mirror of
https://github.com/kyverno/kyverno.git
synced 2025-01-20 18:52:16 +00:00
refactor: use GetValidationFailureAction method (#3546)
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>
This commit is contained in:
parent
1cee8894e0
commit
cb6f55cdcd
8 changed files with 20 additions and 11 deletions
|
@ -132,6 +132,15 @@ func (s *Spec) BackgroundProcessingEnabled() bool {
|
|||
return *s.Background
|
||||
}
|
||||
|
||||
// GetValidationFailureAction returns the validation failure action to be applied
|
||||
func (s *Spec) GetValidationFailureAction() ValidationFailureAction {
|
||||
if s.ValidationFailureAction == "" {
|
||||
return Audit
|
||||
}
|
||||
|
||||
return s.ValidationFailureAction
|
||||
}
|
||||
|
||||
// ValidateRuleNames checks if the rule names are unique across a policy
|
||||
func (s *Spec) ValidateRuleNames(path *field.Path) (errs field.ErrorList) {
|
||||
names := sets.NewString()
|
||||
|
|
|
@ -72,7 +72,7 @@ func buildResponse(ctx *PolicyContext, resp *response.EngineResponse, startTime
|
|||
resp.PolicyResponse.Resource.Namespace = resp.PatchedResource.GetNamespace()
|
||||
resp.PolicyResponse.Resource.Kind = resp.PatchedResource.GetKind()
|
||||
resp.PolicyResponse.Resource.APIVersion = resp.PatchedResource.GetAPIVersion()
|
||||
resp.PolicyResponse.ValidationFailureAction = ctx.Policy.GetSpec().ValidationFailureAction
|
||||
resp.PolicyResponse.ValidationFailureAction = ctx.Policy.GetSpec().GetValidationFailureAction()
|
||||
|
||||
for _, v := range ctx.Policy.GetSpec().ValidationFailureActionOverrides {
|
||||
resp.PolicyResponse.ValidationFailureActionOverrides = append(resp.PolicyResponse.ValidationFailureActionOverrides, response.ValidationFailureActionOverride{Action: v.Action, Namespaces: v.Namespaces})
|
||||
|
|
|
@ -42,7 +42,7 @@ func (pc PromConfig) registerPolicyChangesMetric(
|
|||
func (pc PromConfig) RegisterPolicy(policy interface{}, policyChangeType PolicyChangeType) error {
|
||||
switch inputPolicy := policy.(type) {
|
||||
case *kyverno.ClusterPolicy:
|
||||
policyValidationMode, err := metrics.ParsePolicyValidationMode(inputPolicy.Spec.ValidationFailureAction)
|
||||
policyValidationMode, err := metrics.ParsePolicyValidationMode(inputPolicy.Spec.GetValidationFailureAction())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
@ -55,7 +55,7 @@ func (pc PromConfig) RegisterPolicy(policy interface{}, policyChangeType PolicyC
|
|||
}
|
||||
return nil
|
||||
case *kyverno.Policy:
|
||||
policyValidationMode, err := metrics.ParsePolicyValidationMode(inputPolicy.Spec.ValidationFailureAction)
|
||||
policyValidationMode, err := metrics.ParsePolicyValidationMode(inputPolicy.Spec.GetValidationFailureAction())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
@ -61,7 +61,7 @@ func (pc PromConfig) registerPolicyExecutionDurationMetric(
|
|||
//engineResponse - resource and rule related data
|
||||
func (pc PromConfig) ProcessEngineResponse(policy kyverno.PolicyInterface, engineResponse response.EngineResponse, executionCause metrics.RuleExecutionCause, generateRuleLatencyType string, resourceRequestOperation metrics.ResourceRequestOperation) error {
|
||||
|
||||
policyValidationMode, err := metrics.ParsePolicyValidationMode(policy.GetSpec().ValidationFailureAction)
|
||||
policyValidationMode, err := metrics.ParsePolicyValidationMode(policy.GetSpec().GetValidationFailureAction())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
@ -54,7 +54,7 @@ func (pc PromConfig) registerPolicyResultsMetric(
|
|||
//policy - policy related data
|
||||
//engineResponse - resource and rule related data
|
||||
func (pc PromConfig) ProcessEngineResponse(policy kyverno.PolicyInterface, engineResponse response.EngineResponse, executionCause metrics.RuleExecutionCause, resourceRequestOperation metrics.ResourceRequestOperation) error {
|
||||
policyValidationMode, err := metrics.ParsePolicyValidationMode(policy.GetSpec().ValidationFailureAction)
|
||||
policyValidationMode, err := metrics.ParsePolicyValidationMode(policy.GetSpec().GetValidationFailureAction())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
@ -65,7 +65,7 @@ func (pc PromConfig) registerPolicyRuleInfoMetric(
|
|||
func (pc PromConfig) AddPolicy(policy interface{}) error {
|
||||
switch inputPolicy := policy.(type) {
|
||||
case *kyverno.ClusterPolicy:
|
||||
policyValidationMode, err := metrics.ParsePolicyValidationMode(inputPolicy.Spec.ValidationFailureAction)
|
||||
policyValidationMode, err := metrics.ParsePolicyValidationMode(inputPolicy.Spec.GetValidationFailureAction())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
@ -85,7 +85,7 @@ func (pc PromConfig) AddPolicy(policy interface{}) error {
|
|||
}
|
||||
return nil
|
||||
case *kyverno.Policy:
|
||||
policyValidationMode, err := metrics.ParsePolicyValidationMode(inputPolicy.Spec.ValidationFailureAction)
|
||||
policyValidationMode, err := metrics.ParsePolicyValidationMode(inputPolicy.Spec.GetValidationFailureAction())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
@ -113,7 +113,7 @@ func (pc PromConfig) RemovePolicy(policy interface{}) error {
|
|||
switch inputPolicy := policy.(type) {
|
||||
case *kyverno.ClusterPolicy:
|
||||
for _, rule := range autogen.ComputeRules(inputPolicy) {
|
||||
policyValidationMode, err := metrics.ParsePolicyValidationMode(inputPolicy.Spec.ValidationFailureAction)
|
||||
policyValidationMode, err := metrics.ParsePolicyValidationMode(inputPolicy.Spec.GetValidationFailureAction())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
@ -132,7 +132,7 @@ func (pc PromConfig) RemovePolicy(policy interface{}) error {
|
|||
return nil
|
||||
case *kyverno.Policy:
|
||||
for _, rule := range autogen.ComputeRules(inputPolicy) {
|
||||
policyValidationMode, err := metrics.ParsePolicyValidationMode(inputPolicy.Spec.ValidationFailureAction)
|
||||
policyValidationMode, err := metrics.ParsePolicyValidationMode(inputPolicy.Spec.GetValidationFailureAction())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
@ -54,7 +54,7 @@ func (pc *PolicyController) registerPolicyChangesMetricUpdatePolicy(logger logr.
|
|||
logger.Error(err, "error occurred while registering kyverno_policy_changes_total metrics for the above policy's updation", "name", oldP.GetName())
|
||||
}
|
||||
// curP will require a new kyverno_policy_changes_total metric if the above update involved change in the following fields:
|
||||
if curSpec.Background != oldSpec.Background || curSpec.ValidationFailureAction != oldSpec.ValidationFailureAction {
|
||||
if curSpec.Background != oldSpec.Background || curSpec.GetValidationFailureAction() != oldSpec.GetValidationFailureAction() {
|
||||
err = policyChangesMetric.ParsePromConfig(*pc.promConfig).RegisterPolicy(curP, policyChangesMetric.PolicyUpdated)
|
||||
if err != nil {
|
||||
logger.Error(err, "error occurred while registering kyverno_policy_changes_total metrics for the above policy's updation", "name", curP.GetName())
|
||||
|
|
|
@ -29,7 +29,7 @@ func (m *pMap) add(policy kyverno.PolicyInterface) {
|
|||
defer m.lock.Unlock()
|
||||
|
||||
spec := policy.GetSpec()
|
||||
enforcePolicy := spec.ValidationFailureAction == kyverno.Enforce
|
||||
enforcePolicy := spec.GetValidationFailureAction() == kyverno.Enforce
|
||||
for _, k := range spec.ValidationFailureActionOverrides {
|
||||
if k.Action == kyverno.Enforce {
|
||||
enforcePolicy = true
|
||||
|
|
Loading…
Add table
Reference in a new issue