mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-13 19:28:55 +00:00
Code Activity

fix: allow delete of clone target resource with synchronize false (#5161)

Browse source 
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
This commit is contained in:
Prateek Pandey 2022-11-10 17:13:24 +05:30 committed by GitHub
parent 72dee76c06
commit ef421a33ed
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 26 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
pkg/background/generate/generate.go
View file

@ -423,7 +423,7 @@ func applyRule(log logr.Logger, client dclient.Interface, rule kyvernov1.Rule, r
logger := log.WithValues("genKind", genKind, "genAPIVersion", genAPIVersion, "genNamespace", genNamespace, "genName", genName)
if rule.Generation.Clone.Name != "" {
cresp, mode, err = manageClone(logger, genAPIVersion, genKind, genNamespace, genName, policy.GetName(), rule.Generation, client)
cresp, mode, err = manageClone(logger, genAPIVersion, genKind, genNamespace, genName, policy.GetName(), ur, rule.Generation, client)
rdatas = append(rdatas, GenerateResponse{
Data: cresp,
Action: mode,
@ -434,7 +434,7 @@ func applyRule(log logr.Logger, client dclient.Interface, rule kyvernov1.Rule, r
Error: err,
})
} else if len(rule.Generation.CloneList.Kinds) != 0 {
rdatas = manageCloneList(logger, genNamespace, policy.GetName(), rule.Generation, client)
rdatas = manageCloneList(logger, genNamespace, policy.GetName(), ur, rule.Generation, client)
} else {
dresp, mode, err = manageData(logger, genAPIVersion, genKind, genNamespace, genName, rule.Generation.RawData, rule.Generation.Synchronize, ur, client)
rdatas = append(rdatas, GenerateResponse{
@ -618,7 +618,7 @@ func manageData(log logr.Logger, apiVersion, kind, namespace, name string, data
return updateObj.UnstructuredContent(), Update, nil
}
func manageClone(log logr.Logger, apiVersion, kind, namespace, name, policy string, clone kyvernov1.Generation, client dclient.Interface) (map[string]interface{}, ResourceMode, error) {
func manageClone(log logr.Logger, apiVersion, kind, namespace, name, policy string, ur kyvernov1beta1.UpdateRequest, clone kyvernov1.Generation, client dclient.Interface) (map[string]interface{}, ResourceMode, error) {
// resource namespace can be nil in case of clusters scope resource
rNamespace := clone.Clone.Namespace
if rNamespace == "" {
@ -640,6 +640,16 @@ func manageClone(log logr.Logger, apiVersion, kind, namespace, name, policy stri
if err != nil {
return nil, Skip, fmt.Errorf("source resource %s %s/%s/%s not found. %v", apiVersion, kind, rNamespace, rName, err)
}
// check if cloned resource exists
cobj, err := client.GetResource(apiVersion, kind, namespace, name)
if err != nil {
if apierrors.IsNotFound(err) && len(ur.Status.GeneratedResources) != 0 && !clone.Synchronize {
log.V(4).Info("synchronization is disabled, recreation will be skipped", "resource", cobj)
return nil, Skip, nil
}
}
// remove ownerReferences when cloning resources to other namespace
if rNamespace != namespace && obj.GetOwnerReferences() != nil {
obj.SetOwnerReferences(nil)
@ -663,7 +673,7 @@ func manageClone(log logr.Logger, apiVersion, kind, namespace, name, policy stri
return obj.UnstructuredContent(), Create, nil
}
func manageCloneList(log logr.Logger, namespace, policy string, clone kyvernov1.Generation, client dclient.Interface) []GenerateResponse {
func manageCloneList(log logr.Logger, namespace, policy string, ur kyvernov1beta1.UpdateRequest, clone kyvernov1.Generation, client dclient.Interface) []GenerateResponse {
var response []GenerateResponse
rNamespace := clone.CloneList.Namespace
@ -713,6 +723,17 @@ func manageCloneList(log logr.Logger, namespace, policy string, clone kyvernov1.
return response
}
// check if cloned resource exists
cobj, err := client.GetResource(apiVersion, kind, namespace, rName.GetName())
if apierrors.IsNotFound(err) && len(ur.Status.GeneratedResources) != 0 && !clone.Synchronize {
log.V(4).Info("synchronization is disabled, recreation will be skipped", "resource", cobj)
response = append(response, GenerateResponse{
Data: nil,
Action: Skip,
Error: nil,
})
}
// remove ownerReferences when cloning resources to other namespace
if rNamespace != namespace && obj.GetOwnerReferences() != nil {
obj.SetOwnerReferences(nil)

2
test/conformance/kuttl/kuttl-test.yaml
View file

@ -4,7 +4,7 @@ testDirs:
# Autogen tests
- ./test/conformance/kuttl/autogen
# Generate tests
# - ./test/conformance/kuttl/generate/clusterpolicy/standard/clone/nosync
- ./test/conformance/kuttl/generate/clusterpolicy/standard/clone/nosync
- ./test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync
- ./test/conformance/kuttl/generate/clusterpolicy/standard/data/sync
- ./test/conformance/kuttl/generate/clusterpolicy/standard/data/nosync