Fix issue for wildcard versions (#4670) (#4674)

* Fix wildcard issue Co-Authored-By: vyankd <51167361+vyankd@users.noreply.github.com> * Delete res.yaml Co-Authored-By: vyankd <51167361+vyankd@users.noreply.github.com> Co-authored-by: vyankd <51167361+vyankd@users.noreply.github.com> Co-authored-by: vyankd <51167361+vyankd@users.noreply.github.com>
2025-03-13 11:18:47 +00:00 · 2022-09-26 15:06:50 +05:30 · 2022-09-26 15:06:50 +05:30 · f2dde173ce
commit f2dde173ce
parent f2b63cef77
4 changed files with 21 additions and 1 deletions
--- a/pkg/utils/kube/kind.go
+++ b/pkg/utils/kube/kind.go
@ -29,6 +29,18 @@ func formatSubresource(s string) string {
 	return strings.Replace(s, ".", "/", 1)
 }

+// GetGroupFromGVK - get group GVK
+func GetGroupFromGVK(str string) (group string) {
+	parts := strings.Split(str, "/")
+	count := len(parts)
+	if count == 3 {
+		if parts[1] == "*" {
+			return parts[0]
+		}
+	}
+	return ""
+}
+
 func SplitSubresource(s string) (kind string, subresource string) {
 	normalized := strings.Replace(s, ".", "/", 1)
 	parts := strings.Split(normalized, "/")
--- a/pkg/webhookconfig/configmanager.go
+++ b/pkg/webhookconfig/configmanager.go
@ -795,7 +795,8 @@ func (m *webhookConfigManager) mergeWebhook(dst *webhook, policy kyverno.PolicyI
 					continue
 				}
 				if strings.Contains(gvk, "*") {
-					gvrList = append(gvrList, schema.GroupVersionResource{Group: gvr.Group, Version: "*", Resource: gvr.Resource})
+					group := kubeutils.GetGroupFromGVK(gvk)
+					gvrList = append(gvrList, schema.GroupVersionResource{Group: group, Version: "*", Resource: gvr.Resource})
 				} else {
 					m.log.V(4).Info("configuring webhook", "GVK", gvk, "GVR", gvr)
 					gvrList = append(gvrList, gvr)
--- a/test/cli/registry/kyverno-test.yaml
+++ b/test/cli/registry/kyverno-test.yaml
@ -3,6 +3,7 @@ policies:
  - image-example.yaml
 resources:
  - resources.yaml
+variables: values.yaml
 results:
  - policy: images
    rule: only-allow-trusted-images
--- a/test/cli/registry/values.yaml
+++ b/test/cli/registry/values.yaml
@ -0,0 +1,6 @@
+policies:
+- name: check-image-base
+  rules:
+    - name: check-image-base-rule
+      foreachValues:
+        mobysource: ["1"]