refactor: split policyreport api files (#4641)

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2025-04-16 09:16:24 +00:00 · 2022-09-19 12:28:51 +02:00 · 2022-09-19 12:28:51 +02:00 · fe8c5bbdf2
commit fe8c5bbdf2
parent 47b3704848
3 changed files with 136 additions and 123 deletions
--- a/api/policyreport/v1alpha2/clusterpolicyreport_types.go
+++ b/api/policyreport/v1alpha2/clusterpolicyreport_types.go
@ -21,9 +21,6 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 // EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
 // NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
 // +genclient
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 // +genclient:nonNamespaced
--- a/api/policyreport/v1alpha2/common.go
+++ b/api/policyreport/v1alpha2/common.go
@ -0,0 +1,136 @@
 /*
 Copyright 2020 The Kubernetes authors.
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package v1alpha2
 import (
 	"encoding/json"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 // Status specifies state of a policy result
 const (
 	StatusPass  = "pass"
 	StatusFail  = "fail"
 	StatusWarn  = "warn"
 	StatusError = "error"
 	StatusSkip  = "skip"
 )
 // Severity specifies priority of a policy result
 const (
 	SeverityCritical = "critical"
 	SeverityHigh     = "high"
 	SeverityMedium   = "medium"
 	SeverityLow      = "low"
 	SeverityInfo     = "info"
 )
 // PolicyReportSummary provides a status count summary
 type PolicyReportSummary struct {
 	// Pass provides the count of policies whose requirements were met
 	// +optional
 	Pass int `json:"pass"`
 	// Fail provides the count of policies whose requirements were not met
 	// +optional
 	Fail int `json:"fail"`
 	// Warn provides the count of non-scored policies whose requirements were not met
 	// +optional
 	Warn int `json:"warn"`
 	// Error provides the count of policies that could not be evaluated
 	// +optional
 	Error int `json:"error"`
 	// Skip indicates the count of policies that were not selected for evaluation
 	// +optional
 	Skip int `json:"skip"`
 }
 func (prs PolicyReportSummary) ToMap() map[string]interface{} {
 	b, _ := json.Marshal(&prs)
 	var m map[string]interface{}
 	_ = json.Unmarshal(b, &m)
 	return m
 }
 // PolicyResult has one of the following values:
 //   - pass: indicates that the policy requirements are met
 //   - fail: indicates that the policy requirements are not met
 //   - warn: indicates that the policy requirements and not met, and the policy is not scored
 //   - error: indicates that the policy could not be evaluated
 //   - skip: indicates that the policy was not selected based on user inputs or applicability
 //
 // +kubebuilder:validation:Enum=pass;fail;warn;error;skip
 type PolicyResult string
 // PolicySeverity has one of the following values:
 // - critical
 // - high
 // - low
 // - medium
 // - info
 // +kubebuilder:validation:Enum=critical;high;low;medium;info
 type PolicySeverity string
 // PolicyReportResult provides the result for an individual policy
 type PolicyReportResult struct {
 	// Source is an identifier for the policy engine that manages this report
 	// +optional
 	Source string `json:"source"`
 	// Policy is the name or identifier of the policy
 	Policy string `json:"policy"`
 	// Rule is the name or identifier of the rule within the policy
 	// +optional
 	Rule string `json:"rule,omitempty"`
 	// Subjects is an optional reference to the checked Kubernetes resources
 	// +optional
 	Resources []corev1.ObjectReference `json:"resources,omitempty"`
 	// SubjectSelector is an optional label selector for checked Kubernetes resources.
 	// For example, a policy result may apply to all pods that match a label.
 	// Either a Subject or a SubjectSelector can be specified.
 	// If neither are provided, the result is assumed to be for the policy report scope.
 	// +optional
 	ResourceSelector *metav1.LabelSelector `json:"resourceSelector,omitempty"`
 	// Description is a short user friendly message for the policy rule
 	Message string `json:"message,omitempty"`
 	// Result indicates the outcome of the policy rule execution
 	Result PolicyResult `json:"result,omitempty"`
 	// Scored indicates if this result is scored
 	Scored bool `json:"scored,omitempty"`
 	// Properties provides additional information for the policy rule
 	Properties map[string]string `json:"properties,omitempty"`
 	// Timestamp indicates the time the result was found
 	Timestamp metav1.Timestamp `json:"timestamp,omitempty"`
 	// Category indicates policy category
 	// +optional
 	Category string `json:"category,omitempty"`
 	// Severity indicates policy check result criticality
 	// +optional
 	Severity PolicySeverity `json:"severity,omitempty"`
 }
--- a/api/policyreport/v1alpha2/policyreport_types.go
+++ b/api/policyreport/v1alpha2/policyreport_types.go
@ -14,130 +14,10 @@ limitations under the License.
 package v1alpha2
 import (
 	"encoding/json"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 // EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
 // NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
 // Status specifies state of a policy result
 const (
 	StatusPass  = "pass"
 	StatusFail  = "fail"
 	StatusWarn  = "warn"
 	StatusError = "error"
 	StatusSkip  = "skip"
 )
 // Severity specifies priority of a policy result
 const (
 	SeverityCritical = "critical"
 	SeverityHigh     = "high"
 	SeverityMedium   = "medium"
 	SeverityLow      = "low"
 	SeverityInfo     = "info"
 )
 // PolicyReportSummary provides a status count summary
 type PolicyReportSummary struct {
 	// Pass provides the count of policies whose requirements were met
 	// +optional
 	Pass int `json:"pass"`
 	// Fail provides the count of policies whose requirements were not met
 	// +optional
 	Fail int `json:"fail"`
 	// Warn provides the count of non-scored policies whose requirements were not met
 	// +optional
 	Warn int `json:"warn"`
 	// Error provides the count of policies that could not be evaluated
 	// +optional
 	Error int `json:"error"`
 	// Skip indicates the count of policies that were not selected for evaluation
 	// +optional
 	Skip int `json:"skip"`
 }
 func (prs PolicyReportSummary) ToMap() map[string]interface{} {
 	b, _ := json.Marshal(&prs)
 	var m map[string]interface{}
 	_ = json.Unmarshal(b, &m)
 	return m
 }
 // PolicyResult has one of the following values:
 //   - pass: indicates that the policy requirements are met
 //   - fail: indicates that the policy requirements are not met
 //   - warn: indicates that the policy requirements and not met, and the policy is not scored
 //   - error: indicates that the policy could not be evaluated
 //   - skip: indicates that the policy was not selected based on user inputs or applicability
 //
 // +kubebuilder:validation:Enum=pass;fail;warn;error;skip
 type PolicyResult string
 // PolicySeverity has one of the following values:
 // - critical
 // - high
 // - low
 // - medium
 // - info
 // +kubebuilder:validation:Enum=critical;high;low;medium;info
 type PolicySeverity string
 // PolicyReportResult provides the result for an individual policy
 type PolicyReportResult struct {
 	// Source is an identifier for the policy engine that manages this report
 	// +optional
 	Source string `json:"source"`
 	// Policy is the name or identifier of the policy
 	Policy string `json:"policy"`
 	// Rule is the name or identifier of the rule within the policy
 	// +optional
 	Rule string `json:"rule,omitempty"`
 	// Subjects is an optional reference to the checked Kubernetes resources
 	// +optional
 	Resources []corev1.ObjectReference `json:"resources,omitempty"`
 	// SubjectSelector is an optional label selector for checked Kubernetes resources.
 	// For example, a policy result may apply to all pods that match a label.
 	// Either a Subject or a SubjectSelector can be specified.
 	// If neither are provided, the result is assumed to be for the policy report scope.
 	// +optional
 	ResourceSelector *metav1.LabelSelector `json:"resourceSelector,omitempty"`
 	// Description is a short user friendly message for the policy rule
 	Message string `json:"message,omitempty"`
 	// Result indicates the outcome of the policy rule execution
 	Result PolicyResult `json:"result,omitempty"`
 	// Scored indicates if this result is scored
 	Scored bool `json:"scored,omitempty"`
 	// Properties provides additional information for the policy rule
 	Properties map[string]string `json:"properties,omitempty"`
 	// Timestamp indicates the time the result was found
 	Timestamp metav1.Timestamp `json:"timestamp,omitempty"`
 	// Category indicates policy category
 	// +optional
 	Category string `json:"category,omitempty"`
 	// Severity indicates policy check result criticality
 	// +optional
 	Severity PolicySeverity `json:"severity,omitempty"`
 }
 // +genclient
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 // +kubebuilder:object:root=true