mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-06 16:06:56 +00:00
481798c836
* chore: remove v1beta1 updaterequest definitions Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: update UR to map a policy instead a rule; adapt UR mapping changes for admission review Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: update code-gen Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: linter Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: remove unused function Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: add missing files Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: add missing files Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update ur in policy controller Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: update crds Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: adapt ur changes in the background controller Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: linter Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: more linter Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: modify mapping relationship for deletion events Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: remedy missing target for policy application Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: fetching logic for triggers Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: clean up targets upon policy deletion Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update crds Signed-off-by: ShutingZhao <shuting@nirmata.com> * merge main Signed-off-by: ShutingZhao <shuting@nirmata.com> * merge main Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: adds delay before assertion Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update docs Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: wrong yaml format Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: update error handling logic Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix(attempt): enable more debug info Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix(attempt): enable debug log Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix(attempt): enable debug log Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix(attempt): enable debug log Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: makefile to update ur crds Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: generate existing Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: skip empty ur generation Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: update install.yaml Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>
39 lines
1.3 KiB
Go
39 lines
1.3 KiB
Go
package generation
|
|
|
|
import (
|
|
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
|
kyvernov2 "github.com/kyverno/kyverno/api/kyverno/v2"
|
|
"github.com/kyverno/kyverno/pkg/engine"
|
|
admissionv1 "k8s.io/api/admission/v1"
|
|
)
|
|
|
|
func buildURSpecNew(requestType kyvernov2.RequestType, policyKey string, rules []kyvernov1.Rule, trigger kyvernov1.ResourceSpec, deleteDownstream bool) kyvernov2.UpdateRequestSpec {
|
|
ruleCtx := make([]kyvernov2.RuleContext, 0)
|
|
for _, rule := range rules {
|
|
ctx := buildRuleContext(rule, trigger, deleteDownstream)
|
|
ruleCtx = append(ruleCtx, ctx)
|
|
}
|
|
return kyvernov2.UpdateRequestSpec{
|
|
Type: requestType,
|
|
Policy: policyKey,
|
|
RuleContext: ruleCtx,
|
|
}
|
|
}
|
|
|
|
func buildRuleContext(rule kyvernov1.Rule, trigger kyvernov1.ResourceSpec, deleteDownstream bool) kyvernov2.RuleContext {
|
|
return kyvernov2.RuleContext{
|
|
Rule: rule.Name,
|
|
Trigger: trigger,
|
|
DeleteDownstream: deleteDownstream,
|
|
}
|
|
}
|
|
|
|
func buildURContext(request admissionv1.AdmissionRequest, policyContext *engine.PolicyContext) kyvernov2.UpdateRequestSpecContext {
|
|
return kyvernov2.UpdateRequestSpecContext{
|
|
UserRequestInfo: policyContext.AdmissionInfo(),
|
|
AdmissionRequestInfo: kyvernov2.AdmissionRequestInfoObject{
|
|
AdmissionRequest: &request,
|
|
Operation: request.Operation,
|
|
},
|
|
}
|
|
}
|