mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-06 07:57:07 +00:00
daadd36c72
* added permissions check Signed-off-by: Ved Ratan <vedratan8@gmail.com> * lint fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * lint fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * issue_8091 Signed-off-by: Ved Ratan <vedratan8@gmail.com> * log fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * refactor Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Ved Ratan <vedratan8@gmail.com> Signed-off-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
35 lines
1.1 KiB
Go
35 lines
1.1 KiB
Go
package policy
|
|
|
|
import (
|
|
"context"
|
|
"time"
|
|
|
|
"github.com/go-logr/logr"
|
|
"github.com/kyverno/kyverno/pkg/clients/dclient"
|
|
admissionutils "github.com/kyverno/kyverno/pkg/utils/admission"
|
|
validation "github.com/kyverno/kyverno/pkg/validation/cleanuppolicy"
|
|
"github.com/kyverno/kyverno/pkg/webhooks/handlers"
|
|
)
|
|
|
|
type validationHandlers struct {
|
|
client dclient.Interface
|
|
}
|
|
|
|
func New(client dclient.Interface) *validationHandlers {
|
|
return &validationHandlers{
|
|
client: client,
|
|
}
|
|
}
|
|
|
|
func (h *validationHandlers) Validate(ctx context.Context, logger logr.Logger, request handlers.AdmissionRequest, _ time.Time) handlers.AdmissionResponse {
|
|
policy, _, err := admissionutils.GetCleanupPolicies(request.AdmissionRequest)
|
|
if err != nil {
|
|
logger.Error(err, "failed to unmarshal policies from admission request")
|
|
return admissionutils.Response(request.UID, err)
|
|
}
|
|
if err := validation.Validate(ctx, logger, h.client, policy); err != nil {
|
|
logger.Error(err, "policy validation errors")
|
|
return admissionutils.Response(request.UID, err)
|
|
}
|
|
return admissionutils.ResponseSuccess(request.UID)
|
|
}
|