1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-13 19:28:55 +00:00

feat: more openapi validation in v2 api (#11013)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
This commit is contained in:
Charles-Edouard Brétéché 2024-09-04 20:00:50 +02:00 committed by GitHub
parent cac7b21225
commit fd5cfac9b4
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
15 changed files with 193 additions and 0 deletions

View file

@ -8,6 +8,7 @@ import (
// MatchResources is used to specify resource and admission review request data for
// which a policy rule is applicable.
// +kubebuilder:not:={required:{any,all}}
type MatchResources struct {
// Any allows specifying resources which will be ORed
// +optional

View file

@ -348,6 +348,10 @@ spec:
ExcludeResources defines when cleanuppolicy should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -778,6 +782,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -1603,6 +1611,10 @@ spec:
ExcludeResources defines when cleanuppolicy should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -2033,6 +2045,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed

View file

@ -348,6 +348,10 @@ spec:
ExcludeResources defines when cleanuppolicy should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -778,6 +782,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -1603,6 +1611,10 @@ spec:
ExcludeResources defines when cleanuppolicy should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -2033,6 +2045,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed

View file

@ -10226,6 +10226,10 @@ spec:
ExcludeResources defines when this policy rule should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will
@ -11236,6 +11240,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will

View file

@ -10229,6 +10229,10 @@ spec:
ExcludeResources defines when this policy rule should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will
@ -11239,6 +11243,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will

View file

@ -175,6 +175,10 @@ spec:
match:
description: Match defines match clause used to check if a resource
applies to the exception
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -812,6 +816,10 @@ spec:
match:
description: Match defines match clause used to check if a resource
applies to the exception
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed

View file

@ -10220,6 +10220,10 @@ spec:
ExcludeResources defines when this policy rule should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will
@ -11230,6 +11234,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will

View file

@ -10223,6 +10223,10 @@ spec:
ExcludeResources defines when this policy rule should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will
@ -11233,6 +11237,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will

View file

@ -169,6 +169,10 @@ spec:
match:
description: Match defines match clause used to check if a resource
applies to the exception
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -806,6 +810,10 @@ spec:
match:
description: Match defines match clause used to check if a resource
applies to the exception
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed

View file

@ -342,6 +342,10 @@ spec:
ExcludeResources defines when cleanuppolicy should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -772,6 +776,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -1597,6 +1605,10 @@ spec:
ExcludeResources defines when cleanuppolicy should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -2027,6 +2039,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed

View file

@ -342,6 +342,10 @@ spec:
ExcludeResources defines when cleanuppolicy should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -772,6 +776,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -1597,6 +1605,10 @@ spec:
ExcludeResources defines when cleanuppolicy should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -2027,6 +2039,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed

View file

@ -10220,6 +10220,10 @@ spec:
ExcludeResources defines when this policy rule should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will
@ -11230,6 +11234,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will

View file

@ -10223,6 +10223,10 @@ spec:
ExcludeResources defines when this policy rule should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will
@ -11233,6 +11237,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will

View file

@ -169,6 +169,10 @@ spec:
match:
description: Match defines match clause used to check if a resource
applies to the exception
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -806,6 +810,10 @@ spec:
match:
description: Match defines match clause used to check if a resource
applies to the exception
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed

View file

@ -541,6 +541,10 @@ spec:
ExcludeResources defines when cleanuppolicy should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -971,6 +975,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -1796,6 +1804,10 @@ spec:
ExcludeResources defines when cleanuppolicy should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -2226,6 +2238,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -3077,6 +3093,10 @@ spec:
ExcludeResources defines when cleanuppolicy should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -3507,6 +3527,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -4332,6 +4356,10 @@ spec:
ExcludeResources defines when cleanuppolicy should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -4762,6 +4790,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -15491,6 +15523,10 @@ spec:
ExcludeResources defines when this policy rule should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will
@ -16501,6 +16537,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will
@ -35180,6 +35220,10 @@ spec:
ExcludeResources defines when this policy rule should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will
@ -36190,6 +36234,10 @@ spec:
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will
@ -44569,6 +44617,10 @@ spec:
match:
description: Match defines match clause used to check if a resource
applies to the exception
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed
@ -45206,6 +45258,10 @@ spec:
match:
description: Match defines match clause used to check if a resource
applies to the exception
not:
required:
- any
- all
properties:
all:
description: All allows specifying resources which will be ANDed