mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-31 03:45:17 +00:00
Code Activity

725 changed returned error

Browse source
This commit is contained in:
shravan 2020-03-06 17:11:33 +05:30
parent afdbc1ac57
commit ffd3487ace
2 changed files with 13 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
pkg/engine/validation.go
View file

@ -234,7 +234,8 @@ func validatePatterns(ctx context.EvalInterface, resource unstructured.Unstructu
errorStr = append(errorStr, err.Error()) errorStr = append(errorStr, err.Error())
} }
resp.Success = false resp.Success = false
resp.Message = fmt.Sprintf("Validation rule '%s' failed. %s", rule.Name, errorStr) glog.V(4).Infof("Validation rule '%s' failed. %s", rule.Name, errorStr)
resp.Message = fmt.Sprintf("Validation rule '%s' has failed", rule.Name)
return resp return resp
} }
} }

30
pkg/webhooks/common.go
View file

@ -4,6 +4,8 @@ import (
"fmt" "fmt"
"strings" "strings"
yamlv2 "gopkg.in/yaml.v2"
"github.com/golang/glog" "github.com/golang/glog"
kyverno "github.com/nirmata/kyverno/pkg/api/kyverno/v1" kyverno "github.com/nirmata/kyverno/pkg/api/kyverno/v1"
"github.com/nirmata/kyverno/pkg/engine/response" "github.com/nirmata/kyverno/pkg/engine/response"
@ -38,34 +40,24 @@ func toBlockResource(engineReponses []response.EngineResponse) bool {
// getEnforceFailureErrorMsg gets the error messages for failed enforce policy // getEnforceFailureErrorMsg gets the error messages for failed enforce policy
func getEnforceFailureErrorMsg(engineReponses []response.EngineResponse) string { func getEnforceFailureErrorMsg(engineReponses []response.EngineResponse) string {
var str []string policyToRule := make(map[string]interface{})
var resourceInfo string var resourceName string
var failedPolicies []string
for _, er := range engineReponses { for _, er := range engineReponses {
if !er.IsSuccesful() && er.PolicyResponse.ValidationFailureAction == Enforce { if !er.IsSuccesful() && er.PolicyResponse.ValidationFailureAction == Enforce {
failedPolicies = append(failedPolicies, er.PolicyResponse.Policy) ruleToReason := make(map[string]string)
resourceInfo = fmt.Sprintf("%s/%s/%s", er.PolicyResponse.Resource.Kind, er.PolicyResponse.Resource.Namespace, er.PolicyResponse.Resource.Name)
str = append(str, fmt.Sprintf("failed policy %s", er.PolicyResponse.Policy))
for _, rule := range er.PolicyResponse.Rules { for _, rule := range er.PolicyResponse.Rules {
if !rule.Success { if !rule.Success {
str = append(str, rule.ToString()) ruleToReason[rule.Name] = rule.Message
} }
} }
resourceName = fmt.Sprintf("%s/%s/%s", er.PolicyResponse.Resource.Kind, er.PolicyResponse.Resource.Namespace, er.PolicyResponse.Resource.Name)
policyToRule[er.PolicyResponse.Policy] = ruleToReason
} }
} }
var failureReason string result, _ := yamlv2.Marshal(policyToRule)
switch { return "\n\nresource " + resourceName + " was blocked due to the following policies\n\n" + string(result)
case len(failedPolicies) > 1:
failureReason = fmt.Sprintf("Resource %s blocked by policies %s, kindly refer to logs for further details", resourceInfo, strings.Join(failedPolicies, ", "))
case len(failedPolicies) == 1:
failureReason = fmt.Sprintf("Resource %s blocked by policy %s, kindly refer to logs for further details", resourceInfo, failedPolicies[0])
case len(failedPolicies) == 0:
failureReason = fmt.Sprintf("Resource %s has been blocked due to internal error, kindly refer to logs for further details", resourceInfo)
}
glog.V(4).Infof("Resource %s %s", resourceInfo, strings.Join(str, ";"))
return failureReason
} }
// getErrorMsg gets all failed engine response message // getErrorMsg gets all failed engine response message