolicy, log logr.Logg
patchByte, err := json.Marshal(jsonPatch) patchByte, err := json.Marshal(jsonPatch)
if err != nil { if err != nil {
if log != nil { log.Error(err, "failed to default value", "spec.validationFailureAction", Audit)
log.Error(err, "failed to default value", "spec.validationFailureAction", Audit)
}
fmt.Println(err, "failed to default value", "spec.validationFailureAction", Audit)
return nil, "" return nil, ""
} }
if log != nil { log.V(3).Info("generated JSON Patch to set default", "spec.validationFailureAction", Audit)
log.V(3).Info("generated JSON Patch to set default", "spec.validationFailureAction", Audit)
}
return patchByte, fmt.Sprintf("default 'ValidationFailureAction' to '%s'", Audit) return patchByte, fmt.Sprintf("default 'ValidationFailureAction' to '%s'", Audit)
} }

2
pkg/webhooks/policymutation.go
View file

@ -43,5 +43,3 @@ func (ws *WebhookServer) policyMutation(request *v1beta1.AdmissionRequest) *v1be
Allowed: true, Allowed: true,
} }
} }
// func GenerateJSONPatchesForDefaults(policy *kyverno.ClusterPolicy, log logr.Logger) ([]byte, []string) {