mirror of
https://github.com/kyverno/kyverno.git
synced 2024-12-14 11:57:48 +00:00
suppress violation on evicted pod
This commit is contained in:
Shuting Zhao
parent
fd0e96b551
commit
cca1451751
1 changed files with 16 additions and 0 deletions
|
|
@ -11,6 +11,7 @@ import (
|
|||
client "github.com/nirmata/kyverno/pkg/dclient"
|
||||
"github.com/nirmata/kyverno/pkg/policystatus"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
unstructedv1 "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
||||
)
|
||||
|
||||
//NamespacedPV ...
|
||||
|
|
@ -97,6 +98,12 @@ func (nspv *namespacedPV) createPV(newPv *kyverno.PolicyViolation) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
if newPv.Spec.ResourceSpec.Kind == "Pod" {
|
||||
if isEvictedPod(obj.Object) {
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// set owner reference to resource
|
||||
ownerRef, ok := createOwnerReference(obj)
|
||||
if !ok {
|
||||
|
|
@ -142,3 +149,12 @@ func (nspv *namespacedPV) updatePV(newPv, oldPv *kyverno.PolicyViolation) error
|
|||
logger.Info("namespaced policy violation created")
|
||||
return nil
|
||||
}
|
||||
|
||||
func isEvictedPod(pod map[string]interface{}) bool {
|
||||
reason, ok, _ := unstructedv1.NestedString(pod, "status", "reason")
|
||||
if !ok {
|
||||
return false
|
||||
}
|
||||
|
||||
return reason == "Evicted"
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue