fix: all tests fails when use mutiple results with generate-clone (#8341)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

cmd/cli/kubectl-kyverno/processor/generate.go

@@ -16,32 +16,29 @@ import (
 	engineapi "github.com/kyverno/kyverno/pkg/engine/api"
 	"github.com/kyverno/kyverno/pkg/engine/jmespath"
 	"github.com/kyverno/kyverno/pkg/imageverifycache"
-	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/runtime"
 )
 
 func handleGeneratePolicy(generateResponse *engineapi.EngineResponse, policyContext engine.PolicyContext, ruleToCloneSourceResource map[string]string) ([]engineapi.RuleResponse, error) {
 	newResource := policyContext.NewResource()
 	objects := []runtime.Object{&newResource}
-	resources := []*unstructured.Unstructured{}
 	for _, rule := range generateResponse.PolicyResponse.Rules {
 		if path, ok := ruleToCloneSourceResource[rule.Name()]; ok {
 			resourceBytes, err := resource.GetFileBytes(path)
 			if err != nil {
 				fmt.Printf("failed to get resource bytes\n")
 			} else {
-				resources, err = resource.GetUnstructuredResources(resourceBytes)
+				r, err := resource.GetUnstructuredResources(resourceBytes)
 				if err != nil {
 					fmt.Printf("failed to convert resource bytes to unstructured format\n")
 				}
+				for _, res := range r {
+					objects = append(objects, res)
+				}
 			}
 		}
 	}
 
-	for _, res := range resources {
-		objects = append(objects, res)
-	}
-
 	c, err := initializeMockController(objects)
 	if err != nil {
 		fmt.Println("error at controller")

test/cli/test-generate/sync-multiple-resources/cm.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: kubernetes-cluster-controller-config
+  namespace: kube-system
+data:
+  value: "0"

test/cli/test-generate/sync-multiple-resources/deployment.yaml

@@ -0,0 +1,26 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: kubernetes-cluster-controller
+  namespace: kube-system
+  labels:
+    app: kubernetes-cluster-controller
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: kubernetes-cluster-controller
+  template:
+    metadata:
+      labels:
+        app: kubernetes-cluster-controller
+    spec:
+      containers:
+        - name: front-end
+          image: nginx
+          ports:
+            - containerPort: 8080
+        - name: rss-reader
+          image: nickchase/rss-php-nginx:v1
+          ports:
+            - containerPort: 8080

test/cli/test-generate/sync-multiple-resources/gen-cm.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: kubernetes-cluster-controller-config
+  namespace: services-system
+data:
+  value: "0"

test/cli/test-generate/sync-multiple-resources/gen-secret.yaml

@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: kubernetes-cluster-controller
+  namespace: services-system
+type: Opaque
+data:
+  USER_NAME: YWRtaW4=
+  PASSWORD: YWRtaW4=

test/cli/test-generate/sync-multiple-resources/kyverno-test.yaml

@@ -0,0 +1,22 @@
+name: sync-controller-data
+policies:
+  - policy.yaml
+resources:
+  - deployment.yaml
+results:
+  - policy: sync-controller-data
+    rule: sync-controller-secret
+    resources:
+      - kubernetes-cluster-controller
+    generatedResource: gen-secret.yaml
+    cloneSourceResource: secret.yaml
+    kind: Deployment
+    result: pass
+  - policy: sync-controller-data
+    rule: sync-controller-configmap
+    resources: 
+      - kubernetes-cluster-controller
+    generatedResource: gen-cm.yaml
+    cloneSourceResource: cm.yaml
+    kind: Deployment
+    result: pass

test/cli/test-generate/sync-multiple-resources/policy.yaml

@@ -0,0 +1,52 @@
+kind: ClusterPolicy
+metadata:
+  name: sync-controller-data
+  annotations:
+    policies.kyverno.io/title: Sync Controller Data
+    policies.kyverno.io/category: RightSizing
+    policies.kyverno.io/subject: io
+    policies.kyverno.io/description: >-
+      Sync Secret and Configmap from kube-system namespace
+spec:
+  failurePolicy: Ignore
+  generateExistingOnPolicyUpdate: true
+  rules:
+  - name: sync-controller-secret
+    match:
+      all:
+      - resources:
+          kinds:
+          - Deployment
+          namespaces:
+          - kube-system
+          names:
+          - kubernetes-cluster-controller
+    generate:
+      apiVersion: v1
+      kind: Secret
+      name: kubernetes-cluster-controller
+      namespace: services-system
+      synchronize: true
+      clone:
+        namespace: kube-system
+        name: kubernetes-cluster-controller
+
+  - name: sync-controller-configmap
+    match:
+      all:
+      - resources:
+          kinds:
+          - Deployment
+          namespaces:
+          - kube-system
+          names:
+          - kubernetes-cluster-controller  
+    generate:
+      apiVersion: v1
+      kind: ConfigMap
+      name: kubernetes-cluster-controller-config
+      namespace: services-system
+      synchronize: true
+      clone:
+        namespace: kube-system
+        name: kubernetes-cluster-controller-config

test/cli/test-generate/sync-multiple-resources/secret.yaml

@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: kubernetes-cluster-controller
+  namespace: kube-system
+type: Opaque
+data:
+  USER_NAME: YWRtaW4=
+  PASSWORD: YWRtaW4=