1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-31 03:45:17 +00:00

feat: make cli results count public ()

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
This commit is contained in:
Charles-Edouard Brétéché 2024-05-07 10:58:09 +02:00 committed by GitHub
parent f29f7ca454
commit ecce1632f2
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 43 additions and 49 deletions
cmd/cli/kubectl-kyverno

View file

@ -471,7 +471,7 @@ func printReports(out io.Writer, engineResponses []engineapi.EngineResponse, aud
} }
func printViolations(out io.Writer, rc *processor.ResultCounts) { func printViolations(out io.Writer, rc *processor.ResultCounts) {
fmt.Fprintf(out, "\npass: %d, fail: %d, warn: %d, error: %d, skip: %d \n", rc.Pass(), rc.Fail(), rc.Warn(), rc.Error(), rc.Skip()) fmt.Fprintf(out, "\npass: %d, fail: %d, warn: %d, error: %d, skip: %d \n", rc.Pass, rc.Fail, rc.Warn, rc.Error, rc.Skip)
} }
type WarnExitCodeError struct { type WarnExitCodeError struct {
@ -483,16 +483,16 @@ func (w WarnExitCodeError) Error() string {
} }
func exit(out io.Writer, rc *processor.ResultCounts, warnExitCode int, warnNoPassed bool) error { func exit(out io.Writer, rc *processor.ResultCounts, warnExitCode int, warnNoPassed bool) error {
if rc.Fail() > 0 { if rc.Fail > 0 {
return fmt.Errorf("exit as there are policy violations") return fmt.Errorf("exit as there are policy violations")
} else if rc.Error() > 0 { } else if rc.Error > 0 {
return fmt.Errorf("exit as there are policy errors") return fmt.Errorf("exit as there are policy errors")
} else if rc.Warn() > 0 && warnExitCode != 0 { } else if rc.Warn > 0 && warnExitCode != 0 {
fmt.Printf("exit as warnExitCode is %d", warnExitCode) fmt.Printf("exit as warnExitCode is %d", warnExitCode)
return WarnExitCodeError{ return WarnExitCodeError{
ExitCode: warnExitCode, ExitCode: warnExitCode,
} }
} else if rc.Pass() == 0 && warnNoPassed { } else if rc.Pass == 0 && warnNoPassed {
fmt.Println(out, "exit as no objects satisfied policy") fmt.Println(out, "exit as no objects satisfied policy")
return WarnExitCodeError{ return WarnExitCodeError{
ExitCode: warnExitCode, ExitCode: warnExitCode,

View file

@ -79,11 +79,11 @@ func Test_NamespaceSelector(t *testing.T) {
}, },
}, },
result: ResultCounts{ result: ResultCounts{
pass: 0, Pass: 0,
fail: 1, Fail: 1,
warn: 0, Warn: 0,
err: 0, Error: 0,
skip: 0, Skip: 0,
}, },
}, },
{ {
@ -95,11 +95,11 @@ func Test_NamespaceSelector(t *testing.T) {
}, },
}, },
result: ResultCounts{ result: ResultCounts{
pass: 1, Pass: 1,
fail: 1, Fail: 1,
warn: 0, Warn: 0,
err: 0, Error: 0,
skip: 0, Skip: 0,
}, },
}, },
} }
@ -118,10 +118,10 @@ func Test_NamespaceSelector(t *testing.T) {
Out: os.Stdout, Out: os.Stdout,
} }
processor.ApplyPoliciesOnResource() processor.ApplyPoliciesOnResource()
assert.Equal(t, int64(rc.Pass()), int64(tc.result.pass)) assert.Equal(t, int64(rc.Pass), int64(tc.result.Pass))
assert.Equal(t, int64(rc.Fail()), int64(tc.result.fail)) assert.Equal(t, int64(rc.Fail), int64(tc.result.Fail))
assert.Equal(t, int64(rc.Skip()), int64(tc.result.skip)) assert.Equal(t, int64(rc.Skip), int64(tc.result.Skip))
assert.Equal(t, int64(rc.Warn()), int64(tc.result.warn)) assert.Equal(t, int64(rc.Warn), int64(tc.result.Warn))
assert.Equal(t, int64(rc.Error()), int64(tc.result.err)) assert.Equal(t, int64(rc.Error), int64(tc.result.Error))
} }
} }

View file

@ -8,21 +8,15 @@ import (
) )
type ResultCounts struct { type ResultCounts struct {
pass int Pass int
fail int Fail int
warn int Warn int
err int Error int
skip int Skip int
} }
func (rc ResultCounts) Pass() int { return rc.pass }
func (rc ResultCounts) Fail() int { return rc.fail }
func (rc ResultCounts) Warn() int { return rc.warn }
func (rc ResultCounts) Error() int { return rc.err }
func (rc ResultCounts) Skip() int { return rc.skip }
func (rc *ResultCounts) IncrementError(inc int) { func (rc *ResultCounts) IncrementError(inc int) {
rc.err += inc rc.Error += inc
} }
func (rc *ResultCounts) addEngineResponses(auditWarn bool, responses ...engineapi.EngineResponse) { func (rc *ResultCounts) addEngineResponses(auditWarn bool, responses ...engineapi.EngineResponse) {
@ -45,22 +39,22 @@ func (rc *ResultCounts) addEngineResponse(auditWarn bool, response engineapi.Eng
if rule.Name == valResponseRule.Name() { if rule.Name == valResponseRule.Name() {
switch valResponseRule.Status() { switch valResponseRule.Status() {
case engineapi.RuleStatusPass: case engineapi.RuleStatusPass:
rc.pass++ rc.Pass++
case engineapi.RuleStatusFail: case engineapi.RuleStatusFail:
if !scored { if !scored {
rc.warn++ rc.Warn++
break break
} else if auditWarn && response.GetValidationFailureAction().Audit() { } else if auditWarn && response.GetValidationFailureAction().Audit() {
rc.warn++ rc.Warn++
} else { } else {
rc.fail++ rc.Fail++
} }
case engineapi.RuleStatusError: case engineapi.RuleStatusError:
rc.err++ rc.Error++
case engineapi.RuleStatusWarn: case engineapi.RuleStatusWarn:
rc.warn++ rc.Warn++
case engineapi.RuleStatusSkip: case engineapi.RuleStatusSkip:
rc.skip++ rc.Skip++
} }
continue continue
} }
@ -80,12 +74,12 @@ func (rc *ResultCounts) addGenerateResponse(auditWarn bool, resPath string, resp
for _, ruleResponse := range response.PolicyResponse.Rules { for _, ruleResponse := range response.PolicyResponse.Rules {
if policyRule.Name == ruleResponse.Name() { if policyRule.Name == ruleResponse.Name() {
if ruleResponse.Status() == engineapi.RuleStatusPass { if ruleResponse.Status() == engineapi.RuleStatusPass {
rc.pass++ rc.Pass++
} else { } else {
if auditWarn && response.GetValidationFailureAction().Audit() { if auditWarn && response.GetValidationFailureAction().Audit() {
rc.warn++ rc.Warn++
} else { } else {
rc.fail++ rc.Fail++
} }
} }
continue continue
@ -114,14 +108,14 @@ func (rc *ResultCounts) addMutateResponse(resourcePath string, response engineap
for _, mutateResponseRule := range response.PolicyResponse.Rules { for _, mutateResponseRule := range response.PolicyResponse.Rules {
if policyRule.Name == mutateResponseRule.Name() { if policyRule.Name == mutateResponseRule.Name() {
if mutateResponseRule.Status() == engineapi.RuleStatusPass { if mutateResponseRule.Status() == engineapi.RuleStatusPass {
rc.pass++ rc.Pass++
printMutatedRes = true printMutatedRes = true
} else if mutateResponseRule.Status() == engineapi.RuleStatusSkip { } else if mutateResponseRule.Status() == engineapi.RuleStatusSkip {
rc.skip++ rc.Skip++
} else if mutateResponseRule.Status() == engineapi.RuleStatusError { } else if mutateResponseRule.Status() == engineapi.RuleStatusError {
rc.err++ rc.Error++
} else { } else {
rc.fail++ rc.Fail++
} }
continue continue
} }
@ -133,11 +127,11 @@ func (rc *ResultCounts) addMutateResponse(resourcePath string, response engineap
func (rc *ResultCounts) addValidatingAdmissionResponse(vap v1alpha1.ValidatingAdmissionPolicy, engineResponse engineapi.EngineResponse) { func (rc *ResultCounts) addValidatingAdmissionResponse(vap v1alpha1.ValidatingAdmissionPolicy, engineResponse engineapi.EngineResponse) {
for _, ruleResp := range engineResponse.PolicyResponse.Rules { for _, ruleResp := range engineResponse.PolicyResponse.Rules {
if ruleResp.Status() == engineapi.RuleStatusPass { if ruleResp.Status() == engineapi.RuleStatusPass {
rc.pass++ rc.Pass++
} else if ruleResp.Status() == engineapi.RuleStatusFail { } else if ruleResp.Status() == engineapi.RuleStatusFail {
rc.fail++ rc.Fail++
} else if ruleResp.Status() == engineapi.RuleStatusError { } else if ruleResp.Status() == engineapi.RuleStatusError {
rc.err++ rc.Error++
} }
} }
} }