mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-14 11:48:53 +00:00
Code Activity

Fix issue for wildcard versions (#4670) (#4674)

Browse source 
* Fix wildcard issue

Co-Authored-By: vyankd <51167361+vyankd@users.noreply.github.com>

* Delete res.yaml

Co-Authored-By: vyankd <51167361+vyankd@users.noreply.github.com>

Co-authored-by: vyankd <51167361+vyankd@users.noreply.github.com>

Co-authored-by: vyankd <51167361+vyankd@users.noreply.github.com>
This commit is contained in:
Vyankatesh Kudtarkar 2022-09-26 15:06:50 +05:30 committed by GitHub
parent f2b63cef77
commit f2dde173ce
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 21 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
pkg/utils/kube/kind.go
View file

@ -29,6 +29,18 @@ func formatSubresource(s string) string {
return strings.Replace(s, ".", "/", 1) return strings.Replace(s, ".", "/", 1)
} }
// GetGroupFromGVK - get group GVK
func GetGroupFromGVK(str string) (group string) {
parts := strings.Split(str, "/")
count := len(parts)
if count == 3 {
if parts[1] == "*" {
return parts[0]
}
}
return ""
}
func SplitSubresource(s string) (kind string, subresource string) { func SplitSubresource(s string) (kind string, subresource string) {
normalized := strings.Replace(s, ".", "/", 1) normalized := strings.Replace(s, ".", "/", 1)
parts := strings.Split(normalized, "/") parts := strings.Split(normalized, "/")

3
pkg/webhookconfig/configmanager.go
View file

@ -795,7 +795,8 @@ func (m *webhookConfigManager) mergeWebhook(dst *webhook, policy kyverno.PolicyI
continue continue
} }
if strings.Contains(gvk, "*") { if strings.Contains(gvk, "*") {
gvrList = append(gvrList, schema.GroupVersionResource{Group: gvr.Group, Version: "*", Resource: gvr.Resource}) group := kubeutils.GetGroupFromGVK(gvk)
gvrList = append(gvrList, schema.GroupVersionResource{Group: group, Version: "*", Resource: gvr.Resource})
} else { } else {
m.log.V(4).Info("configuring webhook", "GVK", gvk, "GVR", gvr) m.log.V(4).Info("configuring webhook", "GVK", gvk, "GVR", gvr)
gvrList = append(gvrList, gvr) gvrList = append(gvrList, gvr)

1
test/cli/registry/kyverno-test.yaml
View file

@ -3,6 +3,7 @@ policies:
- image-example.yaml - image-example.yaml
resources: resources:
- resources.yaml - resources.yaml
variables: values.yaml
results: results:
- policy: images - policy: images
rule: only-allow-trusted-images rule: only-allow-trusted-images

6
test/cli/registry/values.yaml Normal file
View file

@ -0,0 +1,6 @@
policies:
- name: check-image-base
rules:
- name: check-image-base-rule
foreachValues:
mobysource: ["1"]