From c66e2a70586f3dc2d205c10d2393e5e2986c8731 Mon Sep 17 00:00:00 2001 From: NoSkillGirl Date: Tue, 29 Dec 2020 18:04:20 +0530 Subject: [PATCH] adding label to clone source --- cmd/kyverno/main.go | 2 +- go.mod | 1 + go.sum | 4 ++ pkg/backward_compatibility/add_labels.go | 76 ++++++++++++++++++++++++ pkg/policy/validate_controller.go | 7 ++- 5 files changed, 87 insertions(+), 3 deletions(-) diff --git a/cmd/kyverno/main.go b/cmd/kyverno/main.go index a8b3268259..075ef77a52 100755 --- a/cmd/kyverno/main.go +++ b/cmd/kyverno/main.go @@ -359,7 +359,7 @@ func main() { server.RunAsync(stopCh) go backwardcompatibility.AddLabels(pclient, pInformer.Kyverno().V1().GenerateRequests()) - + go backwardcompatibility.AddCloneLabel(client, pInformer.Kyverno().V1().ClusterPolicies()) <-stopCh // by default http.Server waits indefinitely for connections to return to idle and then shuts down diff --git a/go.mod b/go.mod index ac51bb99b3..5e8e4bb71f 100644 --- a/go.mod +++ b/go.mod @@ -27,6 +27,7 @@ require ( github.com/onsi/gomega v1.8.1 github.com/ory/go-acc v0.2.6 // indirect github.com/pkg/errors v0.9.1 + github.com/prometheus/common v0.4.1 github.com/sirupsen/logrus v1.6.0 // indirect github.com/spf13/cobra v1.0.0 github.com/stretchr/testify v1.5.1 diff --git a/go.sum b/go.sum index 876f0dddb0..307d39c413 100644 --- a/go.sum +++ b/go.sum @@ -40,7 +40,9 @@ github.com/StackExchange/wmi v0.0.0-20190523213315-cbe66965904d/go.mod h1:3eOhrU github.com/agnivade/levenshtein v1.0.1/go.mod h1:CURSv5d9Uaml+FovSIICkLbAUZ9S4RqaHDIsdSBg7lM= github.com/ahmetb/gen-crd-api-reference-docs v0.1.5/go.mod h1:P/XzJ+c2+khJKNKABcm2biRwk2QAuwbLf8DlXuaL7WM= github.com/alecthomas/participle v0.2.1/go.mod h1:SW6HZGeZgSIpcUWX3fXpfZhuaWHnmoD5KCVaqSaNTkk= +github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc h1:cAKDfWh5VpdgMhJosfJnn5/FoN2SRZ4p7fJNX58YPaU= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= +github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf h1:qet1QNfXsQxTZqLG4oE62mJzwPIB8+Tee4RNCL9ulrY= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/aliyun/aliyun-oss-go-sdk v0.0.0-20190307165228-86c17b95fcd5/go.mod h1:T/Aws4fEfogEE9v+HPhhw+CntffsBHJ8nXQCwKr0/g8= github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= @@ -583,6 +585,7 @@ github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7q github.com/prometheus/common v0.0.0-20181126121408-4724e9255275/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= +github.com/prometheus/common v0.4.1 h1:K0MGApIoQvMw27RTdJkPbr3JZ7DNbtxQNyi5STVM6Kw= github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.0-20181204211112-1dc9a6cbc91a/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= @@ -896,6 +899,7 @@ google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyac google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.26.0 h1:2dTRdpdFEEhJYQD8EMLB61nnrzSCTbG38PhqdhvOltg= google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +gopkg.in/alecthomas/kingpin.v2 v2.2.6 h1:jMFz6MfLP0/4fUyZle81rXUoxOBFi19VUFKVDOQfozc= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d/go.mod h1:cuepJuh7vyXfUyUwEgHQXw849cJrilpS5NeIjOWESAw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/pkg/backward_compatibility/add_labels.go b/pkg/backward_compatibility/add_labels.go index 08a1b1535f..e4a14016d6 100644 --- a/pkg/backward_compatibility/add_labels.go +++ b/pkg/backward_compatibility/add_labels.go @@ -3,10 +3,12 @@ package backwardcompatibility import ( "context" "fmt" + "strings" kyvernoclient "github.com/kyverno/kyverno/pkg/client/clientset/versioned" kyvernoinformer "github.com/kyverno/kyverno/pkg/client/informers/externalversions/kyverno/v1" "github.com/kyverno/kyverno/pkg/config" + dclient "github.com/kyverno/kyverno/pkg/dclient" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/labels" ) @@ -42,3 +44,77 @@ func AddLabels(client *kyvernoclient.Clientset, grInformer kyvernoinformer.Gener } } } + +// AddCloneLabel - add label to the source resource about the new clone +func AddCloneLabel(client *dclient.Client, pInformer kyvernoinformer.ClusterPolicyInformer) { + // Get all the Generate Policies which has clone + // Get the resource with Kind, NameSpace, Name + // Add Policy name if label not found + policies, err := pInformer.Lister().List(labels.NewSelector()) + if err != nil { + fmt.Println("error occurred while getting policy list") + fmt.Println(err) + } + + for _, policy := range policies { + // policyHasClone := false + for _, rule := range policy.Spec.Rules { + if rule.HasGenerate() { + clone := rule.Generation.Clone + if clone.Name != "" { + namespace := clone.Namespace + name := clone.Name + kind := rule.Generation.Kind + obj, err := client.GetResource("", kind, namespace, name) + + if err != nil { + fmt.Println("error occured while getting resource") + fmt.Println(err) + } + updateSource := true + + // add label + label := obj.GetLabels() + if len(label) == 0 { + label = make(map[string]string) + label["generate.kyverno.io/clone-policy-name"] = policy.GetName() + } else { + if label["generate.kyverno.io/clone-policy-name"] != "" { + policyNames := label["generate.kyverno.io/clone-policy-name"] + if !strings.Contains(policyNames, policy.GetName()) { + policyNames = policyNames + "," + policy.GetName() + label["generate.kyverno.io/clone-policy-name"] = policyNames + } else { + updateSource = false + } + } else { + label["generate.kyverno.io/clone-policy-name"] = policy.GetName() + } + } + + if updateSource { + fmt.Println("updating existing clone source") + obj.SetLabels(label) + _, err = client.UpdateResource(obj.GetAPIVersion(), kind, namespace, obj, false) + if err != nil { + fmt.Printf("failed to update source name:%v namespace:%v kind:%v\n", obj.GetName(), obj.GetNamespace(), obj.GetKind()) + return + } + fmt.Printf("updated source name:%v namespace:%v kind:%v\n", obj.GetName(), obj.GetNamespace(), obj.GetKind()) + } + + // fmt.Println("-------------------------------------------------------------------------") + // fmt.Println("policy name: ", policy.Name) + // fmt.Println("rule name: ", rule.Name) + // fmt.Println("namespace: ", namespace) + // fmt.Println("name ", name) + // fmt.Println("kind: ", kind) + // b, _ := json.Marshal(obj) + // fmt.Println("Cloned resource: \n", string(b)) + // fmt.Println("-------------------------------------------------------------------------") + + } + } + } + } +} diff --git a/pkg/policy/validate_controller.go b/pkg/policy/validate_controller.go index 8d18587e1a..a3d3a3ab4b 100644 --- a/pkg/policy/validate_controller.go +++ b/pkg/policy/validate_controller.go @@ -436,14 +436,17 @@ func deleteGR(kyvernoClient *kyvernoclient.Clientset, policyKey string, grList [ } } -func (kyvernoClient *kyvernoclient.Clientset, policyKey string, grList []*kyverno.GenerateRequest, logger logr.Logger) { +func updateGR(kyvernoClient *kyvernoclient.Clientset, policyKey string, grList []*kyverno.GenerateRequest, logger logr.Logger) { for _, gr := range grList { if policyKey == gr.Spec.Policy { grLabels := gr.Labels if grLabels == nil || len(grLabels) == 0 { grLabels = make(map[string]string) } - grLabels["policy-update"] = fmt.Sprintf("revision-count-%d", rand.Intn(100000)) + grLabels["policy-update"] = fmt.Sprintf("revision-count-%d", rand.Intn(100000)) + // gr.SetLabels(map[string]string{ + // "policy-update": fmt.Sprintf("revision-count-%d", rand.Intn(100000)), + // }) gr.SetLabels(grLabels) _, err := kyvernoClient.KyvernoV1().GenerateRequests(config.KyvernoNamespace).Update(context.TODO(), gr, metav1.UpdateOptions{}) if err != nil {