create events for cleanup policies (#5982)

Signed-off-by: ShutingZhao <shuting@nirmata.com>

Signed-off-by: ShutingZhao <shuting@nirmata.com>

charts/kyverno/templates/cleanup-controller/clusterrole.yaml

@@ -64,6 +64,13 @@ rules:
       - list
       - update
       - watch
+  - apiGroups:
+    - ""
+    resources:
+    - events
+    verbs:
+    - create
+    - patch
 {{- with .Values.cleanupController.rbac.clusterRole.extraResources }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1

cmd/cleanup-controller/handlers/cleanup/event.go

@@ -0,0 +1,18 @@
+package cleanup
+
+import (
+	"github.com/kyverno/kyverno/pkg/client/clientset/versioned/scheme"
+	"github.com/kyverno/kyverno/pkg/clients/dclient"
+	corev1 "k8s.io/api/core/v1"
+	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
+	typedcorev1 "k8s.io/client-go/kubernetes/typed/core/v1"
+	"k8s.io/client-go/tools/record"
+)
+
+func newRecorder(client dclient.Interface) record.EventRecorder {
+	utilruntime.Must(scheme.AddToScheme(scheme.Scheme))
+	eventBroadcaster := record.NewBroadcaster()
+	eventBroadcaster.StartStructuredLogging(0)
+	eventBroadcaster.StartRecordingToSink(&typedcorev1.EventSinkImpl{Interface: client.GetEventsInterface()})
+	return eventBroadcaster.NewRecorder(scheme.Scheme, corev1.EventSource{Component: "cleanup-controller"})
+}

cmd/cleanup-controller/handlers/cleanup/handlers.go

@@ -2,6 +2,7 @@ package cleanup
 
 import (
 	"context"
+	"fmt"
 	"time"
 
 	"github.com/go-logr/logr"
@@ -11,12 +12,17 @@ import (
 	"github.com/kyverno/kyverno/pkg/clients/dclient"
 	"github.com/kyverno/kyverno/pkg/config"
 	enginecontext "github.com/kyverno/kyverno/pkg/engine/context"
+	"github.com/kyverno/kyverno/pkg/event"
 	controllerutils "github.com/kyverno/kyverno/pkg/utils/controller"
 	"github.com/kyverno/kyverno/pkg/utils/match"
 	"go.uber.org/multierr"
+	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/util/sets"
 	corev1listers "k8s.io/client-go/listers/core/v1"
 	"k8s.io/client-go/tools/cache"
+	"k8s.io/client-go/tools/record"
 )
 
 type handlers struct {
@@ -24,6 +30,7 @@ type handlers struct {
 	cpolLister kyvernov2alpha1listers.ClusterCleanupPolicyLister
 	polLister  kyvernov2alpha1listers.CleanupPolicyLister
 	nsLister   corev1listers.NamespaceLister
+	recorder   record.EventRecorder
 }
 
 func New(
@@ -37,6 +44,7 @@ func New(
 		cpolLister: cpolLister,
 		polLister:  polLister,
 		nsLister:   nsLister,
+		recorder:   newRecorder(client),
 	}
 }
 
@@ -164,6 +172,7 @@ func (h *handlers) executePolicy(ctx context.Context, logger logr.Logger, policy
 						errs = append(errs, err)
 					} else {
 						debug.Info("deleted")
+						h.createEvent(policy, resource)
 					}
 				}
 			}
@@ -171,3 +180,16 @@ func (h *handlers) executePolicy(ctx context.Context, logger logr.Logger, policy
 	}
 	return multierr.Combine(errs...)
 }
+
+func (h *handlers) createEvent(policy kyvernov2alpha1.CleanupPolicyInterface, resource unstructured.Unstructured) {
+	msg := fmt.Sprintf("successfully cleaned up the target resource %v/%v/%v", resource.GetKind(), resource.GetNamespace(), resource.GetName())
+
+	var cleanuppol runtime.Object
+	if policy.GetNamespace() == "" {
+		cleanuppol = policy.(*kyvernov2alpha1.ClusterCleanupPolicy)
+	} else if policy.GetNamespace() != "" {
+		cleanuppol = policy.(*kyvernov2alpha1.CleanupPolicy)
+	}
+
+	h.recorder.Event(cleanuppol, corev1.EventTypeNormal, event.PolicyApplied.String(), msg)
+}

config/install.yaml

@@ -31510,6 +31510,13 @@ rules:
       - list
       - update
       - watch
+  - apiGroups:
+    - ""
+    resources:
+    - events
+    verbs:
+    - create
+    - patch
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole