1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-01-20 18:52:16 +00:00
kyverno/pkg/policy/utils.go
Mike Bryant 91021b65b6
fix: Delete downstream objects on precondition fail (#7496)
* fix: Delete downstream objects on precondition fail

When a rule fails the match in a generate rule, the downstream resource gets deleted. This will now also happen if the rule is skipped due to a precondition.

Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk>

* add debug command

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* sync trigger updates to downstream

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix bgscan fetching trigger

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: Move rbac change into tests for better isolation

Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk>

* fix unit test

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-06-15 11:32:19 -04:00

40 lines
919 B
Go

package policy
import (
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
"k8s.io/apimachinery/pkg/util/sets"
)
func fetchUniqueKinds(rule kyvernov1.Rule) []string {
kinds := sets.New(rule.MatchResources.Kinds...)
for _, any := range rule.MatchResources.Any {
kinds.Insert(any.Kinds...)
}
for _, all := range rule.MatchResources.All {
kinds.Insert(all.Kinds...)
}
return kinds.UnsortedList()
}
func convertlist(ulists []unstructured.Unstructured) []*unstructured.Unstructured {
var result []*unstructured.Unstructured
for _, list := range ulists {
result = append(result, list.DeepCopy())
}
return result
}
func castPolicy(p interface{}) kyvernov1.PolicyInterface {
var policy kyvernov1.PolicyInterface
switch obj := p.(type) {
case *kyvernov1.ClusterPolicy:
policy = obj
case *kyvernov1.Policy:
policy = obj
}
return policy
}