mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-31 03:45:17 +00:00
Code Activity

Merge pull request #2024 from NoSkillGirl/2023/CLI_should_validate_all_resources

Browse source 
added loop for namespace to validate all the resources
This commit is contained in:
Pooja Singh 2021-06-19 12:55:13 +05:30 committed by GitHub
commit e677e91679
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 419 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

359
go.sum
View file

File diff suppressed because it is too large Load diff

110
pkg/kyverno/common/fetch.go
View file

@ -42,64 +42,77 @@ func GetResources(policies []*v1.ClusterPolicy, resourcePaths []string, dClient
resourceTypes = append(resourceTypes, kind)
}
var resourceMap map[string]map[string]*unstructured.Unstructured
if cluster && dClient != nil {
resourceMap, err = getResourcesOfTypeFromCluster(resourceTypes, dClient, namespace)
resources, err = whenClusterIsTrue(resourceTypes, dClient, namespace, resourcePaths, policyReport)
if err != nil {
return nil, err
return resources, err
}
if len(resourcePaths) == 0 {
for _, rm := range resourceMap {
for _, rr := range rm {
} else if len(resourcePaths) > 0 {
resources, err = whenClusterIsFalse(resourcePaths, policyReport)
if err != nil {
return resources, err
}
}
return resources, err
}
func whenClusterIsTrue(resourceTypes []string, dClient *client.Client, namespace string, resourcePaths []string, policyReport bool) ([]*unstructured.Unstructured, error) {
resources := make([]*unstructured.Unstructured, 0)
resourceMap, err := getResourcesOfTypeFromCluster(resourceTypes, dClient, namespace)
if err != nil {
return nil, err
}
if len(resourcePaths) == 0 {
for _, rr := range resourceMap {
resources = append(resources, rr)
}
} else {
for _, resourcePath := range resourcePaths {
lenOfResource := len(resources)
for rn, rr := range resourceMap {
s := strings.Split(rn, "-")
if s[2] == resourcePath {
resources = append(resources, rr)
}
}
} else {
for _, resourcePath := range resourcePaths {
lenOfResource := len(resources)
for _, rm := range resourceMap {
for rn, rr := range rm {
if rn == resourcePath {
resources = append(resources, rr)
continue
}
}
}
if lenOfResource >= len(resources) {
if policyReport {
log.Log.V(3).Info(fmt.Sprintf("%s not found in cluster", resourcePath))
} else {
fmt.Printf("\n----------------------------------------------------------------------\nresource %s not found in cluster\n----------------------------------------------------------------------\n", resourcePath)
}
return nil, errors.New(fmt.Sprintf("%s not found in cluster", resourcePath))
}
}
}
} else if len(resourcePaths) > 0 {
for _, resourcePath := range resourcePaths {
resourceBytes, err := getFileBytes(resourcePath)
if err != nil {
if lenOfResource >= len(resources) {
if policyReport {
log.Log.V(3).Info(fmt.Sprintf("failed to load resources: %s.", resourcePath), "error", err)
log.Log.V(3).Info(fmt.Sprintf("%s not found in cluster", resourcePath))
} else {
fmt.Printf("\n----------------------------------------------------------------------\nfailed to load resources: %s. \nerror: %s\n----------------------------------------------------------------------\n", resourcePath, err)
fmt.Printf("\n----------------------------------------------------------------------\nresource %s not found in cluster\n----------------------------------------------------------------------\n", resourcePath)
}
continue
}
getResources, err := GetResource(resourceBytes)
if err != nil {
return nil, err
}
for _, resource := range getResources {
resources = append(resources, resource)
return nil, fmt.Errorf("%s not found in cluster", resourcePath)
}
}
}
return resources, nil
}
func whenClusterIsFalse(resourcePaths []string, policyReport bool) ([]*unstructured.Unstructured, error) {
resources := make([]*unstructured.Unstructured, 0)
for _, resourcePath := range resourcePaths {
resourceBytes, err := getFileBytes(resourcePath)
if err != nil {
if policyReport {
log.Log.V(3).Info(fmt.Sprintf("failed to load resources: %s.", resourcePath), "error", err)
} else {
fmt.Printf("\n----------------------------------------------------------------------\nfailed to load resources: %s. \nerror: %s\n----------------------------------------------------------------------\n", resourcePath, err)
}
continue
}
getResources, err := GetResource(resourceBytes)
if err != nil {
return nil, err
}
resources = append(resources, getResources...)
}
return resources, nil
}
// GetResourcesWithTest with gets matched resources by the given policies
func GetResourcesWithTest(fs billy.Filesystem, policies []*v1.ClusterPolicy, resourcePaths []string, isGit bool, policyresoucePath string) ([]*unstructured.Unstructured, error) {
resources := make([]*unstructured.Unstructured, 0)
@ -176,27 +189,24 @@ func GetResource(resourceBytes []byte) ([]*unstructured.Unstructured, error) {
return resources, nil
}
func getResourcesOfTypeFromCluster(resourceTypes []string, dClient *client.Client, namespace string) (map[string]map[string]*unstructured.Unstructured, error) {
r := make(map[string]map[string]*unstructured.Unstructured)
func getResourcesOfTypeFromCluster(resourceTypes []string, dClient *client.Client, namespace string) (map[string]*unstructured.Unstructured, error) {
r := make(map[string]*unstructured.Unstructured)
var resources []*unstructured.Unstructured
for _, kind := range resourceTypes {
r[kind] = make(map[string]*unstructured.Unstructured)
resourceList, err := dClient.ListResource("", kind, namespace, nil)
if err != nil {
// return nil, err
continue
}
version := resourceList.GetAPIVersion()
for _, resource := range resourceList.Items {
r[kind][resource.GetName()] = resource.DeepCopy()
key := kind + "-" + resource.GetNamespace() + "-" + resource.GetName()
r[key] = resource.DeepCopy()
resource.SetGroupVersionKind(schema.GroupVersionKind{
Group: "",
Version: version,
Kind: kind,
})
resources = append(resources, resource.DeepCopy())
}
}
return r, nil