* fix: do not pass dynamicConfig to matchesResourceDescriptionMatchHelper (#6231)
(and only pass it to call for the exclude part of the rule)
Signed-off-by: Ray Burgemeestre <rayb@nvidia.com>
* chore: add unit tests to cover the fix, and to ensure the exclude behavior still works (#6231)
Signed-off-by: Ray Burgemeestre <rayb@nvidia.com>
---------
Signed-off-by: Ray Burgemeestre <rayb@nvidia.com>
Co-authored-by: Ray Burgemeestre <rayb@nvidia.com>
* updated foreach logic and added tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* uncomment tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix vars and unit tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix vars and unit tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix some tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix more tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* format
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* make codegen
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* linter
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* cleanup
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix linter issue
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* revert local launch
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* propagate context
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* uncomment tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix propagation of registry client
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
* handle subresources
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* make fmt
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix logger name
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix webhook and logs
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* make fmt
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
* Added test-e2e-local in the Makefile
* Added a proper Indentation
* Added 3 more fields
* Added getPolicyResourceFullPath function
* Updating the patchedResource path to full path
* Converts Namespaced policy to ClusterPolicy
* Added GetPatchedResourceFromPath function
* Added GetPatchedResource function
* Checks for namespaced-policy from policy name provided bu user
* Generalizing resultKey for both validate and mutate. Also added kind field to this key
* Added Type field to PolicySpec
* To handle mutate case when resource and patchedResource are equal
* fetch patchResource from path provided by user and compare it with engine patchedResource
* generating result by comparing patchedResource
* Added kind to resultKey
* Handles namespaced policy results
* Skip is required
* Added []*response.EngineResponse return type in ApplyPolicyOnResource function
* namespaced policy only surpasses resources having same namespace as policy
* apply command will print the patchedResource whereas test will not
* passing engineResponse instead of validateEngineResponse because it supports results for both validate and mutate case
* default namespace will printed in the output table if no namespace is being provided by the user
* Added e2e test for mutate policy and also examples for both type of policies
* Created a separate function to get resultKey
* Changes in the resultKey for validate case
* Added help description for test command in the cli
* fixes code for more test cases
* fixes code to support more cases and also added resources for e2e-test
* some small changes like adding brackets, clubbing 2 if cond into one, changing variable name, etc.
* Rearrange GetPatchedResourceFromPath function to get rid from repetion of same thing twice.
* Added kind in the result section of test.yaml for all test-cases
* engineResponse will handle different types of response
* GetPatchedResource() uses GetResource function to fetch patched resource
Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com>
* intial commit
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* update types
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* updated all type
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* extract to single struct
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* updated match resource description function
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* minor test working
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* match resources test is working
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* exclude resources test is working
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* changed double negetive in logic
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* yamls updated and added validation and cache loops
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* match exclude working but need to fix matchExcludeConflict function
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* restored doMatchAndExcludeConflict function
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* rewrote the matchExcludeConflictFunction
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* finalizing completed till utils_test.go
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* ready for review complete
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* update yamls
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* one more merge conflict solved
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* regenerates YAMLs
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* possible fix for failing tests
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* removed duplicate any/all logic and added a test, (rest refacotring is in progress)
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* cache test is working
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* improved cache test and it is working
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* added check for mutate and generate policies too
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* cleaned doesResourceMatchConditionBlock logic but validation still has code from attempt to combine the all block
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* reverted validate.go to older logic
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* removed commented code
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* removed extra comments
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
* apply pod's rules if the owner is not k8s pod-controllers
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
* add unit tests
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
