change CRD Name to ClusterPolicy & ClusterPolicyViolations

definitions/install.yaml

@@ -1,7 +1,7 @@
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
-  name: policies.kyverno.io
+  name: clusterpolicies.kyverno.io
 spec:
   group: kyverno.io
   versions:
@@ -10,9 +10,9 @@ spec:
       storage: true
   scope: Cluster
   names:
-    kind: Policy
+    kind: ClusterPolicy
-    plural: policies
+    plural: clusterpolicies
-    singular: policy
+    singular: clusterpolicy
   subresources:
     status: {}
   validation:
@@ -178,7 +178,7 @@ spec:
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
-  name: policyviolations.kyverno.io
+  name: clusterpolicyviolations.kyverno.io
 spec:
   group: kyverno.io
   versions:
@@ -187,9 +187,9 @@ spec:
       storage: true
   scope: Cluster
   names:
-    kind: PolicyViolation
+    kind: ClusterPolicyViolation
-    plural: policyviolations
+    plural: clusterpolicyviolations
-    singular: policyviolation
+    singular: clusterpolicyviolation
   subresources:
     status: {}
   validation:

definitions/install_custom_args.yaml

@@ -1,7 +1,7 @@
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
-  name: policies.kyverno.io
+  name: clusterpolicies.kyverno.io
 spec:
   group: kyverno.io
   versions:
@@ -10,9 +10,9 @@ spec:
       storage: true
   scope: Cluster
   names:
-    kind: Policy
+    kind: ClusterPolicy
-    plural: policies
+    plural: clusterpolicies
-    singular: policy
+    singular: clusterpolicy
   subresources:
     status: {}
   validation:

definitions/install_debug.yaml

@@ -1,7 +1,7 @@
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
-  name: policies.kyverno.io
+  name: clusterpolicies.kyverno.io
 spec:
   group: kyverno.io
   versions:
@@ -10,9 +10,9 @@ spec:
       storage: true
   scope: Cluster
   names:
-    kind: Policy
+    kind: ClusterPolicy
-    plural: policies
+    plural: clusterpolicies
-    singular: policy
+    singular: clusterpolicy
   subresources:
     status: {}
   validation:
@@ -178,7 +178,7 @@ spec:
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
-  name: policyviolations.kyverno.io
+  name: clusterpolicyviolations.kyverno.io
 spec:
   group: kyverno.io
   versions:
@@ -187,9 +187,9 @@ spec:
       storage: true
   scope: Cluster
   names:
-    kind: PolicyViolation
+    kind: ClusterPolicyViolation
-    plural: policyviolations
+    plural: clusterpolicyviolations
-    singular: policyviolation
+    singular: clusterpolicyviolation
   subresources:
     status: {}
   validation:

definitions/policy-example.yaml

@@ -1,5 +1,5 @@
 apiVersion : policy.nirmata.io/v1alpha1
-kind : Policy
+kind : clusterPolicy
 metadata :
   name : examples
 spec :

documentation/writing-policies-generate.md

@@ -8,7 +8,7 @@
 
 ````yaml
 apiVersion: kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: basic-policy
 spec:
@@ -55,7 +55,7 @@ In this example, when this policy is applied, any new namespace that satisfies t
 ## Example 2
 ````yaml
 apiVersion: kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: "default"
 spec:

documentation/writing-policies-mutate.md

@@ -12,7 +12,7 @@ This patch adds an init container to all deployments.
 
 ````yaml
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : policy-v1
 spec :
@@ -41,7 +41,7 @@ With Kyverno, the add and replace have the same behavior i.e. both operations wi
 Here is the example of a patch that removes a label from the secret:
 ````yaml
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : policy-remove-label
 spec :
@@ -67,7 +67,7 @@ The following mutation overlay will add (or replace) the memory request and limi
 
 ````yaml
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : policy-change-memory-limit
 spec :
@@ -100,7 +100,7 @@ Applying overlays to a list type is fairly straightforward: new items will be ad
 
 ````yaml
 apiVersion: kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: policy-endpoints
 spec:
@@ -126,7 +126,7 @@ An **anchor** field, marked by parentheses, allows conditional processing of con
 
 ````yaml
 apiVersion: kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : policy-set-port
 spec :
@@ -157,7 +157,7 @@ A variation of an anchor, is to add a field value if it is not already defined.
 
 ````yaml
 apiVersion: kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : policy-set-port
 spec :

documentation/writing-policies-validate.md

@@ -38,7 +38,7 @@ The next rule prevents the creation of Deployment, StatefuleSet and DaemonSet re
 ````yaml
 
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : validation-example
 spec :
@@ -74,7 +74,7 @@ For example, this pattern will check the existance of "name" field in the list:
 
 ````yaml
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : validation-example2
 spec :
@@ -109,7 +109,7 @@ In some cases one content can be defined at a different level. For example, a se
 
 ````yaml
 apiVersion: kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: check-container-security-context
 spec:

documentation/writing-policies.md

@@ -6,7 +6,7 @@ A Kyverno policy contains a set of rules. Each rule matches resources by kind, n
 
 ````yaml
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : policy
 spec :

examples/cli/policy_deployment.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : policy-deployment
 spec :

examples/policy_generate_networkPolicy.yaml

@@ -1,5 +1,5 @@
 apiVersion: kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: defaultgeneratenetworkpolicy
 spec:

examples/policy_mutate_endpoint.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : policy-endpoints
 spec :

examples/policy_mutate_imagePullPolicy.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: image-pull-policy
 spec:

examples/policy_mutate_validate_qos.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: policy-qos
 spec:

examples/policy_validate_containerSecurityContext.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: container-security-context
 spec:

examples/policy_validate_healthChecks.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name: check-probe-exists
 spec:

examples/policy_validate_imageRegistries.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: check-registries
 spec:

examples/policy_validate_nonRootUser.yaml

@@ -1,5 +1,5 @@
 apiVersion: kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: check-container-security-context
 spec:

examples/validate/check_cpu_memory.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: check-cpu-memory
 spec:

examples/validate/check_hostpath.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: check-host-path
 spec:

examples/validate/check_image_version.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: image-pull-policy
 spec:

examples/validate/check_memory_requests_same_yaml.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : validation-example2
 spec :

examples/validate/check_memory_requests_same_yaml_relative.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : validation-example2
 spec :

examples/validate/check_nodeport.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: check-node-port
 spec:

examples/validate/check_not_root.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : check-non-root
 spec :

examples/validate/check_probe_exists.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name: check-probe-exists
 spec:

examples/validate/check_probe_intervals.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name: check-probe-intervals
 spec:

examples/validate/check_registries.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: check-registries
 spec:

main.go

@@ -92,14 +92,14 @@ func main() {
 
 	// EVENT GENERATOR
 	// - generate event with retry mechanism
-	egen := event.NewEventGenerator(client, pInformer.Kyverno().V1alpha1().Policies())
+	egen := event.NewEventGenerator(client, pInformer.Kyverno().V1alpha1().ClusterPolicies())
 
 	// POLICY CONTROLLER
 	// - reconciliation policy and policy violation
 	// - process policy on existing resources
 	// - status aggregator: recieves stats when a policy is applied
 	//					    & updates the policy status
-	pc, err := policy.NewPolicyController(pclient, client, pInformer.Kyverno().V1alpha1().Policies(), pInformer.Kyverno().V1alpha1().PolicyViolations(), egen, kubeInformer.Admissionregistration().V1beta1().MutatingWebhookConfigurations(), webhookRegistrationClient)
+	pc, err := policy.NewPolicyController(pclient, client, pInformer.Kyverno().V1alpha1().ClusterPolicies(), pInformer.Kyverno().V1alpha1().ClusterPolicyViolations(), egen, kubeInformer.Admissionregistration().V1beta1().MutatingWebhookConfigurations(), webhookRegistrationClient)
 	if err != nil {
 		glog.Fatalf("error creating policy controller: %v\n", err)
 	}
@@ -107,14 +107,14 @@ func main() {
 	// POLICY VIOLATION CONTROLLER
 	// policy violation cleanup if the corresponding resource is deleted
 	// status: lastUpdatTime
-	pvc, err := policyviolation.NewPolicyViolationController(client, pclient, pInformer.Kyverno().V1alpha1().Policies(), pInformer.Kyverno().V1alpha1().PolicyViolations())
+	pvc, err := policyviolation.NewPolicyViolationController(client, pclient, pInformer.Kyverno().V1alpha1().ClusterPolicies(), pInformer.Kyverno().V1alpha1().ClusterPolicyViolations())
 	if err != nil {
 		glog.Fatalf("error creating policy violation controller: %v\n", err)
 	}
 
 	// GENERATE CONTROLLER
 	// - watches for Namespace resource and generates resource based on the policy generate rule
-	nsc := namespace.NewNamespaceController(pclient, client, kubeInformer.Core().V1().Namespaces(), pInformer.Kyverno().V1alpha1().Policies(), pInformer.Kyverno().V1alpha1().PolicyViolations(), pc.GetPolicyStatusAggregator(), egen)
+	nsc := namespace.NewNamespaceController(pclient, client, kubeInformer.Core().V1().Namespaces(), pInformer.Kyverno().V1alpha1().ClusterPolicies(), pInformer.Kyverno().V1alpha1().ClusterPolicyViolations(), pc.GetPolicyStatusAggregator(), egen)
 
 	// CONFIGURE CERTIFICATES
 	tlsPair, err := initTLSPemPair(clientConfig, client)
@@ -137,7 +137,7 @@ func main() {
 	// -- annotations on resources with update details on mutation JSON patches
 	// -- generate policy violation resource
 	// -- generate events on policy and resource
-	server, err := webhooks.NewWebhookServer(pclient, client, tlsPair, pInformer.Kyverno().V1alpha1().Policies(), pInformer.Kyverno().V1alpha1().PolicyViolations(), egen, webhookRegistrationClient, pc.GetPolicyStatusAggregator(), filterK8Resources, cleanUp)
+	server, err := webhooks.NewWebhookServer(pclient, client, tlsPair, pInformer.Kyverno().V1alpha1().ClusterPolicies(), pInformer.Kyverno().V1alpha1().ClusterPolicyViolations(), egen, webhookRegistrationClient, pc.GetPolicyStatusAggregator(), filterK8Resources, cleanUp)
 	if err != nil {
 		glog.Fatalf("Unable to create webhook server: %v\n", err)
 	}

pkg/api/kyverno/v1alpha1/register.go

@@ -29,10 +29,14 @@ var (
 // Adds the list of known types to Scheme.
 func addKnownTypes(scheme *runtime.Scheme) error {
 	scheme.AddKnownTypes(SchemeGroupVersion,
-		&Policy{},
+		// &Policy{},
-		&PolicyList{},
+		// &PolicyList{},
-		&PolicyViolation{},
+		// &PolicyViolation{},
-		&PolicyViolationList{},
+		// &PolicyViolationList{},
+		&ClusterPolicy{},
+		&ClusterPolicyList{},
+		&ClusterPolicyViolation{},
+		&ClusterPolicyViolationList{},
 	)
 	metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
 	return nil

pkg/api/kyverno/v1alpha1/types.go

@@ -8,6 +8,34 @@ import (
 // +genclient:nonNamespaced
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 
+// ClusterPolicy ...
+type ClusterPolicy Policy
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// ClusterPolicyList ...
+type ClusterPolicyList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata"`
+	Items           []ClusterPolicy `json:"items"`
+}
+
+// +genclient
+// +genclient:nonNamespaced
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// ClusterPolicyViolation ...
+type ClusterPolicyViolation PolicyViolation
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// ClusterPolicyViolationList ...
+type ClusterPolicyViolationList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata"`
+	Items           []ClusterPolicyViolation `json:"items"`
+}
+
 // Policy contains rules to be applied to created resources
 type Policy struct {
 	metav1.TypeMeta   `json:",inline"`
@@ -103,18 +131,7 @@ type PolicyStatus struct {
 	AvgExecutionTimeGeneration string `json:"averageGenerationRulesExecutionTime"`
 }
 
-// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-
 // PolicyList is a list of Policy resources
-type PolicyList struct {
-	metav1.TypeMeta `json:",inline"`
-	metav1.ListMeta `json:"metadata"`
-	Items           []Policy `json:"items"`
-}
-
-// +genclient
-// +genclient:nonNamespaced
-// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 
 // PolicyViolation stores the information regarinding the resources for which a policy failed to apply
 type PolicyViolation struct {
@@ -152,12 +169,3 @@ type PolicyViolationStatus struct {
 	LastUpdateTime metav1.Time `json:"lastUpdateTime,omitempty"`
 	//TODO: having user information regarding the owner of resource can be helpful
 }
-
-// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-
-// PolicyViolationList is a list of Policy Violation
-type PolicyViolationList struct {
-	metav1.TypeMeta `json:",inline"`
-	metav1.ListMeta `json:"metadata"`
-	Items           []PolicyViolation `json:"items"`
-}

pkg/api/kyverno/v1alpha1/zz_generated.deepcopy.go

@@ -41,6 +41,128 @@ func (in *CloneFrom) DeepCopy() *CloneFrom {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ClusterPolicy) DeepCopyInto(out *ClusterPolicy) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	out.Status = in.Status
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicy.
+func (in *ClusterPolicy) DeepCopy() *ClusterPolicy {
+	if in == nil {
+		return nil
+	}
+	out := new(ClusterPolicy)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ClusterPolicy) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ClusterPolicyList) DeepCopyInto(out *ClusterPolicyList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	out.ListMeta = in.ListMeta
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]ClusterPolicy, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyList.
+func (in *ClusterPolicyList) DeepCopy() *ClusterPolicyList {
+	if in == nil {
+		return nil
+	}
+	out := new(ClusterPolicyList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ClusterPolicyList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ClusterPolicyViolation) DeepCopyInto(out *ClusterPolicyViolation) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	in.Status.DeepCopyInto(&out.Status)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyViolation.
+func (in *ClusterPolicyViolation) DeepCopy() *ClusterPolicyViolation {
+	if in == nil {
+		return nil
+	}
+	out := new(ClusterPolicyViolation)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ClusterPolicyViolation) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ClusterPolicyViolationList) DeepCopyInto(out *ClusterPolicyViolationList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	out.ListMeta = in.ListMeta
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]ClusterPolicyViolation, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyViolationList.
+func (in *ClusterPolicyViolationList) DeepCopy() *ClusterPolicyViolationList {
+	if in == nil {
+		return nil
+	}
+	out := new(ClusterPolicyViolationList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ClusterPolicyViolationList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *ExcludeResources) DeepCopyInto(out *ExcludeResources) {
 	*out = *in
@@ -115,47 +237,6 @@ func (in *Policy) DeepCopy() *Policy {
 	return out
 }
 
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *Policy) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PolicyList) DeepCopyInto(out *PolicyList) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	out.ListMeta = in.ListMeta
-	if in.Items != nil {
-		in, out := &in.Items, &out.Items
-		*out = make([]Policy, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-	return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyList.
-func (in *PolicyList) DeepCopy() *PolicyList {
-	if in == nil {
-		return nil
-	}
-	out := new(PolicyList)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *PolicyList) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *PolicyStatus) DeepCopyInto(out *PolicyStatus) {
 	*out = *in
@@ -192,47 +273,6 @@ func (in *PolicyViolation) DeepCopy() *PolicyViolation {
 	return out
 }
 
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *PolicyViolation) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PolicyViolationList) DeepCopyInto(out *PolicyViolationList) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	out.ListMeta = in.ListMeta
-	if in.Items != nil {
-		in, out := &in.Items, &out.Items
-		*out = make([]PolicyViolation, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-	return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyViolationList.
-func (in *PolicyViolationList) DeepCopy() *PolicyViolationList {
-	if in == nil {
-		return nil
-	}
-	out := new(PolicyViolationList)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *PolicyViolationList) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *PolicyViolationSpec) DeepCopyInto(out *PolicyViolationSpec) {
 	*out = *in

pkg/client/clientset/versioned/typed/kyverno/v1alpha1/clusterpolicy.go

@@ -0,0 +1,180 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package v1alpha1
+
+import (
+	"time"
+
+	v1alpha1 "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
+	scheme "github.com/nirmata/kyverno/pkg/client/clientset/versioned/scheme"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	watch "k8s.io/apimachinery/pkg/watch"
+	rest "k8s.io/client-go/rest"
+)
+
+// ClusterPoliciesGetter has a method to return a ClusterPolicyInterface.
+// A group's client should implement this interface.
+type ClusterPoliciesGetter interface {
+	ClusterPolicies() ClusterPolicyInterface
+}
+
+// ClusterPolicyInterface has methods to work with ClusterPolicy resources.
+type ClusterPolicyInterface interface {
+	Create(*v1alpha1.ClusterPolicy) (*v1alpha1.ClusterPolicy, error)
+	Update(*v1alpha1.ClusterPolicy) (*v1alpha1.ClusterPolicy, error)
+	UpdateStatus(*v1alpha1.ClusterPolicy) (*v1alpha1.ClusterPolicy, error)
+	Delete(name string, options *v1.DeleteOptions) error
+	DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error
+	Get(name string, options v1.GetOptions) (*v1alpha1.ClusterPolicy, error)
+	List(opts v1.ListOptions) (*v1alpha1.ClusterPolicyList, error)
+	Watch(opts v1.ListOptions) (watch.Interface, error)
+	Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.ClusterPolicy, err error)
+	ClusterPolicyExpansion
+}
+
+// clusterPolicies implements ClusterPolicyInterface
+type clusterPolicies struct {
+	client rest.Interface
+}
+
+// newClusterPolicies returns a ClusterPolicies
+func newClusterPolicies(c *KyvernoV1alpha1Client) *clusterPolicies {
+	return &clusterPolicies{
+		client: c.RESTClient(),
+	}
+}
+
+// Get takes name of the clusterPolicy, and returns the corresponding clusterPolicy object, and an error if there is any.
+func (c *clusterPolicies) Get(name string, options v1.GetOptions) (result *v1alpha1.ClusterPolicy, err error) {
+	result = &v1alpha1.ClusterPolicy{}
+	err = c.client.Get().
+		Resource("clusterpolicies").
+		Name(name).
+		VersionedParams(&options, scheme.ParameterCodec).
+		Do().
+		Into(result)
+	return
+}
+
+// List takes label and field selectors, and returns the list of ClusterPolicies that match those selectors.
+func (c *clusterPolicies) List(opts v1.ListOptions) (result *v1alpha1.ClusterPolicyList, err error) {
+	var timeout time.Duration
+	if opts.TimeoutSeconds != nil {
+		timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
+	}
+	result = &v1alpha1.ClusterPolicyList{}
+	err = c.client.Get().
+		Resource("clusterpolicies").
+		VersionedParams(&opts, scheme.ParameterCodec).
+		Timeout(timeout).
+		Do().
+		Into(result)
+	return
+}
+
+// Watch returns a watch.Interface that watches the requested clusterPolicies.
+func (c *clusterPolicies) Watch(opts v1.ListOptions) (watch.Interface, error) {
+	var timeout time.Duration
+	if opts.TimeoutSeconds != nil {
+		timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
+	}
+	opts.Watch = true
+	return c.client.Get().
+		Resource("clusterpolicies").
+		VersionedParams(&opts, scheme.ParameterCodec).
+		Timeout(timeout).
+		Watch()
+}
+
+// Create takes the representation of a clusterPolicy and creates it.  Returns the server's representation of the clusterPolicy, and an error, if there is any.
+func (c *clusterPolicies) Create(clusterPolicy *v1alpha1.ClusterPolicy) (result *v1alpha1.ClusterPolicy, err error) {
+	result = &v1alpha1.ClusterPolicy{}
+	err = c.client.Post().
+		Resource("clusterpolicies").
+		Body(clusterPolicy).
+		Do().
+		Into(result)
+	return
+}
+
+// Update takes the representation of a clusterPolicy and updates it. Returns the server's representation of the clusterPolicy, and an error, if there is any.
+func (c *clusterPolicies) Update(clusterPolicy *v1alpha1.ClusterPolicy) (result *v1alpha1.ClusterPolicy, err error) {
+	result = &v1alpha1.ClusterPolicy{}
+	err = c.client.Put().
+		Resource("clusterpolicies").
+		Name(clusterPolicy.Name).
+		Body(clusterPolicy).
+		Do().
+		Into(result)
+	return
+}
+
+// UpdateStatus was generated because the type contains a Status member.
+// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
+
+func (c *clusterPolicies) UpdateStatus(clusterPolicy *v1alpha1.ClusterPolicy) (result *v1alpha1.ClusterPolicy, err error) {
+	result = &v1alpha1.ClusterPolicy{}
+	err = c.client.Put().
+		Resource("clusterpolicies").
+		Name(clusterPolicy.Name).
+		SubResource("status").
+		Body(clusterPolicy).
+		Do().
+		Into(result)
+	return
+}
+
+// Delete takes name of the clusterPolicy and deletes it. Returns an error if one occurs.
+func (c *clusterPolicies) Delete(name string, options *v1.DeleteOptions) error {
+	return c.client.Delete().
+		Resource("clusterpolicies").
+		Name(name).
+		Body(options).
+		Do().
+		Error()
+}
+
+// DeleteCollection deletes a collection of objects.
+func (c *clusterPolicies) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
+	var timeout time.Duration
+	if listOptions.TimeoutSeconds != nil {
+		timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
+	}
+	return c.client.Delete().
+		Resource("clusterpolicies").
+		VersionedParams(&listOptions, scheme.ParameterCodec).
+		Timeout(timeout).
+		Body(options).
+		Do().
+		Error()
+}
+
+// Patch applies the patch and returns the patched clusterPolicy.
+func (c *clusterPolicies) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.ClusterPolicy, err error) {
+	result = &v1alpha1.ClusterPolicy{}
+	err = c.client.Patch(pt).
+		Resource("clusterpolicies").
+		SubResource(subresources...).
+		Name(name).
+		Body(data).
+		Do().
+		Into(result)
+	return
+}

pkg/client/clientset/versioned/typed/kyverno/v1alpha1/clusterpolicyviolation.go

@@ -0,0 +1,180 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package v1alpha1
+
+import (
+	"time"
+
+	v1alpha1 "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
+	scheme "github.com/nirmata/kyverno/pkg/client/clientset/versioned/scheme"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	watch "k8s.io/apimachinery/pkg/watch"
+	rest "k8s.io/client-go/rest"
+)
+
+// ClusterPolicyViolationsGetter has a method to return a ClusterPolicyViolationInterface.
+// A group's client should implement this interface.
+type ClusterPolicyViolationsGetter interface {
+	ClusterPolicyViolations() ClusterPolicyViolationInterface
+}
+
+// ClusterPolicyViolationInterface has methods to work with ClusterPolicyViolation resources.
+type ClusterPolicyViolationInterface interface {
+	Create(*v1alpha1.ClusterPolicyViolation) (*v1alpha1.ClusterPolicyViolation, error)
+	Update(*v1alpha1.ClusterPolicyViolation) (*v1alpha1.ClusterPolicyViolation, error)
+	UpdateStatus(*v1alpha1.ClusterPolicyViolation) (*v1alpha1.ClusterPolicyViolation, error)
+	Delete(name string, options *v1.DeleteOptions) error
+	DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error
+	Get(name string, options v1.GetOptions) (*v1alpha1.ClusterPolicyViolation, error)
+	List(opts v1.ListOptions) (*v1alpha1.ClusterPolicyViolationList, error)
+	Watch(opts v1.ListOptions) (watch.Interface, error)
+	Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.ClusterPolicyViolation, err error)
+	ClusterPolicyViolationExpansion
+}
+
+// clusterPolicyViolations implements ClusterPolicyViolationInterface
+type clusterPolicyViolations struct {
+	client rest.Interface
+}
+
+// newClusterPolicyViolations returns a ClusterPolicyViolations
+func newClusterPolicyViolations(c *KyvernoV1alpha1Client) *clusterPolicyViolations {
+	return &clusterPolicyViolations{
+		client: c.RESTClient(),
+	}
+}
+
+// Get takes name of the clusterPolicyViolation, and returns the corresponding clusterPolicyViolation object, and an error if there is any.
+func (c *clusterPolicyViolations) Get(name string, options v1.GetOptions) (result *v1alpha1.ClusterPolicyViolation, err error) {
+	result = &v1alpha1.ClusterPolicyViolation{}
+	err = c.client.Get().
+		Resource("clusterpolicyviolations").
+		Name(name).
+		VersionedParams(&options, scheme.ParameterCodec).
+		Do().
+		Into(result)
+	return
+}
+
+// List takes label and field selectors, and returns the list of ClusterPolicyViolations that match those selectors.
+func (c *clusterPolicyViolations) List(opts v1.ListOptions) (result *v1alpha1.ClusterPolicyViolationList, err error) {
+	var timeout time.Duration
+	if opts.TimeoutSeconds != nil {
+		timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
+	}
+	result = &v1alpha1.ClusterPolicyViolationList{}
+	err = c.client.Get().
+		Resource("clusterpolicyviolations").
+		VersionedParams(&opts, scheme.ParameterCodec).
+		Timeout(timeout).
+		Do().
+		Into(result)
+	return
+}
+
+// Watch returns a watch.Interface that watches the requested clusterPolicyViolations.
+func (c *clusterPolicyViolations) Watch(opts v1.ListOptions) (watch.Interface, error) {
+	var timeout time.Duration
+	if opts.TimeoutSeconds != nil {
+		timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
+	}
+	opts.Watch = true
+	return c.client.Get().
+		Resource("clusterpolicyviolations").
+		VersionedParams(&opts, scheme.ParameterCodec).
+		Timeout(timeout).
+		Watch()
+}
+
+// Create takes the representation of a clusterPolicyViolation and creates it.  Returns the server's representation of the clusterPolicyViolation, and an error, if there is any.
+func (c *clusterPolicyViolations) Create(clusterPolicyViolation *v1alpha1.ClusterPolicyViolation) (result *v1alpha1.ClusterPolicyViolation, err error) {
+	result = &v1alpha1.ClusterPolicyViolation{}
+	err = c.client.Post().
+		Resource("clusterpolicyviolations").
+		Body(clusterPolicyViolation).
+		Do().
+		Into(result)
+	return
+}
+
+// Update takes the representation of a clusterPolicyViolation and updates it. Returns the server's representation of the clusterPolicyViolation, and an error, if there is any.
+func (c *clusterPolicyViolations) Update(clusterPolicyViolation *v1alpha1.ClusterPolicyViolation) (result *v1alpha1.ClusterPolicyViolation, err error) {
+	result = &v1alpha1.ClusterPolicyViolation{}
+	err = c.client.Put().
+		Resource("clusterpolicyviolations").
+		Name(clusterPolicyViolation.Name).
+		Body(clusterPolicyViolation).
+		Do().
+		Into(result)
+	return
+}
+
+// UpdateStatus was generated because the type contains a Status member.
+// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
+
+func (c *clusterPolicyViolations) UpdateStatus(clusterPolicyViolation *v1alpha1.ClusterPolicyViolation) (result *v1alpha1.ClusterPolicyViolation, err error) {
+	result = &v1alpha1.ClusterPolicyViolation{}
+	err = c.client.Put().
+		Resource("clusterpolicyviolations").
+		Name(clusterPolicyViolation.Name).
+		SubResource("status").
+		Body(clusterPolicyViolation).
+		Do().
+		Into(result)
+	return
+}
+
+// Delete takes name of the clusterPolicyViolation and deletes it. Returns an error if one occurs.
+func (c *clusterPolicyViolations) Delete(name string, options *v1.DeleteOptions) error {
+	return c.client.Delete().
+		Resource("clusterpolicyviolations").
+		Name(name).
+		Body(options).
+		Do().
+		Error()
+}
+
+// DeleteCollection deletes a collection of objects.
+func (c *clusterPolicyViolations) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
+	var timeout time.Duration
+	if listOptions.TimeoutSeconds != nil {
+		timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
+	}
+	return c.client.Delete().
+		Resource("clusterpolicyviolations").
+		VersionedParams(&listOptions, scheme.ParameterCodec).
+		Timeout(timeout).
+		Body(options).
+		Do().
+		Error()
+}
+
+// Patch applies the patch and returns the patched clusterPolicyViolation.
+func (c *clusterPolicyViolations) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.ClusterPolicyViolation, err error) {
+	result = &v1alpha1.ClusterPolicyViolation{}
+	err = c.client.Patch(pt).
+		Resource("clusterpolicyviolations").
+		SubResource(subresources...).
+		Name(name).
+		Body(data).
+		Do().
+		Into(result)
+	return
+}

pkg/client/clientset/versioned/typed/kyverno/v1alpha1/fake/fake_clusterpolicy.go

@@ -0,0 +1,131 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package fake
+
+import (
+	v1alpha1 "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	labels "k8s.io/apimachinery/pkg/labels"
+	schema "k8s.io/apimachinery/pkg/runtime/schema"
+	types "k8s.io/apimachinery/pkg/types"
+	watch "k8s.io/apimachinery/pkg/watch"
+	testing "k8s.io/client-go/testing"
+)
+
+// FakeClusterPolicies implements ClusterPolicyInterface
+type FakeClusterPolicies struct {
+	Fake *FakeKyvernoV1alpha1
+}
+
+var clusterpoliciesResource = schema.GroupVersionResource{Group: "kyverno.io", Version: "v1alpha1", Resource: "clusterpolicies"}
+
+var clusterpoliciesKind = schema.GroupVersionKind{Group: "kyverno.io", Version: "v1alpha1", Kind: "ClusterPolicy"}
+
+// Get takes name of the clusterPolicy, and returns the corresponding clusterPolicy object, and an error if there is any.
+func (c *FakeClusterPolicies) Get(name string, options v1.GetOptions) (result *v1alpha1.ClusterPolicy, err error) {
+	obj, err := c.Fake.
+		Invokes(testing.NewRootGetAction(clusterpoliciesResource, name), &v1alpha1.ClusterPolicy{})
+	if obj == nil {
+		return nil, err
+	}
+	return obj.(*v1alpha1.ClusterPolicy), err
+}
+
+// List takes label and field selectors, and returns the list of ClusterPolicies that match those selectors.
+func (c *FakeClusterPolicies) List(opts v1.ListOptions) (result *v1alpha1.ClusterPolicyList, err error) {
+	obj, err := c.Fake.
+		Invokes(testing.NewRootListAction(clusterpoliciesResource, clusterpoliciesKind, opts), &v1alpha1.ClusterPolicyList{})
+	if obj == nil {
+		return nil, err
+	}
+
+	label, _, _ := testing.ExtractFromListOptions(opts)
+	if label == nil {
+		label = labels.Everything()
+	}
+	list := &v1alpha1.ClusterPolicyList{ListMeta: obj.(*v1alpha1.ClusterPolicyList).ListMeta}
+	for _, item := range obj.(*v1alpha1.ClusterPolicyList).Items {
+		if label.Matches(labels.Set(item.Labels)) {
+			list.Items = append(list.Items, item)
+		}
+	}
+	return list, err
+}
+
+// Watch returns a watch.Interface that watches the requested clusterPolicies.
+func (c *FakeClusterPolicies) Watch(opts v1.ListOptions) (watch.Interface, error) {
+	return c.Fake.
+		InvokesWatch(testing.NewRootWatchAction(clusterpoliciesResource, opts))
+}
+
+// Create takes the representation of a clusterPolicy and creates it.  Returns the server's representation of the clusterPolicy, and an error, if there is any.
+func (c *FakeClusterPolicies) Create(clusterPolicy *v1alpha1.ClusterPolicy) (result *v1alpha1.ClusterPolicy, err error) {
+	obj, err := c.Fake.
+		Invokes(testing.NewRootCreateAction(clusterpoliciesResource, clusterPolicy), &v1alpha1.ClusterPolicy{})
+	if obj == nil {
+		return nil, err
+	}
+	return obj.(*v1alpha1.ClusterPolicy), err
+}
+
+// Update takes the representation of a clusterPolicy and updates it. Returns the server's representation of the clusterPolicy, and an error, if there is any.
+func (c *FakeClusterPolicies) Update(clusterPolicy *v1alpha1.ClusterPolicy) (result *v1alpha1.ClusterPolicy, err error) {
+	obj, err := c.Fake.
+		Invokes(testing.NewRootUpdateAction(clusterpoliciesResource, clusterPolicy), &v1alpha1.ClusterPolicy{})
+	if obj == nil {
+		return nil, err
+	}
+	return obj.(*v1alpha1.ClusterPolicy), err
+}
+
+// UpdateStatus was generated because the type contains a Status member.
+// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
+func (c *FakeClusterPolicies) UpdateStatus(clusterPolicy *v1alpha1.ClusterPolicy) (*v1alpha1.ClusterPolicy, error) {
+	obj, err := c.Fake.
+		Invokes(testing.NewRootUpdateSubresourceAction(clusterpoliciesResource, "status", clusterPolicy), &v1alpha1.ClusterPolicy{})
+	if obj == nil {
+		return nil, err
+	}
+	return obj.(*v1alpha1.ClusterPolicy), err
+}
+
+// Delete takes name of the clusterPolicy and deletes it. Returns an error if one occurs.
+func (c *FakeClusterPolicies) Delete(name string, options *v1.DeleteOptions) error {
+	_, err := c.Fake.
+		Invokes(testing.NewRootDeleteAction(clusterpoliciesResource, name), &v1alpha1.ClusterPolicy{})
+	return err
+}
+
+// DeleteCollection deletes a collection of objects.
+func (c *FakeClusterPolicies) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
+	action := testing.NewRootDeleteCollectionAction(clusterpoliciesResource, listOptions)
+
+	_, err := c.Fake.Invokes(action, &v1alpha1.ClusterPolicyList{})
+	return err
+}
+
+// Patch applies the patch and returns the patched clusterPolicy.
+func (c *FakeClusterPolicies) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.ClusterPolicy, err error) {
+	obj, err := c.Fake.
+		Invokes(testing.NewRootPatchSubresourceAction(clusterpoliciesResource, name, pt, data, subresources...), &v1alpha1.ClusterPolicy{})
+	if obj == nil {
+		return nil, err
+	}
+	return obj.(*v1alpha1.ClusterPolicy), err
+}

pkg/client/clientset/versioned/typed/kyverno/v1alpha1/fake/fake_clusterpolicyviolation.go

@@ -0,0 +1,131 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package fake
+
+import (
+	v1alpha1 "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	labels "k8s.io/apimachinery/pkg/labels"
+	schema "k8s.io/apimachinery/pkg/runtime/schema"
+	types "k8s.io/apimachinery/pkg/types"
+	watch "k8s.io/apimachinery/pkg/watch"
+	testing "k8s.io/client-go/testing"
+)
+
+// FakeClusterPolicyViolations implements ClusterPolicyViolationInterface
+type FakeClusterPolicyViolations struct {
+	Fake *FakeKyvernoV1alpha1
+}
+
+var clusterpolicyviolationsResource = schema.GroupVersionResource{Group: "kyverno.io", Version: "v1alpha1", Resource: "clusterpolicyviolations"}
+
+var clusterpolicyviolationsKind = schema.GroupVersionKind{Group: "kyverno.io", Version: "v1alpha1", Kind: "ClusterPolicyViolation"}
+
+// Get takes name of the clusterPolicyViolation, and returns the corresponding clusterPolicyViolation object, and an error if there is any.
+func (c *FakeClusterPolicyViolations) Get(name string, options v1.GetOptions) (result *v1alpha1.ClusterPolicyViolation, err error) {
+	obj, err := c.Fake.
+		Invokes(testing.NewRootGetAction(clusterpolicyviolationsResource, name), &v1alpha1.ClusterPolicyViolation{})
+	if obj == nil {
+		return nil, err
+	}
+	return obj.(*v1alpha1.ClusterPolicyViolation), err
+}
+
+// List takes label and field selectors, and returns the list of ClusterPolicyViolations that match those selectors.
+func (c *FakeClusterPolicyViolations) List(opts v1.ListOptions) (result *v1alpha1.ClusterPolicyViolationList, err error) {
+	obj, err := c.Fake.
+		Invokes(testing.NewRootListAction(clusterpolicyviolationsResource, clusterpolicyviolationsKind, opts), &v1alpha1.ClusterPolicyViolationList{})
+	if obj == nil {
+		return nil, err
+	}
+
+	label, _, _ := testing.ExtractFromListOptions(opts)
+	if label == nil {
+		label = labels.Everything()
+	}
+	list := &v1alpha1.ClusterPolicyViolationList{ListMeta: obj.(*v1alpha1.ClusterPolicyViolationList).ListMeta}
+	for _, item := range obj.(*v1alpha1.ClusterPolicyViolationList).Items {
+		if label.Matches(labels.Set(item.Labels)) {
+			list.Items = append(list.Items, item)
+		}
+	}
+	return list, err
+}
+
+// Watch returns a watch.Interface that watches the requested clusterPolicyViolations.
+func (c *FakeClusterPolicyViolations) Watch(opts v1.ListOptions) (watch.Interface, error) {
+	return c.Fake.
+		InvokesWatch(testing.NewRootWatchAction(clusterpolicyviolationsResource, opts))
+}
+
+// Create takes the representation of a clusterPolicyViolation and creates it.  Returns the server's representation of the clusterPolicyViolation, and an error, if there is any.
+func (c *FakeClusterPolicyViolations) Create(clusterPolicyViolation *v1alpha1.ClusterPolicyViolation) (result *v1alpha1.ClusterPolicyViolation, err error) {
+	obj, err := c.Fake.
+		Invokes(testing.NewRootCreateAction(clusterpolicyviolationsResource, clusterPolicyViolation), &v1alpha1.ClusterPolicyViolation{})
+	if obj == nil {
+		return nil, err
+	}
+	return obj.(*v1alpha1.ClusterPolicyViolation), err
+}
+
+// Update takes the representation of a clusterPolicyViolation and updates it. Returns the server's representation of the clusterPolicyViolation, and an error, if there is any.
+func (c *FakeClusterPolicyViolations) Update(clusterPolicyViolation *v1alpha1.ClusterPolicyViolation) (result *v1alpha1.ClusterPolicyViolation, err error) {
+	obj, err := c.Fake.
+		Invokes(testing.NewRootUpdateAction(clusterpolicyviolationsResource, clusterPolicyViolation), &v1alpha1.ClusterPolicyViolation{})
+	if obj == nil {
+		return nil, err
+	}
+	return obj.(*v1alpha1.ClusterPolicyViolation), err
+}
+
+// UpdateStatus was generated because the type contains a Status member.
+// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
+func (c *FakeClusterPolicyViolations) UpdateStatus(clusterPolicyViolation *v1alpha1.ClusterPolicyViolation) (*v1alpha1.ClusterPolicyViolation, error) {
+	obj, err := c.Fake.
+		Invokes(testing.NewRootUpdateSubresourceAction(clusterpolicyviolationsResource, "status", clusterPolicyViolation), &v1alpha1.ClusterPolicyViolation{})
+	if obj == nil {
+		return nil, err
+	}
+	return obj.(*v1alpha1.ClusterPolicyViolation), err
+}
+
+// Delete takes name of the clusterPolicyViolation and deletes it. Returns an error if one occurs.
+func (c *FakeClusterPolicyViolations) Delete(name string, options *v1.DeleteOptions) error {
+	_, err := c.Fake.
+		Invokes(testing.NewRootDeleteAction(clusterpolicyviolationsResource, name), &v1alpha1.ClusterPolicyViolation{})
+	return err
+}
+
+// DeleteCollection deletes a collection of objects.
+func (c *FakeClusterPolicyViolations) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
+	action := testing.NewRootDeleteCollectionAction(clusterpolicyviolationsResource, listOptions)
+
+	_, err := c.Fake.Invokes(action, &v1alpha1.ClusterPolicyViolationList{})
+	return err
+}
+
+// Patch applies the patch and returns the patched clusterPolicyViolation.
+func (c *FakeClusterPolicyViolations) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.ClusterPolicyViolation, err error) {
+	obj, err := c.Fake.
+		Invokes(testing.NewRootPatchSubresourceAction(clusterpolicyviolationsResource, name, pt, data, subresources...), &v1alpha1.ClusterPolicyViolation{})
+	if obj == nil {
+		return nil, err
+	}
+	return obj.(*v1alpha1.ClusterPolicyViolation), err
+}

pkg/client/clientset/versioned/typed/kyverno/v1alpha1/fake/fake_kyverno_client.go

@@ -28,12 +28,12 @@ type FakeKyvernoV1alpha1 struct {
 	*testing.Fake
 }
 
-func (c *FakeKyvernoV1alpha1) Policies() v1alpha1.PolicyInterface {
+func (c *FakeKyvernoV1alpha1) ClusterPolicies() v1alpha1.ClusterPolicyInterface {
-	return &FakePolicies{c}
+	return &FakeClusterPolicies{c}
 }
 
-func (c *FakeKyvernoV1alpha1) PolicyViolations() v1alpha1.PolicyViolationInterface {
+func (c *FakeKyvernoV1alpha1) ClusterPolicyViolations() v1alpha1.ClusterPolicyViolationInterface {
-	return &FakePolicyViolations{c}
+	return &FakeClusterPolicyViolations{c}
 }
 
 // RESTClient returns a RESTClient that is used to communicate

pkg/client/clientset/versioned/typed/kyverno/v1alpha1/fake/fake_policy.go

@@ -1,131 +0,0 @@
-/*
-Copyright The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-// Code generated by client-gen. DO NOT EDIT.
-
-package fake
-
-import (
-	v1alpha1 "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
-	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	labels "k8s.io/apimachinery/pkg/labels"
-	schema "k8s.io/apimachinery/pkg/runtime/schema"
-	types "k8s.io/apimachinery/pkg/types"
-	watch "k8s.io/apimachinery/pkg/watch"
-	testing "k8s.io/client-go/testing"
-)
-
-// FakePolicies implements PolicyInterface
-type FakePolicies struct {
-	Fake *FakeKyvernoV1alpha1
-}
-
-var policiesResource = schema.GroupVersionResource{Group: "kyverno.io", Version: "v1alpha1", Resource: "policies"}
-
-var policiesKind = schema.GroupVersionKind{Group: "kyverno.io", Version: "v1alpha1", Kind: "Policy"}
-
-// Get takes name of the policy, and returns the corresponding policy object, and an error if there is any.
-func (c *FakePolicies) Get(name string, options v1.GetOptions) (result *v1alpha1.Policy, err error) {
-	obj, err := c.Fake.
-		Invokes(testing.NewRootGetAction(policiesResource, name), &v1alpha1.Policy{})
-	if obj == nil {
-		return nil, err
-	}
-	return obj.(*v1alpha1.Policy), err
-}
-
-// List takes label and field selectors, and returns the list of Policies that match those selectors.
-func (c *FakePolicies) List(opts v1.ListOptions) (result *v1alpha1.PolicyList, err error) {
-	obj, err := c.Fake.
-		Invokes(testing.NewRootListAction(policiesResource, policiesKind, opts), &v1alpha1.PolicyList{})
-	if obj == nil {
-		return nil, err
-	}
-
-	label, _, _ := testing.ExtractFromListOptions(opts)
-	if label == nil {
-		label = labels.Everything()
-	}
-	list := &v1alpha1.PolicyList{ListMeta: obj.(*v1alpha1.PolicyList).ListMeta}
-	for _, item := range obj.(*v1alpha1.PolicyList).Items {
-		if label.Matches(labels.Set(item.Labels)) {
-			list.Items = append(list.Items, item)
-		}
-	}
-	return list, err
-}
-
-// Watch returns a watch.Interface that watches the requested policies.
-func (c *FakePolicies) Watch(opts v1.ListOptions) (watch.Interface, error) {
-	return c.Fake.
-		InvokesWatch(testing.NewRootWatchAction(policiesResource, opts))
-}
-
-// Create takes the representation of a policy and creates it.  Returns the server's representation of the policy, and an error, if there is any.
-func (c *FakePolicies) Create(policy *v1alpha1.Policy) (result *v1alpha1.Policy, err error) {
-	obj, err := c.Fake.
-		Invokes(testing.NewRootCreateAction(policiesResource, policy), &v1alpha1.Policy{})
-	if obj == nil {
-		return nil, err
-	}
-	return obj.(*v1alpha1.Policy), err
-}
-
-// Update takes the representation of a policy and updates it. Returns the server's representation of the policy, and an error, if there is any.
-func (c *FakePolicies) Update(policy *v1alpha1.Policy) (result *v1alpha1.Policy, err error) {
-	obj, err := c.Fake.
-		Invokes(testing.NewRootUpdateAction(policiesResource, policy), &v1alpha1.Policy{})
-	if obj == nil {
-		return nil, err
-	}
-	return obj.(*v1alpha1.Policy), err
-}
-
-// UpdateStatus was generated because the type contains a Status member.
-// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
-func (c *FakePolicies) UpdateStatus(policy *v1alpha1.Policy) (*v1alpha1.Policy, error) {
-	obj, err := c.Fake.
-		Invokes(testing.NewRootUpdateSubresourceAction(policiesResource, "status", policy), &v1alpha1.Policy{})
-	if obj == nil {
-		return nil, err
-	}
-	return obj.(*v1alpha1.Policy), err
-}
-
-// Delete takes name of the policy and deletes it. Returns an error if one occurs.
-func (c *FakePolicies) Delete(name string, options *v1.DeleteOptions) error {
-	_, err := c.Fake.
-		Invokes(testing.NewRootDeleteAction(policiesResource, name), &v1alpha1.Policy{})
-	return err
-}
-
-// DeleteCollection deletes a collection of objects.
-func (c *FakePolicies) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
-	action := testing.NewRootDeleteCollectionAction(policiesResource, listOptions)
-
-	_, err := c.Fake.Invokes(action, &v1alpha1.PolicyList{})
-	return err
-}
-
-// Patch applies the patch and returns the patched policy.
-func (c *FakePolicies) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.Policy, err error) {
-	obj, err := c.Fake.
-		Invokes(testing.NewRootPatchSubresourceAction(policiesResource, name, pt, data, subresources...), &v1alpha1.Policy{})
-	if obj == nil {
-		return nil, err
-	}
-	return obj.(*v1alpha1.Policy), err
-}

pkg/client/clientset/versioned/typed/kyverno/v1alpha1/fake/fake_policyviolation.go

@@ -1,131 +0,0 @@
-/*
-Copyright The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-// Code generated by client-gen. DO NOT EDIT.
-
-package fake
-
-import (
-	v1alpha1 "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
-	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	labels "k8s.io/apimachinery/pkg/labels"
-	schema "k8s.io/apimachinery/pkg/runtime/schema"
-	types "k8s.io/apimachinery/pkg/types"
-	watch "k8s.io/apimachinery/pkg/watch"
-	testing "k8s.io/client-go/testing"
-)
-
-// FakePolicyViolations implements PolicyViolationInterface
-type FakePolicyViolations struct {
-	Fake *FakeKyvernoV1alpha1
-}
-
-var policyviolationsResource = schema.GroupVersionResource{Group: "kyverno.io", Version: "v1alpha1", Resource: "policyviolations"}
-
-var policyviolationsKind = schema.GroupVersionKind{Group: "kyverno.io", Version: "v1alpha1", Kind: "PolicyViolation"}
-
-// Get takes name of the policyViolation, and returns the corresponding policyViolation object, and an error if there is any.
-func (c *FakePolicyViolations) Get(name string, options v1.GetOptions) (result *v1alpha1.PolicyViolation, err error) {
-	obj, err := c.Fake.
-		Invokes(testing.NewRootGetAction(policyviolationsResource, name), &v1alpha1.PolicyViolation{})
-	if obj == nil {
-		return nil, err
-	}
-	return obj.(*v1alpha1.PolicyViolation), err
-}
-
-// List takes label and field selectors, and returns the list of PolicyViolations that match those selectors.
-func (c *FakePolicyViolations) List(opts v1.ListOptions) (result *v1alpha1.PolicyViolationList, err error) {
-	obj, err := c.Fake.
-		Invokes(testing.NewRootListAction(policyviolationsResource, policyviolationsKind, opts), &v1alpha1.PolicyViolationList{})
-	if obj == nil {
-		return nil, err
-	}
-
-	label, _, _ := testing.ExtractFromListOptions(opts)
-	if label == nil {
-		label = labels.Everything()
-	}
-	list := &v1alpha1.PolicyViolationList{ListMeta: obj.(*v1alpha1.PolicyViolationList).ListMeta}
-	for _, item := range obj.(*v1alpha1.PolicyViolationList).Items {
-		if label.Matches(labels.Set(item.Labels)) {
-			list.Items = append(list.Items, item)
-		}
-	}
-	return list, err
-}
-
-// Watch returns a watch.Interface that watches the requested policyViolations.
-func (c *FakePolicyViolations) Watch(opts v1.ListOptions) (watch.Interface, error) {
-	return c.Fake.
-		InvokesWatch(testing.NewRootWatchAction(policyviolationsResource, opts))
-}
-
-// Create takes the representation of a policyViolation and creates it.  Returns the server's representation of the policyViolation, and an error, if there is any.
-func (c *FakePolicyViolations) Create(policyViolation *v1alpha1.PolicyViolation) (result *v1alpha1.PolicyViolation, err error) {
-	obj, err := c.Fake.
-		Invokes(testing.NewRootCreateAction(policyviolationsResource, policyViolation), &v1alpha1.PolicyViolation{})
-	if obj == nil {
-		return nil, err
-	}
-	return obj.(*v1alpha1.PolicyViolation), err
-}
-
-// Update takes the representation of a policyViolation and updates it. Returns the server's representation of the policyViolation, and an error, if there is any.
-func (c *FakePolicyViolations) Update(policyViolation *v1alpha1.PolicyViolation) (result *v1alpha1.PolicyViolation, err error) {
-	obj, err := c.Fake.
-		Invokes(testing.NewRootUpdateAction(policyviolationsResource, policyViolation), &v1alpha1.PolicyViolation{})
-	if obj == nil {
-		return nil, err
-	}
-	return obj.(*v1alpha1.PolicyViolation), err
-}
-
-// UpdateStatus was generated because the type contains a Status member.
-// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
-func (c *FakePolicyViolations) UpdateStatus(policyViolation *v1alpha1.PolicyViolation) (*v1alpha1.PolicyViolation, error) {
-	obj, err := c.Fake.
-		Invokes(testing.NewRootUpdateSubresourceAction(policyviolationsResource, "status", policyViolation), &v1alpha1.PolicyViolation{})
-	if obj == nil {
-		return nil, err
-	}
-	return obj.(*v1alpha1.PolicyViolation), err
-}
-
-// Delete takes name of the policyViolation and deletes it. Returns an error if one occurs.
-func (c *FakePolicyViolations) Delete(name string, options *v1.DeleteOptions) error {
-	_, err := c.Fake.
-		Invokes(testing.NewRootDeleteAction(policyviolationsResource, name), &v1alpha1.PolicyViolation{})
-	return err
-}
-
-// DeleteCollection deletes a collection of objects.
-func (c *FakePolicyViolations) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
-	action := testing.NewRootDeleteCollectionAction(policyviolationsResource, listOptions)
-
-	_, err := c.Fake.Invokes(action, &v1alpha1.PolicyViolationList{})
-	return err
-}
-
-// Patch applies the patch and returns the patched policyViolation.
-func (c *FakePolicyViolations) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.PolicyViolation, err error) {
-	obj, err := c.Fake.
-		Invokes(testing.NewRootPatchSubresourceAction(policyviolationsResource, name, pt, data, subresources...), &v1alpha1.PolicyViolation{})
-	if obj == nil {
-		return nil, err
-	}
-	return obj.(*v1alpha1.PolicyViolation), err
-}

pkg/client/clientset/versioned/typed/kyverno/v1alpha1/generated_expansion.go

@@ -18,6 +18,6 @@ limitations under the License.
 
 package v1alpha1
 
-type PolicyExpansion interface{}
+type ClusterPolicyExpansion interface{}
 
-type PolicyViolationExpansion interface{}
+type ClusterPolicyViolationExpansion interface{}

pkg/client/clientset/versioned/typed/kyverno/v1alpha1/kyverno_client.go

@@ -27,8 +27,8 @@ import (
 
 type KyvernoV1alpha1Interface interface {
 	RESTClient() rest.Interface
-	PoliciesGetter
+	ClusterPoliciesGetter
-	PolicyViolationsGetter
+	ClusterPolicyViolationsGetter
 }
 
 // KyvernoV1alpha1Client is used to interact with features provided by the kyverno.io group.
@@ -36,12 +36,12 @@ type KyvernoV1alpha1Client struct {
 	restClient rest.Interface
 }
 
-func (c *KyvernoV1alpha1Client) Policies() PolicyInterface {
+func (c *KyvernoV1alpha1Client) ClusterPolicies() ClusterPolicyInterface {
-	return newPolicies(c)
+	return newClusterPolicies(c)
 }
 
-func (c *KyvernoV1alpha1Client) PolicyViolations() PolicyViolationInterface {
+func (c *KyvernoV1alpha1Client) ClusterPolicyViolations() ClusterPolicyViolationInterface {
-	return newPolicyViolations(c)
+	return newClusterPolicyViolations(c)
 }
 
 // NewForConfig creates a new KyvernoV1alpha1Client for the given config.

pkg/client/clientset/versioned/typed/kyverno/v1alpha1/policy.go

@@ -1,180 +0,0 @@
-/*
-Copyright The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-// Code generated by client-gen. DO NOT EDIT.
-
-package v1alpha1
-
-import (
-	"time"
-
-	v1alpha1 "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
-	scheme "github.com/nirmata/kyverno/pkg/client/clientset/versioned/scheme"
-	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	types "k8s.io/apimachinery/pkg/types"
-	watch "k8s.io/apimachinery/pkg/watch"
-	rest "k8s.io/client-go/rest"
-)
-
-// PoliciesGetter has a method to return a PolicyInterface.
-// A group's client should implement this interface.
-type PoliciesGetter interface {
-	Policies() PolicyInterface
-}
-
-// PolicyInterface has methods to work with Policy resources.
-type PolicyInterface interface {
-	Create(*v1alpha1.Policy) (*v1alpha1.Policy, error)
-	Update(*v1alpha1.Policy) (*v1alpha1.Policy, error)
-	UpdateStatus(*v1alpha1.Policy) (*v1alpha1.Policy, error)
-	Delete(name string, options *v1.DeleteOptions) error
-	DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error
-	Get(name string, options v1.GetOptions) (*v1alpha1.Policy, error)
-	List(opts v1.ListOptions) (*v1alpha1.PolicyList, error)
-	Watch(opts v1.ListOptions) (watch.Interface, error)
-	Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.Policy, err error)
-	PolicyExpansion
-}
-
-// policies implements PolicyInterface
-type policies struct {
-	client rest.Interface
-}
-
-// newPolicies returns a Policies
-func newPolicies(c *KyvernoV1alpha1Client) *policies {
-	return &policies{
-		client: c.RESTClient(),
-	}
-}
-
-// Get takes name of the policy, and returns the corresponding policy object, and an error if there is any.
-func (c *policies) Get(name string, options v1.GetOptions) (result *v1alpha1.Policy, err error) {
-	result = &v1alpha1.Policy{}
-	err = c.client.Get().
-		Resource("policies").
-		Name(name).
-		VersionedParams(&options, scheme.ParameterCodec).
-		Do().
-		Into(result)
-	return
-}
-
-// List takes label and field selectors, and returns the list of Policies that match those selectors.
-func (c *policies) List(opts v1.ListOptions) (result *v1alpha1.PolicyList, err error) {
-	var timeout time.Duration
-	if opts.TimeoutSeconds != nil {
-		timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
-	}
-	result = &v1alpha1.PolicyList{}
-	err = c.client.Get().
-		Resource("policies").
-		VersionedParams(&opts, scheme.ParameterCodec).
-		Timeout(timeout).
-		Do().
-		Into(result)
-	return
-}
-
-// Watch returns a watch.Interface that watches the requested policies.
-func (c *policies) Watch(opts v1.ListOptions) (watch.Interface, error) {
-	var timeout time.Duration
-	if opts.TimeoutSeconds != nil {
-		timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
-	}
-	opts.Watch = true
-	return c.client.Get().
-		Resource("policies").
-		VersionedParams(&opts, scheme.ParameterCodec).
-		Timeout(timeout).
-		Watch()
-}
-
-// Create takes the representation of a policy and creates it.  Returns the server's representation of the policy, and an error, if there is any.
-func (c *policies) Create(policy *v1alpha1.Policy) (result *v1alpha1.Policy, err error) {
-	result = &v1alpha1.Policy{}
-	err = c.client.Post().
-		Resource("policies").
-		Body(policy).
-		Do().
-		Into(result)
-	return
-}
-
-// Update takes the representation of a policy and updates it. Returns the server's representation of the policy, and an error, if there is any.
-func (c *policies) Update(policy *v1alpha1.Policy) (result *v1alpha1.Policy, err error) {
-	result = &v1alpha1.Policy{}
-	err = c.client.Put().
-		Resource("policies").
-		Name(policy.Name).
-		Body(policy).
-		Do().
-		Into(result)
-	return
-}
-
-// UpdateStatus was generated because the type contains a Status member.
-// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
-
-func (c *policies) UpdateStatus(policy *v1alpha1.Policy) (result *v1alpha1.Policy, err error) {
-	result = &v1alpha1.Policy{}
-	err = c.client.Put().
-		Resource("policies").
-		Name(policy.Name).
-		SubResource("status").
-		Body(policy).
-		Do().
-		Into(result)
-	return
-}
-
-// Delete takes name of the policy and deletes it. Returns an error if one occurs.
-func (c *policies) Delete(name string, options *v1.DeleteOptions) error {
-	return c.client.Delete().
-		Resource("policies").
-		Name(name).
-		Body(options).
-		Do().
-		Error()
-}
-
-// DeleteCollection deletes a collection of objects.
-func (c *policies) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
-	var timeout time.Duration
-	if listOptions.TimeoutSeconds != nil {
-		timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
-	}
-	return c.client.Delete().
-		Resource("policies").
-		VersionedParams(&listOptions, scheme.ParameterCodec).
-		Timeout(timeout).
-		Body(options).
-		Do().
-		Error()
-}
-
-// Patch applies the patch and returns the patched policy.
-func (c *policies) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.Policy, err error) {
-	result = &v1alpha1.Policy{}
-	err = c.client.Patch(pt).
-		Resource("policies").
-		SubResource(subresources...).
-		Name(name).
-		Body(data).
-		Do().
-		Into(result)
-	return
-}

pkg/client/clientset/versioned/typed/kyverno/v1alpha1/policyviolation.go

@@ -1,180 +0,0 @@
-/*
-Copyright The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-// Code generated by client-gen. DO NOT EDIT.
-
-package v1alpha1
-
-import (
-	"time"
-
-	v1alpha1 "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
-	scheme "github.com/nirmata/kyverno/pkg/client/clientset/versioned/scheme"
-	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	types "k8s.io/apimachinery/pkg/types"
-	watch "k8s.io/apimachinery/pkg/watch"
-	rest "k8s.io/client-go/rest"
-)
-
-// PolicyViolationsGetter has a method to return a PolicyViolationInterface.
-// A group's client should implement this interface.
-type PolicyViolationsGetter interface {
-	PolicyViolations() PolicyViolationInterface
-}
-
-// PolicyViolationInterface has methods to work with PolicyViolation resources.
-type PolicyViolationInterface interface {
-	Create(*v1alpha1.PolicyViolation) (*v1alpha1.PolicyViolation, error)
-	Update(*v1alpha1.PolicyViolation) (*v1alpha1.PolicyViolation, error)
-	UpdateStatus(*v1alpha1.PolicyViolation) (*v1alpha1.PolicyViolation, error)
-	Delete(name string, options *v1.DeleteOptions) error
-	DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error
-	Get(name string, options v1.GetOptions) (*v1alpha1.PolicyViolation, error)
-	List(opts v1.ListOptions) (*v1alpha1.PolicyViolationList, error)
-	Watch(opts v1.ListOptions) (watch.Interface, error)
-	Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.PolicyViolation, err error)
-	PolicyViolationExpansion
-}
-
-// policyViolations implements PolicyViolationInterface
-type policyViolations struct {
-	client rest.Interface
-}
-
-// newPolicyViolations returns a PolicyViolations
-func newPolicyViolations(c *KyvernoV1alpha1Client) *policyViolations {
-	return &policyViolations{
-		client: c.RESTClient(),
-	}
-}
-
-// Get takes name of the policyViolation, and returns the corresponding policyViolation object, and an error if there is any.
-func (c *policyViolations) Get(name string, options v1.GetOptions) (result *v1alpha1.PolicyViolation, err error) {
-	result = &v1alpha1.PolicyViolation{}
-	err = c.client.Get().
-		Resource("policyviolations").
-		Name(name).
-		VersionedParams(&options, scheme.ParameterCodec).
-		Do().
-		Into(result)
-	return
-}
-
-// List takes label and field selectors, and returns the list of PolicyViolations that match those selectors.
-func (c *policyViolations) List(opts v1.ListOptions) (result *v1alpha1.PolicyViolationList, err error) {
-	var timeout time.Duration
-	if opts.TimeoutSeconds != nil {
-		timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
-	}
-	result = &v1alpha1.PolicyViolationList{}
-	err = c.client.Get().
-		Resource("policyviolations").
-		VersionedParams(&opts, scheme.ParameterCodec).
-		Timeout(timeout).
-		Do().
-		Into(result)
-	return
-}
-
-// Watch returns a watch.Interface that watches the requested policyViolations.
-func (c *policyViolations) Watch(opts v1.ListOptions) (watch.Interface, error) {
-	var timeout time.Duration
-	if opts.TimeoutSeconds != nil {
-		timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
-	}
-	opts.Watch = true
-	return c.client.Get().
-		Resource("policyviolations").
-		VersionedParams(&opts, scheme.ParameterCodec).
-		Timeout(timeout).
-		Watch()
-}
-
-// Create takes the representation of a policyViolation and creates it.  Returns the server's representation of the policyViolation, and an error, if there is any.
-func (c *policyViolations) Create(policyViolation *v1alpha1.PolicyViolation) (result *v1alpha1.PolicyViolation, err error) {
-	result = &v1alpha1.PolicyViolation{}
-	err = c.client.Post().
-		Resource("policyviolations").
-		Body(policyViolation).
-		Do().
-		Into(result)
-	return
-}
-
-// Update takes the representation of a policyViolation and updates it. Returns the server's representation of the policyViolation, and an error, if there is any.
-func (c *policyViolations) Update(policyViolation *v1alpha1.PolicyViolation) (result *v1alpha1.PolicyViolation, err error) {
-	result = &v1alpha1.PolicyViolation{}
-	err = c.client.Put().
-		Resource("policyviolations").
-		Name(policyViolation.Name).
-		Body(policyViolation).
-		Do().
-		Into(result)
-	return
-}
-
-// UpdateStatus was generated because the type contains a Status member.
-// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
-
-func (c *policyViolations) UpdateStatus(policyViolation *v1alpha1.PolicyViolation) (result *v1alpha1.PolicyViolation, err error) {
-	result = &v1alpha1.PolicyViolation{}
-	err = c.client.Put().
-		Resource("policyviolations").
-		Name(policyViolation.Name).
-		SubResource("status").
-		Body(policyViolation).
-		Do().
-		Into(result)
-	return
-}
-
-// Delete takes name of the policyViolation and deletes it. Returns an error if one occurs.
-func (c *policyViolations) Delete(name string, options *v1.DeleteOptions) error {
-	return c.client.Delete().
-		Resource("policyviolations").
-		Name(name).
-		Body(options).
-		Do().
-		Error()
-}
-
-// DeleteCollection deletes a collection of objects.
-func (c *policyViolations) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
-	var timeout time.Duration
-	if listOptions.TimeoutSeconds != nil {
-		timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
-	}
-	return c.client.Delete().
-		Resource("policyviolations").
-		VersionedParams(&listOptions, scheme.ParameterCodec).
-		Timeout(timeout).
-		Body(options).
-		Do().
-		Error()
-}
-
-// Patch applies the patch and returns the patched policyViolation.
-func (c *policyViolations) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.PolicyViolation, err error) {
-	result = &v1alpha1.PolicyViolation{}
-	err = c.client.Patch(pt).
-		Resource("policyviolations").
-		SubResource(subresources...).
-		Name(name).
-		Body(data).
-		Do().
-		Into(result)
-	return
-}

pkg/client/informers/externalversions/generic.go

@@ -53,10 +53,10 @@ func (f *genericInformer) Lister() cache.GenericLister {
 func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) {
 	switch resource {
 	// Group=kyverno.io, Version=v1alpha1
-	case v1alpha1.SchemeGroupVersion.WithResource("policies"):
+	case v1alpha1.SchemeGroupVersion.WithResource("clusterpolicies"):
-		return &genericInformer{resource: resource.GroupResource(), informer: f.Kyverno().V1alpha1().Policies().Informer()}, nil
+		return &genericInformer{resource: resource.GroupResource(), informer: f.Kyverno().V1alpha1().ClusterPolicies().Informer()}, nil
-	case v1alpha1.SchemeGroupVersion.WithResource("policyviolations"):
+	case v1alpha1.SchemeGroupVersion.WithResource("clusterpolicyviolations"):
-		return &genericInformer{resource: resource.GroupResource(), informer: f.Kyverno().V1alpha1().PolicyViolations().Informer()}, nil
+		return &genericInformer{resource: resource.GroupResource(), informer: f.Kyverno().V1alpha1().ClusterPolicyViolations().Informer()}, nil
 
 	}
 

pkg/client/informers/externalversions/kyverno/v1alpha1/clusterpolicy.go

@@ -31,58 +31,58 @@ import (
 	cache "k8s.io/client-go/tools/cache"
 )
 
-// PolicyInformer provides access to a shared informer and lister for
+// ClusterPolicyInformer provides access to a shared informer and lister for
-// Policies.
+// ClusterPolicies.
-type PolicyInformer interface {
+type ClusterPolicyInformer interface {
 	Informer() cache.SharedIndexInformer
-	Lister() v1alpha1.PolicyLister
+	Lister() v1alpha1.ClusterPolicyLister
 }
 
-type policyInformer struct {
+type clusterPolicyInformer struct {
 	factory          internalinterfaces.SharedInformerFactory
 	tweakListOptions internalinterfaces.TweakListOptionsFunc
 }
 
-// NewPolicyInformer constructs a new informer for Policy type.
+// NewClusterPolicyInformer constructs a new informer for ClusterPolicy type.
 // Always prefer using an informer factory to get a shared informer instead of getting an independent
 // one. This reduces memory footprint and number of connections to the server.
-func NewPolicyInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
+func NewClusterPolicyInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
-	return NewFilteredPolicyInformer(client, resyncPeriod, indexers, nil)
+	return NewFilteredClusterPolicyInformer(client, resyncPeriod, indexers, nil)
 }
 
-// NewFilteredPolicyInformer constructs a new informer for Policy type.
+// NewFilteredClusterPolicyInformer constructs a new informer for ClusterPolicy type.
 // Always prefer using an informer factory to get a shared informer instead of getting an independent
 // one. This reduces memory footprint and number of connections to the server.
-func NewFilteredPolicyInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
+func NewFilteredClusterPolicyInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
 	return cache.NewSharedIndexInformer(
 		&cache.ListWatch{
 			ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.KyvernoV1alpha1().Policies().List(options)
+				return client.KyvernoV1alpha1().ClusterPolicies().List(options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.KyvernoV1alpha1().Policies().Watch(options)
+				return client.KyvernoV1alpha1().ClusterPolicies().Watch(options)
 			},
 		},
-		&kyvernov1alpha1.Policy{},
+		&kyvernov1alpha1.ClusterPolicy{},
 		resyncPeriod,
 		indexers,
 	)
 }
 
-func (f *policyInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
+func (f *clusterPolicyInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
-	return NewFilteredPolicyInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
+	return NewFilteredClusterPolicyInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
 }
 
-func (f *policyInformer) Informer() cache.SharedIndexInformer {
+func (f *clusterPolicyInformer) Informer() cache.SharedIndexInformer {
-	return f.factory.InformerFor(&kyvernov1alpha1.Policy{}, f.defaultInformer)
+	return f.factory.InformerFor(&kyvernov1alpha1.ClusterPolicy{}, f.defaultInformer)
 }
 
-func (f *policyInformer) Lister() v1alpha1.PolicyLister {
+func (f *clusterPolicyInformer) Lister() v1alpha1.ClusterPolicyLister {
-	return v1alpha1.NewPolicyLister(f.Informer().GetIndexer())
+	return v1alpha1.NewClusterPolicyLister(f.Informer().GetIndexer())
 }

pkg/client/informers/externalversions/kyverno/v1alpha1/clusterpolicyviolation.go

@@ -31,58 +31,58 @@ import (
 	cache "k8s.io/client-go/tools/cache"
 )
 
-// PolicyViolationInformer provides access to a shared informer and lister for
+// ClusterPolicyViolationInformer provides access to a shared informer and lister for
-// PolicyViolations.
+// ClusterPolicyViolations.
-type PolicyViolationInformer interface {
+type ClusterPolicyViolationInformer interface {
 	Informer() cache.SharedIndexInformer
-	Lister() v1alpha1.PolicyViolationLister
+	Lister() v1alpha1.ClusterPolicyViolationLister
 }
 
-type policyViolationInformer struct {
+type clusterPolicyViolationInformer struct {
 	factory          internalinterfaces.SharedInformerFactory
 	tweakListOptions internalinterfaces.TweakListOptionsFunc
 }
 
-// NewPolicyViolationInformer constructs a new informer for PolicyViolation type.
+// NewClusterPolicyViolationInformer constructs a new informer for ClusterPolicyViolation type.
 // Always prefer using an informer factory to get a shared informer instead of getting an independent
 // one. This reduces memory footprint and number of connections to the server.
-func NewPolicyViolationInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
+func NewClusterPolicyViolationInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
-	return NewFilteredPolicyViolationInformer(client, resyncPeriod, indexers, nil)
+	return NewFilteredClusterPolicyViolationInformer(client, resyncPeriod, indexers, nil)
 }
 
-// NewFilteredPolicyViolationInformer constructs a new informer for PolicyViolation type.
+// NewFilteredClusterPolicyViolationInformer constructs a new informer for ClusterPolicyViolation type.
 // Always prefer using an informer factory to get a shared informer instead of getting an independent
 // one. This reduces memory footprint and number of connections to the server.
-func NewFilteredPolicyViolationInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
+func NewFilteredClusterPolicyViolationInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
 	return cache.NewSharedIndexInformer(
 		&cache.ListWatch{
 			ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.KyvernoV1alpha1().PolicyViolations().List(options)
+				return client.KyvernoV1alpha1().ClusterPolicyViolations().List(options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.KyvernoV1alpha1().PolicyViolations().Watch(options)
+				return client.KyvernoV1alpha1().ClusterPolicyViolations().Watch(options)
 			},
 		},
-		&kyvernov1alpha1.PolicyViolation{},
+		&kyvernov1alpha1.ClusterPolicyViolation{},
 		resyncPeriod,
 		indexers,
 	)
 }
 
-func (f *policyViolationInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
+func (f *clusterPolicyViolationInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
-	return NewFilteredPolicyViolationInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
+	return NewFilteredClusterPolicyViolationInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
 }
 
-func (f *policyViolationInformer) Informer() cache.SharedIndexInformer {
+func (f *clusterPolicyViolationInformer) Informer() cache.SharedIndexInformer {
-	return f.factory.InformerFor(&kyvernov1alpha1.PolicyViolation{}, f.defaultInformer)
+	return f.factory.InformerFor(&kyvernov1alpha1.ClusterPolicyViolation{}, f.defaultInformer)
 }
 
-func (f *policyViolationInformer) Lister() v1alpha1.PolicyViolationLister {
+func (f *clusterPolicyViolationInformer) Lister() v1alpha1.ClusterPolicyViolationLister {
-	return v1alpha1.NewPolicyViolationLister(f.Informer().GetIndexer())
+	return v1alpha1.NewClusterPolicyViolationLister(f.Informer().GetIndexer())
 }

pkg/client/informers/externalversions/kyverno/v1alpha1/interface.go

@@ -24,10 +24,10 @@ import (
 
 // Interface provides access to all the informers in this group version.
 type Interface interface {
-	// Policies returns a PolicyInformer.
+	// ClusterPolicies returns a ClusterPolicyInformer.
-	Policies() PolicyInformer
+	ClusterPolicies() ClusterPolicyInformer
-	// PolicyViolations returns a PolicyViolationInformer.
+	// ClusterPolicyViolations returns a ClusterPolicyViolationInformer.
-	PolicyViolations() PolicyViolationInformer
+	ClusterPolicyViolations() ClusterPolicyViolationInformer
 }
 
 type version struct {
@@ -41,12 +41,12 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
 	return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
 }
 
-// Policies returns a PolicyInformer.
+// ClusterPolicies returns a ClusterPolicyInformer.
-func (v *version) Policies() PolicyInformer {
+func (v *version) ClusterPolicies() ClusterPolicyInformer {
-	return &policyInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
+	return &clusterPolicyInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
 }
 
-// PolicyViolations returns a PolicyViolationInformer.
+// ClusterPolicyViolations returns a ClusterPolicyViolationInformer.
-func (v *version) PolicyViolations() PolicyViolationInformer {
+func (v *version) ClusterPolicyViolations() ClusterPolicyViolationInformer {
-	return &policyViolationInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
+	return &clusterPolicyViolationInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
 }

pkg/client/listers/kyverno/v1alpha1/clusterpolicy.go

@@ -0,0 +1,65 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by lister-gen. DO NOT EDIT.
+
+package v1alpha1
+
+import (
+	v1alpha1 "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
+	"k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/labels"
+	"k8s.io/client-go/tools/cache"
+)
+
+// ClusterPolicyLister helps list ClusterPolicies.
+type ClusterPolicyLister interface {
+	// List lists all ClusterPolicies in the indexer.
+	List(selector labels.Selector) (ret []*v1alpha1.ClusterPolicy, err error)
+	// Get retrieves the ClusterPolicy from the index for a given name.
+	Get(name string) (*v1alpha1.ClusterPolicy, error)
+	ClusterPolicyListerExpansion
+}
+
+// clusterPolicyLister implements the ClusterPolicyLister interface.
+type clusterPolicyLister struct {
+	indexer cache.Indexer
+}
+
+// NewClusterPolicyLister returns a new ClusterPolicyLister.
+func NewClusterPolicyLister(indexer cache.Indexer) ClusterPolicyLister {
+	return &clusterPolicyLister{indexer: indexer}
+}
+
+// List lists all ClusterPolicies in the indexer.
+func (s *clusterPolicyLister) List(selector labels.Selector) (ret []*v1alpha1.ClusterPolicy, err error) {
+	err = cache.ListAll(s.indexer, selector, func(m interface{}) {
+		ret = append(ret, m.(*v1alpha1.ClusterPolicy))
+	})
+	return ret, err
+}
+
+// Get retrieves the ClusterPolicy from the index for a given name.
+func (s *clusterPolicyLister) Get(name string) (*v1alpha1.ClusterPolicy, error) {
+	obj, exists, err := s.indexer.GetByKey(name)
+	if err != nil {
+		return nil, err
+	}
+	if !exists {
+		return nil, errors.NewNotFound(v1alpha1.Resource("clusterpolicy"), name)
+	}
+	return obj.(*v1alpha1.ClusterPolicy), nil
+}

pkg/client/listers/kyverno/v1alpha1/clusterpolicyviolation.go

@@ -0,0 +1,65 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by lister-gen. DO NOT EDIT.
+
+package v1alpha1
+
+import (
+	v1alpha1 "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
+	"k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/labels"
+	"k8s.io/client-go/tools/cache"
+)
+
+// ClusterPolicyViolationLister helps list ClusterPolicyViolations.
+type ClusterPolicyViolationLister interface {
+	// List lists all ClusterPolicyViolations in the indexer.
+	List(selector labels.Selector) (ret []*v1alpha1.ClusterPolicyViolation, err error)
+	// Get retrieves the ClusterPolicyViolation from the index for a given name.
+	Get(name string) (*v1alpha1.ClusterPolicyViolation, error)
+	ClusterPolicyViolationListerExpansion
+}
+
+// clusterPolicyViolationLister implements the ClusterPolicyViolationLister interface.
+type clusterPolicyViolationLister struct {
+	indexer cache.Indexer
+}
+
+// NewClusterPolicyViolationLister returns a new ClusterPolicyViolationLister.
+func NewClusterPolicyViolationLister(indexer cache.Indexer) ClusterPolicyViolationLister {
+	return &clusterPolicyViolationLister{indexer: indexer}
+}
+
+// List lists all ClusterPolicyViolations in the indexer.
+func (s *clusterPolicyViolationLister) List(selector labels.Selector) (ret []*v1alpha1.ClusterPolicyViolation, err error) {
+	err = cache.ListAll(s.indexer, selector, func(m interface{}) {
+		ret = append(ret, m.(*v1alpha1.ClusterPolicyViolation))
+	})
+	return ret, err
+}
+
+// Get retrieves the ClusterPolicyViolation from the index for a given name.
+func (s *clusterPolicyViolationLister) Get(name string) (*v1alpha1.ClusterPolicyViolation, error) {
+	obj, exists, err := s.indexer.GetByKey(name)
+	if err != nil {
+		return nil, err
+	}
+	if !exists {
+		return nil, errors.NewNotFound(v1alpha1.Resource("clusterpolicyviolation"), name)
+	}
+	return obj.(*v1alpha1.ClusterPolicyViolation), nil
+}

pkg/client/listers/kyverno/v1alpha1/expansion_generated.go

@@ -29,40 +29,48 @@ import (
 
 // PolicyListerExpansion allows custom methods to be added to
 // PolicyLister.
-type PolicyListerExpansion interface {
+type PolicyListerExpansion interface{}
-	GetPolicyForPolicyViolation(pv *kyverno.PolicyViolation) ([]*kyverno.Policy, error)
+
-	ListResources(selector labels.Selector) (ret []*v1alpha1.Policy, err error)
+// PolicyViolationListerExpansion allows custom methods to be added to
+// PolicyViolationLister.
+type PolicyViolationListerExpansion interface{}
+
+// PolicyListerExpansion allows custom methods to be added to
+// PolicyLister.
+type ClusterPolicyListerExpansion interface {
+	GetPolicyForPolicyViolation(pv *kyverno.ClusterPolicyViolation) ([]*kyverno.ClusterPolicy, error)
+	ListResources(selector labels.Selector) (ret []*v1alpha1.ClusterPolicy, err error)
 }
 
 // PolicyViolationListerExpansion allows custom methods to be added to
 // PolicyViolationLister.
-type PolicyViolationListerExpansion interface {
+type ClusterPolicyViolationListerExpansion interface {
 	// List lists all PolicyViolations in the indexer with GVK.
 	// List lists all PolicyViolations in the indexer with GVK.
-	ListResources(selector labels.Selector) (ret []*v1alpha1.PolicyViolation, err error)
+	ListResources(selector labels.Selector) (ret []*v1alpha1.ClusterPolicyViolation, err error)
 }
 
 //ListResources is a wrapper to List and adds the resource kind information
 // as the lister is specific to a gvk we can harcode the values here
-func (pvl *policyViolationLister) ListResources(selector labels.Selector) (ret []*v1alpha1.PolicyViolation, err error) {
+func (pvl *clusterPolicyViolationLister) ListResources(selector labels.Selector) (ret []*v1alpha1.ClusterPolicyViolation, err error) {
 	policyviolations, err := pvl.List(selector)
 	for index := range policyviolations {
-		policyviolations[index].SetGroupVersionKind(kyverno.SchemeGroupVersion.WithKind("PolicyViolation"))
+		policyviolations[index].SetGroupVersionKind(kyverno.SchemeGroupVersion.WithKind("ClusterPolicyViolation"))
 	}
 	return policyviolations, nil
 }
 
 //ListResources is a wrapper to List and adds the resource kind information
 // as the lister is specific to a gvk we can harcode the values here
-func (pl *policyLister) ListResources(selector labels.Selector) (ret []*v1alpha1.Policy, err error) {
+func (pl *clusterPolicyLister) ListResources(selector labels.Selector) (ret []*v1alpha1.ClusterPolicy, err error) {
 	policies, err := pl.List(selector)
 	for index := range policies {
-		policies[index].SetGroupVersionKind(kyverno.SchemeGroupVersion.WithKind("Policy"))
+		policies[index].SetGroupVersionKind(kyverno.SchemeGroupVersion.WithKind("ClusterPolicy"))
 	}
 	return policies, err
 }
 
-func (pl *policyLister) GetPolicyForPolicyViolation(pv *kyverno.PolicyViolation) ([]*kyverno.Policy, error) {
+func (pl *clusterPolicyLister) GetPolicyForPolicyViolation(pv *kyverno.ClusterPolicyViolation) ([]*kyverno.ClusterPolicy, error) {
 	if len(pv.Labels) == 0 {
 		return nil, fmt.Errorf("no Policy found for PolicyViolation %v because it has no labels", pv.Name)
 	}
@@ -72,7 +80,7 @@ func (pl *policyLister) GetPolicyForPolicyViolation(pv *kyverno.PolicyViolation)
 		return nil, err
 	}
 
-	var policies []*kyverno.Policy
+	var policies []*kyverno.ClusterPolicy
 	for _, p := range pList {
 		policyLabelmap := map[string]string{"policy": p.Name}
 

pkg/client/listers/kyverno/v1alpha1/policy.go

@@ -1,65 +0,0 @@
-/*
-Copyright The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-// Code generated by lister-gen. DO NOT EDIT.
-
-package v1alpha1
-
-import (
-	v1alpha1 "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
-	"k8s.io/apimachinery/pkg/api/errors"
-	"k8s.io/apimachinery/pkg/labels"
-	"k8s.io/client-go/tools/cache"
-)
-
-// PolicyLister helps list Policies.
-type PolicyLister interface {
-	// List lists all Policies in the indexer.
-	List(selector labels.Selector) (ret []*v1alpha1.Policy, err error)
-	// Get retrieves the Policy from the index for a given name.
-	Get(name string) (*v1alpha1.Policy, error)
-	PolicyListerExpansion
-}
-
-// policyLister implements the PolicyLister interface.
-type policyLister struct {
-	indexer cache.Indexer
-}
-
-// NewPolicyLister returns a new PolicyLister.
-func NewPolicyLister(indexer cache.Indexer) PolicyLister {
-	return &policyLister{indexer: indexer}
-}
-
-// List lists all Policies in the indexer.
-func (s *policyLister) List(selector labels.Selector) (ret []*v1alpha1.Policy, err error) {
-	err = cache.ListAll(s.indexer, selector, func(m interface{}) {
-		ret = append(ret, m.(*v1alpha1.Policy))
-	})
-	return ret, err
-}
-
-// Get retrieves the Policy from the index for a given name.
-func (s *policyLister) Get(name string) (*v1alpha1.Policy, error) {
-	obj, exists, err := s.indexer.GetByKey(name)
-	if err != nil {
-		return nil, err
-	}
-	if !exists {
-		return nil, errors.NewNotFound(v1alpha1.Resource("policy"), name)
-	}
-	return obj.(*v1alpha1.Policy), nil
-}

pkg/client/listers/kyverno/v1alpha1/policyviolation.go

@@ -1,65 +0,0 @@
-/*
-Copyright The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-// Code generated by lister-gen. DO NOT EDIT.
-
-package v1alpha1
-
-import (
-	v1alpha1 "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
-	"k8s.io/apimachinery/pkg/api/errors"
-	"k8s.io/apimachinery/pkg/labels"
-	"k8s.io/client-go/tools/cache"
-)
-
-// PolicyViolationLister helps list PolicyViolations.
-type PolicyViolationLister interface {
-	// List lists all PolicyViolations in the indexer.
-	List(selector labels.Selector) (ret []*v1alpha1.PolicyViolation, err error)
-	// Get retrieves the PolicyViolation from the index for a given name.
-	Get(name string) (*v1alpha1.PolicyViolation, error)
-	PolicyViolationListerExpansion
-}
-
-// policyViolationLister implements the PolicyViolationLister interface.
-type policyViolationLister struct {
-	indexer cache.Indexer
-}
-
-// NewPolicyViolationLister returns a new PolicyViolationLister.
-func NewPolicyViolationLister(indexer cache.Indexer) PolicyViolationLister {
-	return &policyViolationLister{indexer: indexer}
-}
-
-// List lists all PolicyViolations in the indexer.
-func (s *policyViolationLister) List(selector labels.Selector) (ret []*v1alpha1.PolicyViolation, err error) {
-	err = cache.ListAll(s.indexer, selector, func(m interface{}) {
-		ret = append(ret, m.(*v1alpha1.PolicyViolation))
-	})
-	return ret, err
-}
-
-// Get retrieves the PolicyViolation from the index for a given name.
-func (s *policyViolationLister) Get(name string) (*v1alpha1.PolicyViolation, error) {
-	obj, exists, err := s.indexer.GetByKey(name)
-	if err != nil {
-		return nil, err
-	}
-	if !exists {
-		return nil, errors.NewNotFound(v1alpha1.Resource("policyviolation"), name)
-	}
-	return obj.(*v1alpha1.PolicyViolation), nil
-}

pkg/config/config.go

@@ -13,7 +13,7 @@ const (
 
 	ValidatingWebhookConfigurationName  = "kyverno-validating-webhook-cfg"
 	ValidatingWebhookConfigurationDebug = "kyverno-validating-webhook-cfg-debug"
-	ValidatingWebhookName               = "nirmata.kyverno.validating-webhook"
+	ValidatingWebhookName               = "nirmata.kyverno.policy-validating-webhook"
 
 	PolicyValidatingWebhookConfigurationName      = "kyverno-policy-validating-webhook-cfg"
 	PolicyValidatingWebhookConfigurationDebugName = "kyverno-policy-validating-webhook-cfg-debug"

pkg/dclient/client_test.go

@@ -3,7 +3,7 @@ package client
 import (
 	"testing"
 
-	policytypes "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
+	kyverno "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
 
 	meta "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -128,9 +128,9 @@ func TestGenerateResource(t *testing.T) {
 	if err != nil {
 		t.Errorf("CreateResource not working: %s", err)
 	}
-	gen := policytypes.Generation{Kind: "TheKind",
+	gen := kyverno.Generation{Kind: "TheKind",
 		Name:  "gen-kind",
-		Clone: policytypes.CloneFrom{Namespace: "ns-foo", Name: "name-foo"}}
+		Clone: kyverno.CloneFrom{Namespace: "ns-foo", Name: "name-foo"}}
 	err = f.client.GenerateResource(gen, ns.GetName(), false)
 	if err != nil {
 		t.Errorf("GenerateResource not working: %s", err)
@@ -140,7 +140,7 @@ func TestGenerateResource(t *testing.T) {
 		t.Errorf("GetResource not working: %s", err)
 	}
 	// GenerateResource -> data
-	gen = policytypes.Generation{Kind: "TheKind",
+	gen = kyverno.Generation{Kind: "TheKind",
 		Name: "name2-baz-new",
 		Data: newUnstructured("group2/version", "TheKind", "ns1", "name2-baz-new")}
 	err = f.client.GenerateResource(gen, ns.GetName(), false)

pkg/dclient/violation.go

@@ -1,11 +1,11 @@
 package client
 
 import (
-	kyvernov1alpha1 "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
+	kyvernov "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
 )
 
 //CreatePolicyViolation create a Policy Violation resource
-func (c *Client) CreatePolicyViolation(pv kyvernov1alpha1.PolicyViolation) error {
+func (c *Client) CreatePolicyViolation(pv kyvernov.ClusterPolicyViolation) error {
 	_, err := c.CreateResource("PolicyViolation", ",", pv, false)
 	return err
 }

pkg/engine/generation.go

@@ -16,7 +16,7 @@ import (
 )
 
 //Generate apply generation rules on a resource
-func Generate(client *client.Client, policy kyverno.Policy, ns unstructured.Unstructured) (response EngineResponseNew) {
+func Generate(client *client.Client, policy kyverno.ClusterPolicy, ns unstructured.Unstructured) (response EngineResponseNew) {
 	startTime := time.Now()
 	// policy information
 	func() {

pkg/engine/mutation.go

@@ -125,7 +125,7 @@ import (
 // }
 
 //MutateNew ...
-func MutateNew(policy kyverno.Policy, resource unstructured.Unstructured) (response EngineResponseNew) {
+func MutateNew(policy kyverno.ClusterPolicy, resource unstructured.Unstructured) (response EngineResponseNew) {
 	startTime := time.Now()
 	// policy information
 	func() {

pkg/engine/validation.go

@@ -342,7 +342,7 @@ func validateArrayOfMaps(resourceMapArray []interface{}, patternMap map[string]i
 }
 
 //ValidateNew ...
-func ValidateNew(policy kyverno.Policy, resource unstructured.Unstructured) (response EngineResponseNew) {
+func ValidateNew(policy kyverno.ClusterPolicy, resource unstructured.Unstructured) (response EngineResponseNew) {
 	startTime := time.Now()
 	// policy information
 	func() {

pkg/event/controller.go

@@ -21,7 +21,7 @@ import (
 //Generator generate events
 type Generator struct {
 	client   *client.Client
-	pLister  kyvernolister.PolicyLister
+	pLister  kyvernolister.ClusterPolicyLister
 	queue    workqueue.RateLimitingInterface
 	recorder record.EventRecorder
 }
@@ -33,7 +33,7 @@ type Interface interface {
 
 //NewEventGenerator to generate a new event controller
 func NewEventGenerator(client *client.Client,
-	pInformer kyvernoinformer.PolicyInformer) *Generator {
+	pInformer kyvernoinformer.ClusterPolicyInformer) *Generator {
 
 	gen := Generator{
 		client:   client,

pkg/kyverno/apply/apply.go

@@ -50,7 +50,7 @@ func NewCmdApply(in io.Reader, out, errout io.Writer) *cobra.Command {
 	return cmd
 }
 
-func complete(kubeconfig string, args []string) (*kyverno.Policy, []*resourceInfo) {
+func complete(kubeconfig string, args []string) (*kyverno.ClusterPolicy, []*resourceInfo) {
 	policyDir, resourceDir, err := validateDir(args)
 	if err != nil {
 		glog.Errorf("Failed to parse file path, err: %v\n", err)
@@ -74,7 +74,7 @@ func complete(kubeconfig string, args []string) (*kyverno.Policy, []*resourceInf
 	return policy, resources
 }
 
-func applyPolicy(policy *kyverno.Policy, resources []*resourceInfo) (output string) {
+func applyPolicy(policy *kyverno.ClusterPolicy, resources []*resourceInfo) (output string) {
 	for _, resource := range resources {
 		patchedDocument, err := applyPolicyOnRaw(policy, resource.rawResource, resource.gvk)
 		if err != nil {
@@ -93,7 +93,7 @@ func applyPolicy(policy *kyverno.Policy, resources []*resourceInfo) (output stri
 	return
 }
 
-func applyPolicyOnRaw(policy *kyverno.Policy, rawResource []byte, gvk *metav1.GroupVersionKind) ([]byte, error) {
+func applyPolicyOnRaw(policy *kyverno.ClusterPolicy, rawResource []byte, gvk *metav1.GroupVersionKind) ([]byte, error) {
 	patchedResource := rawResource
 	var err error
 
@@ -130,8 +130,8 @@ func applyPolicyOnRaw(policy *kyverno.Policy, rawResource []byte, gvk *metav1.Gr
 	return patchedResource, nil
 }
 
-func extractPolicy(fileDir string) (*kyverno.Policy, error) {
+func extractPolicy(fileDir string) (*kyverno.ClusterPolicy, error) {
-	policy := &kyverno.Policy{}
+	policy := &kyverno.ClusterPolicy{}
 
 	file, err := loadFile(fileDir)
 	if err != nil {

pkg/namespace/controller.go

@@ -40,11 +40,11 @@ type NamespaceController struct {
 	// nsListerSynced returns true if the Namespace store has been synced at least once
 	nsListerSynced cache.InformerSynced
 	// pvLister can list/get policy violation from the shared informer's store
-	pLister kyvernolister.PolicyLister
+	pLister kyvernolister.ClusterPolicyLister
 	// pvListerSynced retrns true if the Policy store has been synced at least once
 	pvListerSynced cache.InformerSynced
 	// pvLister can list/get policy violation from the shared informer's store
-	pvLister kyvernolister.PolicyViolationLister
+	pvLister kyvernolister.ClusterPolicyViolationLister
 	// API to send policy stats for aggregation
 	policyStatus policy.PolicyStatusInterface
 	// eventGen provides interface to generate evenets
@@ -59,8 +59,8 @@ type NamespaceController struct {
 func NewNamespaceController(kyvernoClient *kyvernoclient.Clientset,
 	client *client.Client,
 	nsInformer v1Informer.NamespaceInformer,
-	pInformer kyvernoinformer.PolicyInformer,
+	pInformer kyvernoinformer.ClusterPolicyInformer,
-	pvInformer kyvernoinformer.PolicyViolationInformer,
+	pvInformer kyvernoinformer.ClusterPolicyViolationInformer,
 	policyStatus policy.PolicyStatusInterface,
 	eventGen event.Interface) *NamespaceController {
 	//TODO: do we need to event recorder for this controller?

pkg/namespace/generation.go

@@ -115,8 +115,8 @@ func (nsc *NamespaceController) processNamespace(namespace corev1.Namespace) []e
 	return engineResponses
 }
 
-func listpolicies(ns unstructured.Unstructured, pLister kyvernolister.PolicyLister) []*kyverno.Policy {
+func listpolicies(ns unstructured.Unstructured, pLister kyvernolister.ClusterPolicyLister) []*kyverno.ClusterPolicy {
-	var filteredpolicies []*kyverno.Policy
+	var filteredpolicies []*kyverno.ClusterPolicy
 	glog.V(4).Infof("listing policies for namespace %s", ns.GetName())
 	policies, err := pLister.List(labels.NewSelector())
 	if err != nil {
@@ -140,7 +140,7 @@ func listpolicies(ns unstructured.Unstructured, pLister kyvernolister.PolicyList
 	return filteredpolicies
 }
 
-func applyPolicy(client *client.Client, resource unstructured.Unstructured, p kyverno.Policy, policyStatus policyctr.PolicyStatusInterface) engine.EngineResponseNew {
+func applyPolicy(client *client.Client, resource unstructured.Unstructured, p kyverno.ClusterPolicy, policyStatus policyctr.PolicyStatusInterface) engine.EngineResponseNew {
 	var policyStats []policyctr.PolicyStat
 	// gather stats from the engine response
 	gatherStat := func(policyName string, policyResponse engine.PolicyResponse) {

pkg/policy/apply.go

@@ -15,7 +15,7 @@ import (
 
 // applyPolicy applies policy on a resource
 //TODO: generation rules
-func applyPolicy(policy kyverno.Policy, resource unstructured.Unstructured, policyStatus PolicyStatusInterface) (responses []engine.EngineResponseNew) {
+func applyPolicy(policy kyverno.ClusterPolicy, resource unstructured.Unstructured, policyStatus PolicyStatusInterface) (responses []engine.EngineResponseNew) {
 	startTime := time.Now()
 	var policyStats []PolicyStat
 	glog.V(4).Infof("Started apply policy %s on resource %s/%s/%s (%v)", policy.Name, resource.GetKind(), resource.GetNamespace(), resource.GetName(), startTime)
@@ -64,7 +64,7 @@ func applyPolicy(policy kyverno.Policy, resource unstructured.Unstructured, poli
 	//TODO: GENERATION
 	return engineResponses
 }
-func mutation(policy kyverno.Policy, resource unstructured.Unstructured, policyStatus PolicyStatusInterface) (engine.EngineResponseNew, error) {
+func mutation(policy kyverno.ClusterPolicy, resource unstructured.Unstructured, policyStatus PolicyStatusInterface) (engine.EngineResponseNew, error) {
 	engineResponse := engine.MutateNew(policy, resource)
 	if !engineResponse.IsSuccesful() {
 		glog.V(4).Infof("mutation had errors reporting them")

pkg/policy/controller.go

@@ -44,7 +44,7 @@ const (
 	maxRetries = 15
 )
 
-var controllerKind = kyverno.SchemeGroupVersion.WithKind("Policy")
+var controllerKind = kyverno.SchemeGroupVersion.WithKind("ClusterPolicy")
 
 // PolicyController is responsible for synchronizing Policy objects stored
 // in the system with the corresponding policy violations
@@ -54,16 +54,16 @@ type PolicyController struct {
 	eventGen      event.Interface
 	eventRecorder record.EventRecorder
 	syncHandler   func(pKey string) error
-	enqueuePolicy func(policy *kyverno.Policy)
+	enqueuePolicy func(policy *kyverno.ClusterPolicy)
 
 	//pvControl is used for adoptin/releasing policy violation
 	pvControl PVControlInterface
 	// Policys that need to be synced
 	queue workqueue.RateLimitingInterface
 	// pLister can list/get policy from the shared informer's store
-	pLister kyvernolister.PolicyLister
+	pLister kyvernolister.ClusterPolicyLister
 	// pvLister can list/get policy violation from the shared informer's store
-	pvLister kyvernolister.PolicyViolationLister
+	pvLister kyvernolister.ClusterPolicyViolationLister
 	// pListerSynced returns true if the Policy store has been synced at least once
 	pListerSynced cache.InformerSynced
 	// pvListerSynced returns true if the Policy store has been synced at least once
@@ -81,7 +81,7 @@ type PolicyController struct {
 }
 
 // NewPolicyController create a new PolicyController
-func NewPolicyController(kyvernoClient *kyvernoclient.Clientset, client *client.Client, pInformer kyvernoinformer.PolicyInformer, pvInformer kyvernoinformer.PolicyViolationInformer,
+func NewPolicyController(kyvernoClient *kyvernoclient.Clientset, client *client.Client, pInformer kyvernoinformer.ClusterPolicyInformer, pvInformer kyvernoinformer.ClusterPolicyViolationInformer,
 	eventGen event.Interface, webhookInformer webhookinformer.MutatingWebhookConfigurationInformer, webhookRegistrationClient *webhookconfig.WebhookRegistrationClient) (*PolicyController, error) {
 	// Event broad caster
 	eventBroadcaster := record.NewBroadcaster()
@@ -138,27 +138,27 @@ func NewPolicyController(kyvernoClient *kyvernoclient.Clientset, client *client.
 }
 
 func (pc *PolicyController) addPolicy(obj interface{}) {
-	p := obj.(*kyverno.Policy)
+	p := obj.(*kyverno.ClusterPolicy)
 	glog.V(4).Infof("Adding Policy %s", p.Name)
 	pc.enqueuePolicy(p)
 }
 
 func (pc *PolicyController) updatePolicy(old, cur interface{}) {
-	oldP := old.(*kyverno.Policy)
+	oldP := old.(*kyverno.ClusterPolicy)
-	curP := cur.(*kyverno.Policy)
+	curP := cur.(*kyverno.ClusterPolicy)
 	glog.V(4).Infof("Updating Policy %s", oldP.Name)
 	pc.enqueuePolicy(curP)
 }
 
 func (pc *PolicyController) deletePolicy(obj interface{}) {
-	p, ok := obj.(*kyverno.Policy)
+	p, ok := obj.(*kyverno.ClusterPolicy)
 	if !ok {
 		tombstone, ok := obj.(cache.DeletedFinalStateUnknown)
 		if !ok {
 			glog.Info(fmt.Errorf("Couldn't get object from tombstone %#v", obj))
 			return
 		}
-		p, ok = tombstone.Obj.(*kyverno.Policy)
+		p, ok = tombstone.Obj.(*kyverno.ClusterPolicy)
 		if !ok {
 			glog.Info(fmt.Errorf("Tombstone contained object that is not a Policy %#v", obj))
 			return
@@ -169,7 +169,7 @@ func (pc *PolicyController) deletePolicy(obj interface{}) {
 }
 
 func (pc *PolicyController) addPolicyViolation(obj interface{}) {
-	pv := obj.(*kyverno.PolicyViolation)
+	pv := obj.(*kyverno.ClusterPolicyViolation)
 
 	if pv.DeletionTimestamp != nil {
 		// On a restart of the controller manager, it's possible for an object to
@@ -207,8 +207,8 @@ func (pc *PolicyController) addPolicyViolation(obj interface{}) {
 }
 
 func (pc *PolicyController) updatePolicyViolation(old, cur interface{}) {
-	curPV := cur.(*kyverno.PolicyViolation)
+	curPV := cur.(*kyverno.ClusterPolicyViolation)
-	oldPV := old.(*kyverno.PolicyViolation)
+	oldPV := old.(*kyverno.ClusterPolicyViolation)
 	if curPV.ResourceVersion == oldPV.ResourceVersion {
 		// Periodic resync will send update events for all known Policy Violation.
 		// Two different versions of the same replica set will always have different RVs.
@@ -256,11 +256,11 @@ func (pc *PolicyController) updatePolicyViolation(old, cur interface{}) {
 }
 
 // deletePolicyViolation enqueues the Policy that manages a PolicyViolation when
-// the PolicyViolation is deleted. obj could be an *kyverno.PolicyViolation, or
+// the PolicyViolation is deleted. obj could be an *kyverno.CusterPolicyViolation, or
 // a DeletionFinalStateUnknown marker item.
 
 func (pc *PolicyController) deletePolicyViolation(obj interface{}) {
-	pv, ok := obj.(*kyverno.PolicyViolation)
+	pv, ok := obj.(*kyverno.ClusterPolicyViolation)
 	// When a delete is dropped, the relist will notice a PolicyViolation in the store not
 	// in the list, leading to the insertion of a tombstone object which contains
 	// the deleted key/value. Note that this value might be stale. If the PolicyViolation
@@ -271,7 +271,7 @@ func (pc *PolicyController) deletePolicyViolation(obj interface{}) {
 			glog.Info(fmt.Errorf("Couldn't get object from tombstone %#v", obj))
 			return
 		}
-		pv, ok = tombstone.Obj.(*kyverno.PolicyViolation)
+		pv, ok = tombstone.Obj.(*kyverno.ClusterPolicyViolation)
 		if !ok {
 			glog.Info(fmt.Errorf("Couldn't get object from tombstone %#v", obj))
 			return
@@ -293,7 +293,7 @@ func (pc *PolicyController) deletePolicyViolation(obj interface{}) {
 // resolveControllerRef returns the controller referenced by a ControllerRef,
 // or nil if the ControllerRef could not be resolved to a matching controller
 // of the correct Kind.
-func (pc *PolicyController) resolveControllerRef(controllerRef *metav1.OwnerReference) *kyverno.Policy {
+func (pc *PolicyController) resolveControllerRef(controllerRef *metav1.OwnerReference) *kyverno.ClusterPolicy {
 	// We can't look up by UID, so look up by Name and then verify UID.
 	// Don't even try to look up by Name if it's the wrong Kind.
 	if controllerRef.Kind != controllerRef.Kind {
@@ -311,7 +311,7 @@ func (pc *PolicyController) resolveControllerRef(controllerRef *metav1.OwnerRefe
 	return p
 }
 
-func (pc *PolicyController) getPolicyForPolicyViolation(pv *kyverno.PolicyViolation) []*kyverno.Policy {
+func (pc *PolicyController) getPolicyForPolicyViolation(pv *kyverno.ClusterPolicyViolation) []*kyverno.ClusterPolicy {
 	policies, err := pc.pLister.GetPolicyForPolicyViolation(pv)
 	if err != nil || len(policies) == 0 {
 		return nil
@@ -329,7 +329,7 @@ func (pc *PolicyController) getPolicyForPolicyViolation(pv *kyverno.PolicyViolat
 	return policies
 }
 
-func (pc *PolicyController) enqueue(policy *kyverno.Policy) {
+func (pc *PolicyController) enqueue(policy *kyverno.ClusterPolicy) {
 	key, err := cache.MetaNamespaceKeyFunc(policy)
 	if err != nil {
 		glog.Error(err)
@@ -443,7 +443,7 @@ func (pc *PolicyController) syncPolicy(key string) error {
 // TODO: here checks mutatingwebhook only
 // as 'kubectl scale' is not funtional with validatingwebhook
 // refer to https://github.com/nirmata/kyverno/issues/250
-func (pc *PolicyController) handleWebhookRegistration(delete bool, policy *kyverno.Policy) error {
+func (pc *PolicyController) handleWebhookRegistration(delete bool, policy *kyverno.ClusterPolicy) error {
 	policies, _ := pc.pLister.List(labels.NewSelector())
 	selector := &metav1.LabelSelector{MatchLabels: config.KubePolicyAppLabels}
 	webhookSelector, err := metav1.LabelSelectorAsSelector(selector)
@@ -484,7 +484,7 @@ func (pc *PolicyController) handleWebhookRegistration(delete bool, policy *kyver
 //syncStatusOnly updates the policy status subresource
 // status:
 // 		- violations : (count of the resources that violate this policy )
-func (pc *PolicyController) syncStatusOnly(p *kyverno.Policy, pvList []*kyverno.PolicyViolation) error {
+func (pc *PolicyController) syncStatusOnly(p *kyverno.ClusterPolicy, pvList []*kyverno.ClusterPolicyViolation) error {
 	newStatus := pc.calculateStatus(p.Name, pvList)
 	if reflect.DeepEqual(newStatus, p.Status) {
 		// no update to status
@@ -493,11 +493,11 @@ func (pc *PolicyController) syncStatusOnly(p *kyverno.Policy, pvList []*kyverno.
 	// update status
 	newPolicy := p
 	newPolicy.Status = newStatus
-	_, err := pc.kyvernoClient.KyvernoV1alpha1().Policies().UpdateStatus(newPolicy)
+	_, err := pc.kyvernoClient.KyvernoV1alpha1().ClusterPolicies().UpdateStatus(newPolicy)
 	return err
 }
 
-func (pc *PolicyController) calculateStatus(policyName string, pvList []*kyverno.PolicyViolation) kyverno.PolicyStatus {
+func (pc *PolicyController) calculateStatus(policyName string, pvList []*kyverno.ClusterPolicyViolation) kyverno.PolicyStatus {
 	violationCount := len(pvList)
 	status := kyverno.PolicyStatus{
 		ViolationCount: violationCount,
@@ -513,7 +513,7 @@ func (pc *PolicyController) calculateStatus(policyName string, pvList []*kyverno
 	}
 	return status
 }
-func (pc *PolicyController) getPolicyViolationsForPolicy(p *kyverno.Policy) ([]*kyverno.PolicyViolation, error) {
+func (pc *PolicyController) getPolicyViolationsForPolicy(p *kyverno.ClusterPolicy) ([]*kyverno.ClusterPolicyViolation, error) {
 	// List all PolicyViolation to find those we own but that no longer match our
 	// selector. They will be orphaned by ClaimPolicyViolation().
 	pvList, err := pc.pvLister.List(labels.Everything())
@@ -537,7 +537,7 @@ func (pc *PolicyController) getPolicyViolationsForPolicy(p *kyverno.Policy) ([]*
 	}
 
 	canAdoptFunc := RecheckDeletionTimestamp(func() (metav1.Object, error) {
-		fresh, err := pc.kyvernoClient.KyvernoV1alpha1().Policies().Get(p.Name, metav1.GetOptions{})
+		fresh, err := pc.kyvernoClient.KyvernoV1alpha1().ClusterPolicies().Get(p.Name, metav1.GetOptions{})
 		if err != nil {
 			return nil, err
 		}
@@ -552,18 +552,18 @@ func (pc *PolicyController) getPolicyViolationsForPolicy(p *kyverno.Policy) ([]*
 	return cm.claimPolicyViolations(pvList)
 }
 
-func (m *PolicyViolationControllerRefManager) claimPolicyViolations(sets []*kyverno.PolicyViolation) ([]*kyverno.PolicyViolation, error) {
+func (m *PolicyViolationControllerRefManager) claimPolicyViolations(sets []*kyverno.ClusterPolicyViolation) ([]*kyverno.ClusterPolicyViolation, error) {
-	var claimed []*kyverno.PolicyViolation
+	var claimed []*kyverno.ClusterPolicyViolation
 	var errlist []error
 
 	match := func(obj metav1.Object) bool {
 		return m.Selector.Matches(labels.Set(obj.GetLabels()))
 	}
 	adopt := func(obj metav1.Object) error {
-		return m.adoptPolicyViolation(obj.(*kyverno.PolicyViolation))
+		return m.adoptPolicyViolation(obj.(*kyverno.ClusterPolicyViolation))
 	}
 	release := func(obj metav1.Object) error {
-		return m.releasePolicyViolation(obj.(*kyverno.PolicyViolation))
+		return m.releasePolicyViolation(obj.(*kyverno.ClusterPolicyViolation))
 	}
 
 	for _, pv := range sets {
@@ -579,7 +579,7 @@ func (m *PolicyViolationControllerRefManager) claimPolicyViolations(sets []*kyve
 	return claimed, utilerrors.NewAggregate(errlist)
 }
 
-func (m *PolicyViolationControllerRefManager) adoptPolicyViolation(pv *kyverno.PolicyViolation) error {
+func (m *PolicyViolationControllerRefManager) adoptPolicyViolation(pv *kyverno.ClusterPolicyViolation) error {
 	if err := m.CanAdopt(); err != nil {
 		return fmt.Errorf("can't adopt PolicyViolation %v (%v): %v", pv.Name, pv.UID, err)
 	}
@@ -629,7 +629,7 @@ func removeOwnerReferencePatch(ownerRef metav1.OwnerReference) ([]byte, error) {
 	return json.Marshal(payload)
 }
 
-func (m *PolicyViolationControllerRefManager) releasePolicyViolation(pv *kyverno.PolicyViolation) error {
+func (m *PolicyViolationControllerRefManager) releasePolicyViolation(pv *kyverno.ClusterPolicyViolation) error {
 	glog.V(2).Infof("patching PolicyViolation %s to remove its controllerRef to %s/%s:%s",
 		pv.Name, m.controllerKind.GroupVersion(), m.controllerKind.Kind, m.Controller.GetName())
 	//TODO JSON patch for owner reference for resources
@@ -785,7 +785,7 @@ type RealPVControl struct {
 
 //PatchPolicyViolation patches the policy violation with the provided JSON Patch
 func (r RealPVControl) PatchPolicyViolation(name string, data []byte) error {
-	_, err := r.Client.KyvernoV1alpha1().PolicyViolations().Patch(name, types.JSONPatchType, data)
+	_, err := r.Client.KyvernoV1alpha1().ClusterPolicyViolations().Patch(name, types.JSONPatchType, data)
 	return err
 }
 
@@ -847,7 +847,7 @@ func createLabelMapPatch(policy string, resource string) ([]byte, error) {
 
 //updatePolicyLabelIfNotDefined adds the label 'policy' to the PolicyViolation
 // label is used here to lookup policyViolation and corresponding Policy
-func updatePolicyLabelIfNotDefined(pvControl PVControlInterface, pv *kyverno.PolicyViolation) bool {
+func updatePolicyLabelIfNotDefined(pvControl PVControlInterface, pv *kyverno.ClusterPolicyViolation) bool {
 	updateLabel := func() bool {
 		glog.V(4).Infof("adding label 'policy:%s' to PolicyViolation %s", pv.Spec.Policy, pv.Name)
 		glog.V(4).Infof("adding label 'resource:%s' to PolicyViolation %s", pv.Spec.ResourceSpec.ToKey(), pv.Name)
@@ -931,7 +931,7 @@ func joinPatches(patches ...[]byte) []byte {
 	return result
 }
 
-func HasMutateOrValidatePolicies(policies []*kyverno.Policy) bool {
+func HasMutateOrValidatePolicies(policies []*kyverno.ClusterPolicy) bool {
 	for _, policy := range policies {
 		if HasMutateOrValidate(*policy) {
 			return true
@@ -940,7 +940,7 @@ func HasMutateOrValidatePolicies(policies []*kyverno.Policy) bool {
 	return false
 }
 
-func HasMutateOrValidate(policy kyverno.Policy) bool {
+func HasMutateOrValidate(policy kyverno.ClusterPolicy) bool {
 	for _, rule := range policy.Spec.Rules {
 		if !reflect.DeepEqual(rule.Mutation, kyverno.Mutation{}) || !reflect.DeepEqual(rule.Validation, kyverno.Validation{}) {
 			glog.Infoln(rule.Name)

pkg/policy/existing.go

@@ -14,7 +14,7 @@ import (
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 )
 
-func (pc *PolicyController) processExistingResources(policy kyverno.Policy) []engine.EngineResponseNew {
+func (pc *PolicyController) processExistingResources(policy kyverno.ClusterPolicy) []engine.EngineResponseNew {
 	// Parse through all the resources
 	// drops the cache after configured rebuild time
 	pc.rm.Drop()
@@ -38,7 +38,7 @@ func (pc *PolicyController) processExistingResources(policy kyverno.Policy) []en
 	return engineResponses
 }
 
-func listResources(client *client.Client, policy kyverno.Policy, filterK8Resources []utils.K8Resource) map[string]unstructured.Unstructured {
+func listResources(client *client.Client, policy kyverno.ClusterPolicy, filterK8Resources []utils.K8Resource) map[string]unstructured.Unstructured {
 	// key uid
 	resourceMap := map[string]unstructured.Unstructured{}
 

pkg/policy/status.go

@@ -24,10 +24,7 @@ type PolicyStatusAggregator struct {
 }
 
 //NewPolicyStatAggregator returns a new policy status
-func NewPolicyStatAggregator(client *kyvernoclient.Clientset,
+func NewPolicyStatAggregator(client *kyvernoclient.Clientset) *PolicyStatusAggregator {
-
-// pInformer kyvernoinformer.PolicyInformer
-) *PolicyStatusAggregator {
 	psa := PolicyStatusAggregator{
 		startTime:  time.Now(),
 		ch:         make(chan PolicyStat),
@@ -46,6 +43,7 @@ func (psa *PolicyStatusAggregator) Run(workers int, stopCh <-chan struct{}) {
 	for i := 0; i < workers; i++ {
 		go wait.Until(psa.process, time.Second, stopCh)
 	}
+	<-stopCh
 }
 
 func (psa *PolicyStatusAggregator) process() {

pkg/policy/utils.go

@@ -8,7 +8,7 @@ import kyverno "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
 // - Rule resource description changes
 // - Rule operation changes
 // - Rule name changed
-func reEvaulatePolicy(curP, oldP *kyverno.Policy) bool {
+func reEvaulatePolicy(curP, oldP *kyverno.ClusterPolicy) bool {
 	// count of rules changed
 	if len(curP.Spec.Rules) != len(curP.Spec.Rules) {
 

pkg/policyviolation/controller.go

@@ -33,7 +33,7 @@ const (
 	maxRetries = 15
 )
 
-var controllerKind = kyverno.SchemeGroupVersion.WithKind("PolicyViolation")
+var controllerKind = kyverno.SchemeGroupVersion.WithKind("ClusterPolicyViolation")
 
 // PolicyViolationController manages the policy violation resource
 // - sync the lastupdate time
@@ -43,13 +43,13 @@ type PolicyViolationController struct {
 	kyvernoClient          *kyvernoclient.Clientset
 	eventRecorder          record.EventRecorder
 	syncHandler            func(pKey string) error
-	enqueuePolicyViolation func(policy *kyverno.PolicyViolation)
+	enqueuePolicyViolation func(policy *kyverno.ClusterPolicyViolation)
 	// Policys that need to be synced
 	queue workqueue.RateLimitingInterface
 	// pvLister can list/get policy violation from the shared informer's store
-	pvLister kyvernolister.PolicyViolationLister
+	pvLister kyvernolister.ClusterPolicyViolationLister
 	// pLister can list/get policy from the shared informer's store
-	pLister kyvernolister.PolicyLister
+	pLister kyvernolister.ClusterPolicyLister
 	// pListerSynced returns true if the Policy store has been synced at least once
 	pListerSynced cache.InformerSynced
 	// pvListerSynced retrns true if the Policy store has been synced at least once
@@ -59,7 +59,7 @@ type PolicyViolationController struct {
 }
 
 //NewPolicyViolationController creates a new NewPolicyViolationController
-func NewPolicyViolationController(client *client.Client, kyvernoClient *kyvernoclient.Clientset, pInformer kyvernoinformer.PolicyInformer, pvInformer kyvernoinformer.PolicyViolationInformer) (*PolicyViolationController, error) {
+func NewPolicyViolationController(client *client.Client, kyvernoClient *kyvernoclient.Clientset, pInformer kyvernoinformer.ClusterPolicyInformer, pvInformer kyvernoinformer.ClusterPolicyViolationInformer) (*PolicyViolationController, error) {
 	// Event broad caster
 	eventBroadcaster := record.NewBroadcaster()
 	eventBroadcaster.StartLogging(glog.Infof)
@@ -94,14 +94,14 @@ func NewPolicyViolationController(client *client.Client, kyvernoClient *kyvernoc
 }
 
 func (pvc *PolicyViolationController) addPolicyViolation(obj interface{}) {
-	pv := obj.(*kyverno.PolicyViolation)
+	pv := obj.(*kyverno.ClusterPolicyViolation)
 	glog.V(4).Infof("Adding PolicyViolation %s", pv.Name)
 	pvc.enqueuePolicyViolation(pv)
 }
 
 func (pvc *PolicyViolationController) updatePolicyViolation(old, cur interface{}) {
-	oldPv := old.(*kyverno.PolicyViolation)
+	oldPv := old.(*kyverno.ClusterPolicyViolation)
-	curPv := cur.(*kyverno.PolicyViolation)
+	curPv := cur.(*kyverno.ClusterPolicyViolation)
 	glog.V(4).Infof("Updating Policy Violation %s", oldPv.Name)
 	if err := pvc.syncLastUpdateTimeStatus(curPv, oldPv); err != nil {
 		glog.Errorf("Failed to update lastUpdateTime in PolicyViolation %s status: %v", curPv.Name, err)
@@ -110,14 +110,14 @@ func (pvc *PolicyViolationController) updatePolicyViolation(old, cur interface{}
 }
 
 func (pvc *PolicyViolationController) deletePolicyViolation(obj interface{}) {
-	pv, ok := obj.(*kyverno.PolicyViolation)
+	pv, ok := obj.(*kyverno.ClusterPolicyViolation)
 	if !ok {
 		tombstone, ok := obj.(cache.DeletedFinalStateUnknown)
 		if !ok {
 			glog.Info(fmt.Errorf("Couldn't get object from tombstone %#v", obj))
 			return
 		}
-		pv, ok = tombstone.Obj.(*kyverno.PolicyViolation)
+		pv, ok = tombstone.Obj.(*kyverno.ClusterPolicyViolation)
 		if !ok {
 			glog.Info(fmt.Errorf("Tombstone contained object that is not a PolicyViolation %#v", obj))
 			return
@@ -127,7 +127,7 @@ func (pvc *PolicyViolationController) deletePolicyViolation(obj interface{}) {
 	pvc.enqueuePolicyViolation(pv)
 }
 
-func (pvc *PolicyViolationController) enqueue(policyViolation *kyverno.PolicyViolation) {
+func (pvc *PolicyViolationController) enqueue(policyViolation *kyverno.ClusterPolicyViolation) {
 	key, err := cache.MetaNamespaceKeyFunc(policyViolation)
 	if err != nil {
 		glog.Error(err)
@@ -223,7 +223,7 @@ func (pvc *PolicyViolationController) syncPolicyViolation(key string) error {
 	return pvc.syncStatusOnly(pv)
 }
 
-func (pvc *PolicyViolationController) syncActiveResource(curPv *kyverno.PolicyViolation) error {
+func (pvc *PolicyViolationController) syncActiveResource(curPv *kyverno.ClusterPolicyViolation) error {
 	// check if the resource is active or not ?
 	rspec := curPv.Spec.ResourceSpec
 	// get resource
@@ -250,7 +250,7 @@ func (pvc *PolicyViolationController) syncActiveResource(curPv *kyverno.PolicyVi
 
 //syncStatusOnly updates the policyviolation status subresource
 // status:
-func (pvc *PolicyViolationController) syncStatusOnly(curPv *kyverno.PolicyViolation) error {
+func (pvc *PolicyViolationController) syncStatusOnly(curPv *kyverno.ClusterPolicyViolation) error {
 	// newStatus := calculateStatus(pv)
 	return nil
 }
@@ -258,7 +258,7 @@ func (pvc *PolicyViolationController) syncStatusOnly(curPv *kyverno.PolicyViolat
 //TODO: think this through again
 //syncLastUpdateTimeStatus updates the policyviolation lastUpdateTime if anything in ViolationSpec changed
 // 		- lastUpdateTime : (time stamp when the policy violation changed)
-func (pvc *PolicyViolationController) syncLastUpdateTimeStatus(curPv *kyverno.PolicyViolation, oldPv *kyverno.PolicyViolation) error {
+func (pvc *PolicyViolationController) syncLastUpdateTimeStatus(curPv *kyverno.ClusterPolicyViolation, oldPv *kyverno.ClusterPolicyViolation) error {
 	// check if there is any change in policy violation information
 	if !updated(curPv, oldPv) {
 		return nil
@@ -270,13 +270,13 @@ func (pvc *PolicyViolationController) syncLastUpdateTimeStatus(curPv *kyverno.Po
 	return pvc.pvControl.UpdateStatusPolicyViolation(newPolicyViolation)
 }
 
-func updated(curPv *kyverno.PolicyViolation, oldPv *kyverno.PolicyViolation) bool {
+func updated(curPv *kyverno.ClusterPolicyViolation, oldPv *kyverno.ClusterPolicyViolation) bool {
 	return !reflect.DeepEqual(curPv.Spec, oldPv.Spec)
 	//TODO check if owner reference changed, then should we update the lastUpdateTime as well ?
 }
 
 type PVControlInterface interface {
-	UpdateStatusPolicyViolation(newPv *kyverno.PolicyViolation) error
+	UpdateStatusPolicyViolation(newPv *kyverno.ClusterPolicyViolation) error
 	RemovePolicyViolation(name string) error
 }
 
@@ -287,12 +287,12 @@ type RealPVControl struct {
 }
 
 //UpdateStatusPolicyViolation updates the status for policy violation
-func (r RealPVControl) UpdateStatusPolicyViolation(newPv *kyverno.PolicyViolation) error {
+func (r RealPVControl) UpdateStatusPolicyViolation(newPv *kyverno.ClusterPolicyViolation) error {
-	_, err := r.Client.KyvernoV1alpha1().PolicyViolations().UpdateStatus(newPv)
+	_, err := r.Client.KyvernoV1alpha1().ClusterPolicyViolations().UpdateStatus(newPv)
 	return err
 }
 
 //RemovePolicyViolation removes the policy violation
 func (r RealPVControl) RemovePolicyViolation(name string) error {
-	return r.Client.KyvernoV1alpha1().PolicyViolations().Delete(name, &metav1.DeleteOptions{})
+	return r.Client.KyvernoV1alpha1().ClusterPolicyViolations().Delete(name, &metav1.DeleteOptions{})
 }

pkg/policyviolation/helpers.go

@@ -14,8 +14,8 @@ import (
 )
 
 //BuildPolicyViolation returns an value of type PolicyViolation
-func BuildPolicyViolation(policy string, resource kyverno.ResourceSpec, fRules []kyverno.ViolatedRule) kyverno.PolicyViolation {
+func BuildPolicyViolation(policy string, resource kyverno.ResourceSpec, fRules []kyverno.ViolatedRule) kyverno.ClusterPolicyViolation {
-	pv := kyverno.PolicyViolation{
+	pv := kyverno.ClusterPolicyViolation{
 		Spec: kyverno.PolicyViolationSpec{
 			Policy:        policy,
 			ResourceSpec:  resource,
@@ -52,7 +52,7 @@ func BuildPolicyViolation(policy string, resource kyverno.ResourceSpec, fRules [
 // 	return pv
 // }
 
-func buildPVForPolicy(er engine.EngineResponseNew) kyverno.PolicyViolation {
+func buildPVForPolicy(er engine.EngineResponseNew) kyverno.ClusterPolicyViolation {
 	var violatedRules []kyverno.ViolatedRule
 	glog.V(4).Infof("building policy violation for engine response %v", er)
 	for _, r := range er.PolicyResponse.Rules {
@@ -78,11 +78,11 @@ func buildPVForPolicy(er engine.EngineResponseNew) kyverno.PolicyViolation {
 }
 
 //CreatePV creates policy violation resource based on the engine responses
-func CreatePV(pvLister kyvernolister.PolicyViolationLister, client *kyvernoclient.Clientset, engineResponses []engine.EngineResponseNew) {
+func CreatePV(pvLister kyvernolister.ClusterPolicyViolationLister, client *kyvernoclient.Clientset, engineResponses []engine.EngineResponseNew) {
-	var pvs []kyverno.PolicyViolation
+	var pvs []kyverno.ClusterPolicyViolation
 	for _, er := range engineResponses {
 		if !er.IsSuccesful() {
-			if pv := buildPVForPolicy(er); !reflect.DeepEqual(pv, kyverno.PolicyViolation{}) {
+			if pv := buildPVForPolicy(er); !reflect.DeepEqual(pv, kyverno.ClusterPolicyViolation{}) {
 				pvs = append(pvs, pv)
 			}
 		}
@@ -101,7 +101,7 @@ func CreatePV(pvLister kyvernolister.PolicyViolationLister, client *kyvernoclien
 		if curPv == nil {
 			glog.V(4).Infof("creating new policy violation for policy %s & resource %s/%s/%s", newPv.Spec.Policy, newPv.Spec.ResourceSpec.Kind, newPv.Spec.ResourceSpec.Namespace, newPv.Spec.ResourceSpec.Name)
 			// no existing policy violation, create a new one
-			_, err := client.KyvernoV1alpha1().PolicyViolations().Create(&newPv)
+			_, err := client.KyvernoV1alpha1().ClusterPolicyViolations().Create(&newPv)
 			if err != nil {
 				glog.Error(err)
 			}
@@ -117,7 +117,7 @@ func CreatePV(pvLister kyvernolister.PolicyViolationLister, client *kyvernoclien
 		glog.V(4).Infof("creating new policy violation for policy %s & resource %s/%s/%s", curPv.Spec.Policy, curPv.Spec.ResourceSpec.Kind, curPv.Spec.ResourceSpec.Namespace, curPv.Spec.ResourceSpec.Name)
 		//TODO: using a generic name, but would it be helpful to have naming convention for policy violations
 		// as we can only have one policy violation for each (policy + resource) combination
-		_, err = client.KyvernoV1alpha1().PolicyViolations().Update(&newPv)
+		_, err = client.KyvernoV1alpha1().ClusterPolicyViolations().Update(&newPv)
 		if err != nil {
 			glog.Error(err)
 			continue
@@ -173,7 +173,7 @@ func CreatePV(pvLister kyvernolister.PolicyViolationLister, client *kyvernoclien
 // }
 
 //TODO: change the name
-func getExistingPolicyViolationIfAny(pvListerSynced cache.InformerSynced, pvLister kyvernolister.PolicyViolationLister, newPv kyverno.PolicyViolation) (*kyverno.PolicyViolation, error) {
+func getExistingPolicyViolationIfAny(pvListerSynced cache.InformerSynced, pvLister kyvernolister.ClusterPolicyViolationLister, newPv kyverno.ClusterPolicyViolation) (*kyverno.ClusterPolicyViolation, error) {
 	// TODO: check for existing ov using label selectors on resource and policy
 	// TODO: there can be duplicates, as the labels have not been assigned to the policy violation yet
 	labelMap := map[string]string{"policy": newPv.Spec.Policy, "resource": newPv.Spec.ResourceSpec.ToKey()}

pkg/testrunner/scenario.go

@@ -182,7 +182,7 @@ func createNamespace(client *client.Client, ns *unstructured.Unstructured) error
 	_, err := client.CreateResource("Namespace", "", ns, false)
 	return err
 }
-func validateGeneratedResources(t *testing.T, client *client.Client, policy kyverno.Policy, expected []kyverno.ResourceSpec) {
+func validateGeneratedResources(t *testing.T, client *client.Client, policy kyverno.ClusterPolicy, expected []kyverno.ResourceSpec) {
 	t.Log("--validate if resources are generated---")
 	// list of expected generated resources
 	for _, resource := range expected {
@@ -400,16 +400,16 @@ func loadObjects(t *testing.T, path string) []runtime.Object {
 
 }
 
-func loadPolicy(t *testing.T, path string) *kyverno.Policy {
+func loadPolicy(t *testing.T, path string) *kyverno.ClusterPolicy {
 	t.Logf("loading policy from %s", path)
 	data, err := loadFile(t, path)
 	if err != nil {
 		return nil
 	}
-	var policies []*kyverno.Policy
+	var policies []*kyverno.ClusterPolicy
 	pBytes := bytes.Split(data, []byte("---"))
 	for _, p := range pBytes {
-		policy := kyverno.Policy{}
+		policy := kyverno.ClusterPolicy{}
 		pBytes, err := apiyaml.ToJSON(p)
 		if err != nil {
 			glog.Error(err)

pkg/utils/util.go

@@ -111,7 +111,7 @@ func CRDInstalled(discovery client.IDiscovery) bool {
 		glog.Infof("CRD %s found ", kind)
 		return true
 	}
-	if !check("Policy") || !check("PolicyViolation") {
+	if !check("ClusterPolicy") || !check("ClusterPolicyViolation") {
 		return false
 	}
 	return true

pkg/webhookconfig/policy.go

@@ -26,7 +26,7 @@ func (wrc *WebhookRegistrationClient) contructPolicyValidatingWebhookConfig(caDa
 				caData,
 				true,
 				wrc.timeoutSeconds,
-				"policies/*",
+				"clusterpolicies/*",
 				"kyverno.io",
 				"v1alpha1",
 				[]admregapi.OperationType{admregapi.Create, admregapi.Update},
@@ -51,7 +51,7 @@ func (wrc *WebhookRegistrationClient) contructDebugPolicyValidatingWebhookConfig
 				caData,
 				true,
 				wrc.timeoutSeconds,
-				"policies/*",
+				"clusterpolicies/*",
 				"kyverno.io",
 				"v1alpha1",
 				[]admregapi.OperationType{admregapi.Create, admregapi.Update},
@@ -76,7 +76,7 @@ func (wrc *WebhookRegistrationClient) contructPolicyMutatingWebhookConfig(caData
 				caData,
 				true,
 				wrc.timeoutSeconds,
-				"policies/*",
+				"clusterpolicies/*",
 				"kyverno.io",
 				"v1alpha1",
 				[]admregapi.OperationType{admregapi.Create, admregapi.Update},
@@ -100,7 +100,7 @@ func (wrc *WebhookRegistrationClient) contructDebugPolicyMutatingWebhookConfig(c
 				caData,
 				true,
 				wrc.timeoutSeconds,
-				"policies/*",
+				"clusterpolicies/*",
 				"kyverno.io",
 				"v1alpha1",
 				[]admregapi.OperationType{admregapi.Create, admregapi.Update},

pkg/webhooks/policymutation.go

@@ -13,7 +13,7 @@ import (
 )
 
 func (ws *WebhookServer) handlePolicyMutation(request *v1beta1.AdmissionRequest) *v1beta1.AdmissionResponse {
-	var policy *kyverno.Policy
+	var policy *kyverno.ClusterPolicy
 	raw := request.Object.Raw
 
 	//TODO: can this happen? wont this be picked by OpenAPI spec schema ?
@@ -46,7 +46,7 @@ func (ws *WebhookServer) handlePolicyMutation(request *v1beta1.AdmissionRequest)
 	}
 }
 
-func generateJSONPatchesForDefaults(policy *kyverno.Policy) ([]byte, []string) {
+func generateJSONPatchesForDefaults(policy *kyverno.ClusterPolicy) ([]byte, []string) {
 	var patches [][]byte
 	var updateMsgs []string
 
@@ -59,7 +59,7 @@ func generateJSONPatchesForDefaults(policy *kyverno.Policy) ([]byte, []string) {
 	return utils.JoinPatches(patches), updateMsgs
 }
 
-func defaultvalidationFailureAction(policy *kyverno.Policy) ([]byte, string) {
+func defaultvalidationFailureAction(policy *kyverno.ClusterPolicy) ([]byte, string) {
 	// default ValidationFailureAction to "enforce" if not specified
 	if policy.Spec.ValidationFailureAction == "" {
 		glog.V(4).Infof("defaulting policy %s 'ValidationFailureAction' to '%s'", policy.Name, BlockChanges)

pkg/webhooks/policyvalidation.go

@@ -14,7 +14,7 @@ import (
 
 //HandlePolicyValidation performs the validation check on policy resource
 func (ws *WebhookServer) handlePolicyValidation(request *v1beta1.AdmissionRequest) *v1beta1.AdmissionResponse {
-	var policy *kyverno.Policy
+	var policy *kyverno.ClusterPolicy
 	admissionResp := &v1beta1.AdmissionResponse{
 		Allowed: true,
 	}
@@ -38,7 +38,7 @@ func (ws *WebhookServer) handlePolicyValidation(request *v1beta1.AdmissionReques
 	return admissionResp
 }
 
-func (ws *WebhookServer) validatePolicy(policy *kyverno.Policy) *v1beta1.AdmissionResponse {
+func (ws *WebhookServer) validatePolicy(policy *kyverno.ClusterPolicy) *v1beta1.AdmissionResponse {
 	admissionResp := ws.validateUniqueRuleName(policy)
 	if !admissionResp.Allowed {
 		return admissionResp
@@ -47,7 +47,7 @@ func (ws *WebhookServer) validatePolicy(policy *kyverno.Policy) *v1beta1.Admissi
 	return ws.validateOverlayPattern(policy)
 }
 
-func (ws *WebhookServer) validateOverlayPattern(policy *kyverno.Policy) *v1beta1.AdmissionResponse {
+func (ws *WebhookServer) validateOverlayPattern(policy *kyverno.ClusterPolicy) *v1beta1.AdmissionResponse {
 	for _, rule := range policy.Spec.Rules {
 		if reflect.DeepEqual(rule.Validation, kyverno.Validation{}) {
 			continue
@@ -76,7 +76,7 @@ func (ws *WebhookServer) validateOverlayPattern(policy *kyverno.Policy) *v1beta1
 }
 
 // Verify if the Rule names are unique within a policy
-func (ws *WebhookServer) validateUniqueRuleName(policy *kyverno.Policy) *v1beta1.AdmissionResponse {
+func (ws *WebhookServer) validateUniqueRuleName(policy *kyverno.ClusterPolicy) *v1beta1.AdmissionResponse {
 	var ruleNames []string
 
 	for _, rule := range policy.Spec.Rules {

pkg/webhooks/server.go

@@ -32,8 +32,8 @@ type WebhookServer struct {
 	server                    http.Server
 	client                    *client.Client
 	kyvernoClient             *kyvernoclient.Clientset
-	pLister                   kyvernolister.PolicyLister
+	pLister                   kyvernolister.ClusterPolicyLister
-	pvLister                  kyvernolister.PolicyViolationLister
+	pvLister                  kyvernolister.ClusterPolicyViolationLister
 	pListerSynced             cache.InformerSynced
 	pvListerSynced            cache.InformerSynced
 	eventGen                  event.Interface
@@ -50,8 +50,8 @@ func NewWebhookServer(
 	kyvernoClient *kyvernoclient.Clientset,
 	client *client.Client,
 	tlsPair *tlsutils.TlsPemPair,
-	pInformer kyvernoinformer.PolicyInformer,
+	pInformer kyvernoinformer.ClusterPolicyInformer,
-	pvInformer kyvernoinformer.PolicyViolationInformer,
+	pvInformer kyvernoinformer.ClusterPolicyViolationInformer,
 	eventGen event.Interface,
 	webhookRegistrationClient *webhookconfig.WebhookRegistrationClient,
 	policyStatus policy.PolicyStatusInterface,

pkg/webhooks/utils.go

@@ -81,7 +81,7 @@ func (i *ArrayFlags) Set(value string) error {
 }
 
 // extract the kinds that the policy rules apply to
-func getApplicableKindsForPolicy(p *kyverno.Policy) []string {
+func getApplicableKindsForPolicy(p *kyverno.ClusterPolicy) []string {
 	kindsMap := map[string]interface{}{}
 	kinds := []string{}
 	// iterate over the rules an identify all kinds

pkg/webhooks/webhookManager.go

@@ -18,7 +18,7 @@ const (
 	all
 )
 
-func (ws *WebhookServer) manageWebhookConfigurations(policy kyverno.Policy, op v1beta1.Operation) {
+func (ws *WebhookServer) manageWebhookConfigurations(policy kyverno.ClusterPolicy, op v1beta1.Operation) {
 	switch op {
 	case v1beta1.Create:
 		ws.registerWebhookConfigurations(policy)
@@ -27,7 +27,7 @@ func (ws *WebhookServer) manageWebhookConfigurations(policy kyverno.Policy, op v
 	}
 }
 
-func (ws *WebhookServer) registerWebhookConfigurations(policy kyverno.Policy) error {
+func (ws *WebhookServer) registerWebhookConfigurations(policy kyverno.ClusterPolicy) error {
 	if !HasMutateOrValidate(policy) {
 		return nil
 	}
@@ -42,7 +42,7 @@ func (ws *WebhookServer) registerWebhookConfigurations(policy kyverno.Policy) er
 	return nil
 }
 
-func (ws *WebhookServer) deregisterWebhookConfigurations(policy kyverno.Policy) error {
+func (ws *WebhookServer) deregisterWebhookConfigurations(policy kyverno.ClusterPolicy) error {
 	policies, _ := ws.pLister.List(labels.NewSelector())
 
 	// deregister webhook if no mutate/validate policy found in cluster
@@ -54,7 +54,7 @@ func (ws *WebhookServer) deregisterWebhookConfigurations(policy kyverno.Policy)
 	return nil
 }
 
-func HasMutateOrValidatePolicies(policies []*kyverno.Policy) bool {
+func HasMutateOrValidatePolicies(policies []*kyverno.ClusterPolicy) bool {
 	for _, policy := range policies {
 		if HasMutateOrValidate(*policy) {
 			return true
@@ -63,7 +63,7 @@ func HasMutateOrValidatePolicies(policies []*kyverno.Policy) bool {
 	return false
 }
 
-func HasMutateOrValidate(policy kyverno.Policy) bool {
+func HasMutateOrValidate(policy kyverno.ClusterPolicy) bool {
 	for _, rule := range policy.Spec.Rules {
 		if !reflect.DeepEqual(rule.Mutation, kyverno.Mutation{}) || !reflect.DeepEqual(rule.Validation, kyverno.Validation{}) {
 			glog.Infoln(rule.Name)

test/ConfigMap/policy-CM.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : policy-cm
 spec :

test/ConfigMapGenerator-SecretGenerator/policy-cm-test.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata :
   name: "policy-configmapgenerator-test"
 spec:

test/ConfigMapGenerator-SecretGenerator/policy-namespace-patch-cmgCG-sgCG.yaml

@@ -4,7 +4,7 @@
 # and then create a namespace
 
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : "policy-ns-patch-cmg-sg"
 spec :

test/CronJob/policy-cronjob-wldcrd.yaml

@@ -1,5 +1,5 @@
 apiVersion: kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: policy-cronjob
 spec:

test/DaemonSet/policy-daemonset.yaml

@@ -1,5 +1,5 @@
 apiVersion: kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: policy-daemonset
 spec:

test/Deployment/policy-deployment-any.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : policy-deployment
 spec :

test/Endpoint/policy-endpoints.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : policy-endpoints
 spec :

test/HorizontalPodAutoscaler/policy-hpa.yaml

@@ -1,5 +1,5 @@
 apiVersion: kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: policy-hpa
 spec :

test/Ingress/policy-ingress.yaml

@@ -1,5 +1,5 @@
 apiVersion: kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata :
   name : policy-ingress
 spec :

test/Job/policy-job.yaml

@@ -1,5 +1,5 @@
 apiVersion: kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: policy-job-perl-bigint
 spec :

test/LimitRange/policy-limitrange.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : policy-limitrange
 spec :

test/Namespace/policy-namespace.yaml

@@ -1,5 +1,5 @@
 apiVersion: kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata :
   name : policy-namespace
 

test/NetworkPolicy/policy-network-policy.yaml

@@ -1,5 +1,5 @@
 apiVersion: kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: policy-network-policy
 spec:

test/PersistentVolumeClaim/policy-PVC.yaml

@@ -1,5 +1,5 @@
 apiVersion: kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: policy-pvc
 spec:

test/PodDisruptionBudget/policy-pdb.yaml

@@ -1,5 +1,5 @@
 apiVersion: kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: policy-pdb
 spec:

test/PodTemplate/policy-PodTemplate.yaml

@@ -1,5 +1,5 @@
 apiVersion: kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: test-podtemplate
 spec:

test/ResourceQuota/policy-quota-validation.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : policy-quota-low-test-validation
 spec :

test/ResourceQuota/policy-quota.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : policy-quota-low-test
 spec :

test/Secret/policy-secret.yaml

@@ -1,5 +1,5 @@
 apiVersion: kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: policy-secrets
 spec:

test/SecurityContext/policy.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: policy-security-context
 spec:

test/Service/policy-service.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : policy-service
 spec :

test/StatefulSet/policy-StatefulSet.yaml

@@ -1,5 +1,5 @@
 apiVersion: kyverno.io/v1alpha1
-kind: Policy
+kind: ClusterPolicy
 metadata:
   name: policy-statefulset
 spec:

test/generate-resource/main.go

@@ -21,7 +21,7 @@ func main() {
 }
 
 func generatePolicies() error {
-	var policy *kyverno.Policy
+	var policy *kyverno.ClusterPolicy
 
 	file, err := ioutil.ReadFile(policyPath)
 	if err != nil {

test/generate/policy_basic.yaml

@@ -1,5 +1,5 @@
 apiVersion : kyverno.io/v1alpha1
-kind : Policy
+kind : ClusterPolicy
 metadata :
   name : basic-policy
 spec :