refactor: utils for warnings and unit tests (#4523)

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2025-03-31 03:45:17 +00:00 · 2022-09-07 16:01:42 +02:00 · 2022-09-07 16:01:42 +02:00 · c8bbb5bead
commit c8bbb5bead
parent f0622a8a3b
5 changed files with 129 additions and 17 deletions
--- a/pkg/webhooks/resource/handlers.go
+++ b/pkg/webhooks/resource/handlers.go
@ -227,7 +227,7 @@ func (h *handlers) applyMutatePolicies(logger logr.Logger, request *admissionv1.
 	go h.registerAdmissionReviewDurationMetricMutate(logger, string(request.Operation), mutateEngineResponses, admissionReviewLatencyDuration)
 	go h.registerAdmissionRequestsMetricMutate(logger, string(request.Operation), mutateEngineResponses)

-	warnings := getWarningMessages(mutateEngineResponses)
+	warnings := webhookutils.GetWarningMessages(mutateEngineResponses)
 	return mutatePatches, warnings, nil
 }

@ -376,7 +376,7 @@ func (h *handlers) handleVerifyImages(logger logr.Logger, request *admissionv1.A
 		}
 	}

-	warnings := getWarningMessages(engineResponses)
+	warnings := webhookutils.GetWarningMessages(engineResponses)
 	return true, "", jsonutils.JoinPatches(patches...), warnings
 }

--- a/pkg/webhooks/resource/utils.go
+++ b/pkg/webhooks/resource/utils.go
@ -134,20 +134,6 @@ func getBlockedMessages(engineResponses []*response.EngineResponse) string {
 	return msg
 }

-func getWarningMessages(engineResponses []*response.EngineResponse) []string {
-	var warnings []string
-	for _, er := range engineResponses {
-		for _, rule := range er.PolicyResponse.Rules {
-			if rule.Status != response.RuleStatusPass {
-				msg := fmt.Sprintf("policy %s.%s: %s", er.Policy.GetName(), rule.Name, rule.Message)
-				warnings = append(warnings, msg)
-			}
-		}
-	}
-
-	return warnings
-}
-
 func getAction(hasViolations bool, i int) string {
 	action := "error"
 	if hasViolations {
--- a/pkg/webhooks/resource/validation.go
+++ b/pkg/webhooks/resource/validation.go
@ -12,6 +12,7 @@ import (
 	"github.com/kyverno/kyverno/pkg/metrics"
 	"github.com/kyverno/kyverno/pkg/policyreport"
 	admissionutils "github.com/kyverno/kyverno/pkg/utils/admission"
+	webhookutils "github.com/kyverno/kyverno/pkg/webhooks/utils"
 	admissionv1 "k8s.io/api/admission/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
@ -98,7 +99,7 @@ func (v *validationHandler) handleValidation(
 	v.generateReportChangeRequests(request, engineResponses, policyContext, logger)
 	v.generateMetrics(request, admissionRequestTimestamp, engineResponses, metricsConfig, logger)

-	warnings := getWarningMessages(engineResponses)
+	warnings := webhookutils.GetWarningMessages(engineResponses)
 	return true, "", warnings
 }

--- a/pkg/webhooks/utils/warning.go
+++ b/pkg/webhooks/utils/warning.go
@ -0,0 +1,21 @@
+package utils
+
+import (
+	"fmt"
+
+	"github.com/kyverno/kyverno/pkg/engine/response"
+)
+
+func GetWarningMessages(engineResponses []*response.EngineResponse) []string {
+	var warnings []string
+	for _, er := range engineResponses {
+		for _, rule := range er.PolicyResponse.Rules {
+			if rule.Status != response.RuleStatusPass {
+				msg := fmt.Sprintf("policy %s.%s: %s", er.Policy.GetName(), rule.Name, rule.Message)
+				warnings = append(warnings, msg)
+			}
+		}
+	}
+
+	return warnings
+}
--- a/pkg/webhooks/utils/warning_test.go
+++ b/pkg/webhooks/utils/warning_test.go
@ -0,0 +1,104 @@
+package utils
+
+import (
+	"testing"
+
+	v1 "github.com/kyverno/kyverno/api/kyverno/v1"
+	"github.com/kyverno/kyverno/pkg/engine/response"
+	"github.com/stretchr/testify/assert"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+func TestGetWarningMessages(t *testing.T) {
+	type args struct {
+		engineResponses []*response.EngineResponse
+	}
+	tests := []struct {
+		name string
+		args args
+		want []string
+	}{{
+		name: "nil response",
+		args: args{nil},
+		want: nil,
+	}, {
+		name: "enmpty response",
+		args: args{[]*response.EngineResponse{}},
+		want: nil,
+	}, {
+		name: "warning",
+		args: args{[]*response.EngineResponse{
+			{
+				Policy: &v1.ClusterPolicy{
+					ObjectMeta: metav1.ObjectMeta{
+						Name: "test",
+					},
+				},
+				PolicyResponse: response.PolicyResponse{
+					Rules: []response.RuleResponse{
+						{
+							Name:    "rule",
+							Status:  response.RuleStatusWarn,
+							Message: "message warn",
+						},
+					},
+				},
+			},
+		}},
+		want: []string{
+			"policy test.rule: message warn",
+		},
+	}, {
+		name: "multiple rules",
+		args: args{[]*response.EngineResponse{
+			{
+				Policy: &v1.ClusterPolicy{
+					ObjectMeta: metav1.ObjectMeta{
+						Name: "test",
+					},
+				},
+				PolicyResponse: response.PolicyResponse{
+					Rules: []response.RuleResponse{
+						{
+							Name:    "rule-pass",
+							Status:  response.RuleStatusPass,
+							Message: "message pass",
+						},
+						{
+							Name:    "rule-warn",
+							Status:  response.RuleStatusWarn,
+							Message: "message warn",
+						},
+						{
+							Name:    "rule-fail",
+							Status:  response.RuleStatusFail,
+							Message: "message fail",
+						},
+						{
+							Name:    "rule-error",
+							Status:  response.RuleStatusError,
+							Message: "message error",
+						},
+						{
+							Name:    "rule-skip",
+							Status:  response.RuleStatusSkip,
+							Message: "message skip",
+						},
+					},
+				},
+			},
+		}},
+		want: []string{
+			"policy test.rule-warn: message warn",
+			"policy test.rule-fail: message fail",
+			"policy test.rule-error: message error",
+			"policy test.rule-skip: message skip",
+		},
+	}}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got := GetWarningMessages(tt.args.engineResponses)
+			assert.Equal(t, tt.want, got)
+		})
+	}
+}