adding label to clone source

2025-03-05 07:26:55 +00:00 · 2020-12-29 18:04:20 +05:30 · 2020-12-29 18:04:20 +05:30 · c66e2a7058
commit c66e2a7058
parent 1412b922f7
5 changed files with 87 additions and 3 deletions
--- a/cmd/kyverno/main.go
+++ b/cmd/kyverno/main.go
@ -359,7 +359,7 @@ func main() {
 	server.RunAsync(stopCh)

 	go backwardcompatibility.AddLabels(pclient, pInformer.Kyverno().V1().GenerateRequests())
-
+	go backwardcompatibility.AddCloneLabel(client, pInformer.Kyverno().V1().ClusterPolicies())
 	<-stopCh

 	// by default http.Server waits indefinitely for connections to return to idle and then shuts down
--- a/go.mod
+++ b/go.mod
@ -27,6 +27,7 @@ require (
 	github.com/onsi/gomega v1.8.1
 	github.com/ory/go-acc v0.2.6 // indirect
 	github.com/pkg/errors v0.9.1
+	github.com/prometheus/common v0.4.1
 	github.com/sirupsen/logrus v1.6.0 // indirect
 	github.com/spf13/cobra v1.0.0
 	github.com/stretchr/testify v1.5.1
--- a/go.sum
+++ b/go.sum
@ -40,7 +40,9 @@ github.com/StackExchange/wmi v0.0.0-20190523213315-cbe66965904d/go.mod h1:3eOhrU
 github.com/agnivade/levenshtein v1.0.1/go.mod h1:CURSv5d9Uaml+FovSIICkLbAUZ9S4RqaHDIsdSBg7lM=
 github.com/ahmetb/gen-crd-api-reference-docs v0.1.5/go.mod h1:P/XzJ+c2+khJKNKABcm2biRwk2QAuwbLf8DlXuaL7WM=
 github.com/alecthomas/participle v0.2.1/go.mod h1:SW6HZGeZgSIpcUWX3fXpfZhuaWHnmoD5KCVaqSaNTkk=
+github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc h1:cAKDfWh5VpdgMhJosfJnn5/FoN2SRZ4p7fJNX58YPaU=
 github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
+github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf h1:qet1QNfXsQxTZqLG4oE62mJzwPIB8+Tee4RNCL9ulrY=
 github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
 github.com/aliyun/aliyun-oss-go-sdk v0.0.0-20190307165228-86c17b95fcd5/go.mod h1:T/Aws4fEfogEE9v+HPhhw+CntffsBHJ8nXQCwKr0/g8=
 github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8=
@ -583,6 +585,7 @@ github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7q
 github.com/prometheus/common v0.0.0-20181126121408-4724e9255275/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
 github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
 github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
+github.com/prometheus/common v0.4.1 h1:K0MGApIoQvMw27RTdJkPbr3JZ7DNbtxQNyi5STVM6Kw=
 github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
 github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
 github.com/prometheus/procfs v0.0.0-20181204211112-1dc9a6cbc91a/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
@ -896,6 +899,7 @@ google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyac
 google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
 google.golang.org/grpc v1.26.0 h1:2dTRdpdFEEhJYQD8EMLB61nnrzSCTbG38PhqdhvOltg=
 google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
+gopkg.in/alecthomas/kingpin.v2 v2.2.6 h1:jMFz6MfLP0/4fUyZle81rXUoxOBFi19VUFKVDOQfozc=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d/go.mod h1:cuepJuh7vyXfUyUwEgHQXw849cJrilpS5NeIjOWESAw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
--- a/pkg/backward_compatibility/add_labels.go
+++ b/pkg/backward_compatibility/add_labels.go
@ -3,10 +3,12 @@ package backwardcompatibility
 import (
 	"context"
 	"fmt"
+	"strings"

 	kyvernoclient "github.com/kyverno/kyverno/pkg/client/clientset/versioned"
 	kyvernoinformer "github.com/kyverno/kyverno/pkg/client/informers/externalversions/kyverno/v1"
 	"github.com/kyverno/kyverno/pkg/config"
+	dclient "github.com/kyverno/kyverno/pkg/dclient"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
 )
@ -42,3 +44,77 @@ func AddLabels(client *kyvernoclient.Clientset, grInformer kyvernoinformer.Gener
 		}
 	}
 }
+
+// AddCloneLabel - add label to the source resource about the new clone
+func AddCloneLabel(client *dclient.Client, pInformer kyvernoinformer.ClusterPolicyInformer) {
+	// Get all the Generate Policies which has clone
+	// Get the resource with Kind, NameSpace, Name
+	// Add Policy name if label not found
+	policies, err := pInformer.Lister().List(labels.NewSelector())
+	if err != nil {
+		fmt.Println("error occurred while getting policy list")
+		fmt.Println(err)
+	}
+
+	for _, policy := range policies {
+		// policyHasClone := false
+		for _, rule := range policy.Spec.Rules {
+			if rule.HasGenerate() {
+				clone := rule.Generation.Clone
+				if clone.Name != "" {
+					namespace := clone.Namespace
+					name := clone.Name
+					kind := rule.Generation.Kind
+					obj, err := client.GetResource("", kind, namespace, name)
+
+					if err != nil {
+						fmt.Println("error occured while getting resource")
+						fmt.Println(err)
+					}
+					updateSource := true
+
+					// add label
+					label := obj.GetLabels()
+					if len(label) == 0 {
+						label = make(map[string]string)
+						label["generate.kyverno.io/clone-policy-name"] = policy.GetName()
+					} else {
+						if label["generate.kyverno.io/clone-policy-name"] != "" {
+							policyNames := label["generate.kyverno.io/clone-policy-name"]
+							if !strings.Contains(policyNames, policy.GetName()) {
+								policyNames = policyNames + "," + policy.GetName()
+								label["generate.kyverno.io/clone-policy-name"] = policyNames
+							} else {
+								updateSource = false
+							}
+						} else {
+							label["generate.kyverno.io/clone-policy-name"] = policy.GetName()
+						}
+					}
+
+					if updateSource {
+						fmt.Println("updating existing clone source")
+						obj.SetLabels(label)
+						_, err = client.UpdateResource(obj.GetAPIVersion(), kind, namespace, obj, false)
+						if err != nil {
+							fmt.Printf("failed to update source  name:%v namespace:%v kind:%v\n", obj.GetName(), obj.GetNamespace(), obj.GetKind())
+							return
+						}
+						fmt.Printf("updated source  name:%v namespace:%v kind:%v\n", obj.GetName(), obj.GetNamespace(), obj.GetKind())
+					}
+
+					// fmt.Println("-------------------------------------------------------------------------")
+					// fmt.Println("policy name: ", policy.Name)
+					// fmt.Println("rule name: ", rule.Name)
+					// fmt.Println("namespace: ", namespace)
+					// fmt.Println("name       ", name)
+					// fmt.Println("kind:      ", kind)
+					// b, _ := json.Marshal(obj)
+					// fmt.Println("Cloned resource: \n", string(b))
+					// fmt.Println("-------------------------------------------------------------------------")
+
+				}
+			}
+		}
+	}
+}
--- a/pkg/policy/validate_controller.go
+++ b/pkg/policy/validate_controller.go
@ -436,14 +436,17 @@ func deleteGR(kyvernoClient *kyvernoclient.Clientset, policyKey string, grList [
 	}
 }

-func 	(kyvernoClient *kyvernoclient.Clientset, policyKey string, grList []*kyverno.GenerateRequest, logger logr.Logger) {
+func updateGR(kyvernoClient *kyvernoclient.Clientset, policyKey string, grList []*kyverno.GenerateRequest, logger logr.Logger) {
 	for _, gr := range grList {
 		if policyKey == gr.Spec.Policy {
 			grLabels := gr.Labels
 			if grLabels == nil || len(grLabels) == 0 {
 				grLabels = make(map[string]string)
 			}
-			grLabels["policy-update"] = fmt.Sprintf("revision-count-%d", rand.Intn(100000))		
+			grLabels["policy-update"] = fmt.Sprintf("revision-count-%d", rand.Intn(100000))
+			// gr.SetLabels(map[string]string{
+			// 	"policy-update": fmt.Sprintf("revision-count-%d", rand.Intn(100000)),
+			// })
 			gr.SetLabels(grLabels)
 			_, err := kyvernoClient.KyvernoV1().GenerateRequests(config.KyvernoNamespace).Update(context.TODO(), gr, metav1.UpdateOptions{})
 			if err != nil {