remove duplicate code: hasMutate..

2025-03-31 03:45:17 +00:00 · 2019-10-03 17:00:05 -07:00 · 2019-10-03 17:00:05 -07:00 · e20d86f45c
commit e20d86f45c
parent c56c5c365d
5 changed files with 65 additions and 39 deletions
--- a/pkg/api/kyverno/v1alpha1/utils.go
+++ b/pkg/api/kyverno/v1alpha1/utils.go
@ -3,9 +3,57 @@ package v1alpha1
 import (
 	"errors"
 	"fmt"
+	"reflect"
 	"strings"
 )

+func (p ClusterPolicy) HasMutateOrValidate() bool {
+	for _, rule := range p.Spec.Rules {
+		if rule.HasMutate() || rule.HasValidate() {
+			return true
+		}
+	}
+	return false
+}
+func (p ClusterPolicy) HasMutate() bool {
+	for _, rule := range p.Spec.Rules {
+		if rule.HasMutate() {
+			return true
+		}
+	}
+	return false
+}
+
+func (p ClusterPolicy) HasValidate() bool {
+	for _, rule := range p.Spec.Rules {
+		if rule.HasValidate() {
+			return true
+		}
+	}
+	return false
+}
+
+func (p ClusterPolicy) HasGenerate() bool {
+	for _, rule := range p.Spec.Rules {
+		if rule.HasGenerate() {
+			return true
+		}
+	}
+	return false
+}
+
+func (r Rule) HasMutate() bool {
+	return !reflect.DeepEqual(r.Mutation, Mutation{})
+}
+
+func (r Rule) HasValidate() bool {
+	return !reflect.DeepEqual(r.Validation, Validation{})
+}
+
+func (r Rule) HasGenerate() bool {
+	return !reflect.DeepEqual(r.Generation, Generation{})
+}
+
 // DeepCopyInto is declared because k8s:deepcopy-gen is
 // not able to generate this method for interface{} member
 func (in *Mutation) DeepCopyInto(out *Mutation) {
--- a/pkg/api/kyverno/v1alpha1/validate.go
+++ b/pkg/api/kyverno/v1alpha1/validate.go
@ -109,18 +109,6 @@ func (r Rule) ValidateRuleType() error {
 	return nil
 }

-func (r Rule) HasMutate() bool {
-	return !reflect.DeepEqual(r.Mutation, Mutation{})
-}
-
-func (r Rule) HasValidate() bool {
-	return !reflect.DeepEqual(r.Validation, Validation{})
-}
-
-func (r Rule) HasGenerate() bool {
-	return !reflect.DeepEqual(r.Generation, Generation{})
-}
-
 // Validate checks if all necesarry fields are present and have values. Also checks a Selector.
 // field type is checked through openapi
 // Returns error if
--- a/pkg/api/kyverno/v1alpha1/validate_test.go
+++ b/pkg/api/kyverno/v1alpha1/validate_test.go
@ -2,7 +2,6 @@ package v1alpha1

 import (
 	"encoding/json"
-	"fmt"
 	"testing"

 	"gotest.tools/assert"
@ -1222,7 +1221,19 @@ func Test_Validate_ErrorFormat(t *testing.T) {
 	err := json.Unmarshal(rawPolicy, &policy)
 	assert.NilError(t, err)

+	expectedErr := `
+- Invalid Policy 'test-error-format':
+duplicate rule name: 'validate-user-privilege'
+- invalid rule 'image-pull-policy':
+error in exclude block, the requirements are not specified in selector
+invalid anchor found at /spec/template/spec/containers/0/=(image), expect: () || +()
+- invalid rule 'validate-user-privilege':
+error in match block, field Kind is not specified
+- invalid rule 'validate-user-privilege':
+existing anchor at /spec/template/spec/containers/0/securityContext must be of type array, found: map[string]interface {}
+- invalid rule 'default-networkpolicy':
+invalid character found on pattern clone: namespace is requried
+`
 	err = policy.Validate()
-	fmt.Println(err)
-	assert.Assert(t, err == nil)
+	assert.Assert(t, err.Error() == expectedErr)
 }
--- a/pkg/policy/webhookregistration.go
+++ b/pkg/policy/webhookregistration.go
@ -1,8 +1,6 @@
 package policy

 import (
-	"reflect"
-
 	"github.com/golang/glog"
 	kyverno "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
 	"k8s.io/apimachinery/pkg/labels"
@ -43,7 +41,7 @@ func (pc *PolicyController) removeResourceWebhookConfiguration() error {

 func (pc *PolicyController) createResourceMutatingWebhookConfigurationIfRequired(policy kyverno.ClusterPolicy) error {
 	// if the policy contains mutating & validation rules and it config does not exist we create one
-	if hasMutateOrValidate(policy) {
+	if policy.HasMutateOrValidate() {
 		if err := pc.webhookRegistrationClient.CreateResourceMutatingWebhookConfiguration(); err != nil {
 			return err
 		}
@ -53,16 +51,7 @@ func (pc *PolicyController) createResourceMutatingWebhookConfigurationIfRequired

 func hasMutateOrValidatePolicies(policies []*kyverno.ClusterPolicy) bool {
 	for _, policy := range policies {
-		if hasMutateOrValidate(*policy) {
-			return true
-		}
-	}
-	return false
-}
-
-func hasMutateOrValidate(policy kyverno.ClusterPolicy) bool {
-	for _, rule := range policy.Spec.Rules {
-		if !reflect.DeepEqual(rule.Mutation, kyverno.Mutation{}) || !reflect.DeepEqual(rule.Validation, kyverno.Validation{}) {
+		if (*policy).HasMutateOrValidate() {
 			return true
 		}
 	}
--- a/pkg/webhooks/policyvalidation.go
+++ b/pkg/webhooks/policyvalidation.go
@ -36,18 +36,8 @@ func (ws *WebhookServer) handlePolicyValidation(request *v1beta1.AdmissionReques
 		}
 	}

-	// helper function to evaluate if policy has validtion or mutation rules defined
-	hasMutateOrValidate := func() bool {
-		for _, rule := range policy.Spec.Rules {
-			if rule.HasMutate() || rule.HasValidate() {
-				return true
-			}
-		}
-		return false
-	}
-
 	if admissionResp.Allowed {
-		if hasMutateOrValidate() {
+		if policy.HasMutateOrValidate() {
 			// create mutating resource mutatingwebhookconfiguration if not present
 			if err := ws.webhookRegistrationClient.CreateResourceMutatingWebhookConfiguration(); err != nil {
 				glog.Error("failed to created resource mutating webhook configuration, policies wont be applied on the resource")