mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-31 03:45:17 +00:00
Code Activity

refactor: add policy event listener in ur controller (#4012)

Browse source 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
This commit is contained in:
Charles-Edouard Brétéché 2022-05-24 16:41:17 +02:00 committed by GitHub
parent b967d7388b
commit cd1fa030ee
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 30 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

60
pkg/background/update_request_controller.go
View file

@ -5,7 +5,6 @@ import (
"fmt" "fmt"
"time" "time"
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
kyvernov1beta1 "github.com/kyverno/kyverno/api/kyverno/v1beta1" kyvernov1beta1 "github.com/kyverno/kyverno/api/kyverno/v1beta1"
common "github.com/kyverno/kyverno/pkg/background/common" common "github.com/kyverno/kyverno/pkg/background/common"
"github.com/kyverno/kyverno/pkg/background/generate" "github.com/kyverno/kyverno/pkg/background/generate"
@ -46,11 +45,11 @@ type controller struct {
kyvernoClient kyvernoclient.Interface kyvernoClient kyvernoclient.Interface
// listers // listers
policyLister kyvernov1listers.ClusterPolicyLister cpolLister kyvernov1listers.ClusterPolicyLister
npolicyLister kyvernov1listers.PolicyLister polLister kyvernov1listers.PolicyLister
urLister kyvernov1beta1listers.UpdateRequestNamespaceLister urLister kyvernov1beta1listers.UpdateRequestNamespaceLister
nsLister corev1listers.NamespaceLister nsLister corev1listers.NamespaceLister
podLister corev1listers.PodLister podLister corev1listers.PodLister
// queue // queue
queue workqueue.RateLimitingInterface queue workqueue.RateLimitingInterface
@ -64,8 +63,8 @@ func NewController(
kubeClient kubernetes.Interface, kubeClient kubernetes.Interface,
kyvernoClient kyvernoclient.Interface, kyvernoClient kyvernoclient.Interface,
client dclient.Interface, client dclient.Interface,
policyInformer kyvernov1informers.ClusterPolicyInformer, cpolInformer kyvernov1informers.ClusterPolicyInformer,
npolicyInformer kyvernov1informers.PolicyInformer, polInformer kyvernov1informers.PolicyInformer,
urInformer kyvernov1beta1informers.UpdateRequestInformer, urInformer kyvernov1beta1informers.UpdateRequestInformer,
namespaceInformer corev1informers.NamespaceInformer, namespaceInformer corev1informers.NamespaceInformer,
podInformer corev1informers.PodInformer, podInformer corev1informers.PodInformer,
@ -76,8 +75,8 @@ func NewController(
c := controller{ c := controller{
client: client, client: client,
kyvernoClient: kyvernoClient, kyvernoClient: kyvernoClient,
policyLister: policyInformer.Lister(), cpolLister: cpolInformer.Lister(),
npolicyLister: npolicyInformer.Lister(), polLister: polInformer.Lister(),
urLister: urLister, urLister: urLister,
nsLister: namespaceInformer.Lister(), nsLister: namespaceInformer.Lister(),
podLister: podInformer.Lister(), podLister: podInformer.Lister(),
@ -90,7 +89,11 @@ func NewController(
UpdateFunc: c.updateUR, UpdateFunc: c.updateUR,
DeleteFunc: c.deleteUR, DeleteFunc: c.deleteUR,
}) })
policyInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{ cpolInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
UpdateFunc: c.updatePolicy, // We only handle updates to policy
// Deletion of policy will be handled by cleanup controller
})
polInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
UpdateFunc: c.updatePolicy, // We only handle updates to policy UpdateFunc: c.updatePolicy, // We only handle updates to policy
// Deletion of policy will be handled by cleanup controller // Deletion of policy will be handled by cleanup controller
}) })
@ -221,24 +224,21 @@ func (c *controller) enqueueUpdateRequest(obj interface{}) {
c.queue.Add(key) c.queue.Add(key)
} }
func (c *controller) updatePolicy(old, cur interface{}) { func (c *controller) updatePolicy(_, obj interface{}) {
oldP := old.(*kyvernov1.ClusterPolicy) key, err := cache.MetaNamespaceKeyFunc(obj)
curP := cur.(*kyvernov1.ClusterPolicy)
if oldP.ResourceVersion == curP.ResourceVersion {
return
}
logger.V(4).Info("updating policy", "name", oldP.Name)
urs, err := c.urLister.GetUpdateRequestsForClusterPolicy(curP.Name)
if err != nil { if err != nil {
logger.Error(err, "failed to update request for policy", "name", curP.Name) logger.Error(err, "failed to compute policy key")
return } else {
} logger.V(4).Info("updating policy", "key", key)
urs, err := c.urLister.GetUpdateRequestsForClusterPolicy(key)
// re-evaluate the UR as the policy was updated if err != nil {
for _, ur := range urs { logger.Error(err, "failed to list update requests for policy", "key", key)
c.enqueueUpdateRequest(ur) return
}
// re-evaluate the UR as the policy was updated
for _, ur := range urs {
c.enqueueUpdateRequest(ur)
}
} }
} }
@ -274,10 +274,10 @@ func (c *controller) processUR(ur *kyvernov1beta1.UpdateRequest) error {
statusControl := common.NewStatusControl(c.kyvernoClient, c.urLister) statusControl := common.NewStatusControl(c.kyvernoClient, c.urLister)
switch ur.Spec.Type { switch ur.Spec.Type {
case kyvernov1beta1.Mutate: case kyvernov1beta1.Mutate:
ctrl := mutate.NewMutateExistingController(c.client, statusControl, c.policyLister, c.npolicyLister, c.configuration, c.eventGen, logger) ctrl := mutate.NewMutateExistingController(c.client, statusControl, c.cpolLister, c.polLister, c.configuration, c.eventGen, logger)
return ctrl.ProcessUR(ur) return ctrl.ProcessUR(ur)
case kyvernov1beta1.Generate: case kyvernov1beta1.Generate:
ctrl := generate.NewGenerateController(c.client, c.kyvernoClient, statusControl, c.policyLister, c.npolicyLister, c.urLister, c.nsLister, c.configuration, c.eventGen, logger) ctrl := generate.NewGenerateController(c.client, c.kyvernoClient, statusControl, c.cpolLister, c.polLister, c.urLister, c.nsLister, c.configuration, c.eventGen, logger)
return ctrl.ProcessUR(ur) return ctrl.ProcessUR(ur)
} }
return nil return nil