mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-06 16:06:56 +00:00
5b8ab3842b
* initial commit * variable substitution * update tests * update test * refactor engine packages for validate & generate * update vendor * update toml * support variable substitution in overlay mutation * missing update * fix indentation in logs * store context values as single JSON document using merge patches. * remove duplicate functions * fix message string * Handle processing of policies in background (#569) * remove condition check while generating mutation patch as conditions are verified in the first iteration * initial commit * background policy validation * correct message * skip non-background policy process for add/update * fix order to correct policy registration * update comment Co-authored-by: shuting <shutting06@gmail.com> * refactor Co-authored-by: shuting <shutting06@gmail.com>
103 lines
2.3 KiB
Go
103 lines
2.3 KiB
Go
package context
|
|
|
|
import (
|
|
"encoding/json"
|
|
"sync"
|
|
|
|
jsonpatch "github.com/evanphx/json-patch"
|
|
"github.com/golang/glog"
|
|
authenticationv1 "k8s.io/api/authentication/v1"
|
|
)
|
|
|
|
//Interface ... normal functions
|
|
type Interface interface {
|
|
// merges the json with context
|
|
AddJSON(dataRaw []byte) error
|
|
// merges resource json under request.object
|
|
AddResource(dataRaw []byte) error
|
|
// merges userInfo json under request.userInfo
|
|
AddUserInfo(userInfo authenticationv1.UserInfo) error
|
|
EvalInterface
|
|
}
|
|
|
|
//EvalInterface ... to evaluate
|
|
type EvalInterface interface {
|
|
Query(query string) (interface{}, error)
|
|
}
|
|
|
|
//Context stores the data resources as JSON
|
|
type Context struct {
|
|
mu sync.RWMutex
|
|
jsonRaw []byte
|
|
}
|
|
|
|
//NewContext returns a new context
|
|
func NewContext() *Context {
|
|
ctx := Context{
|
|
// data: map[string]interface{}{},
|
|
jsonRaw: []byte(`{}`), // empty json struct
|
|
}
|
|
return &ctx
|
|
}
|
|
|
|
// AddJSON merges json data
|
|
func (ctx *Context) AddJSON(dataRaw []byte) error {
|
|
var err error
|
|
ctx.mu.Lock()
|
|
defer ctx.mu.Unlock()
|
|
// merge json
|
|
ctx.jsonRaw, err = jsonpatch.MergePatch(ctx.jsonRaw, dataRaw)
|
|
if err != nil {
|
|
glog.V(4).Infof("failed to merge JSON data: %v", err)
|
|
return err
|
|
}
|
|
return nil
|
|
}
|
|
|
|
//AddResource adds data at path: request.object
|
|
func (ctx *Context) AddResource(dataRaw []byte) error {
|
|
|
|
// unmarshall the resource struct
|
|
var data interface{}
|
|
if err := json.Unmarshal(dataRaw, &data); err != nil {
|
|
glog.V(4).Infof("failed to unmarshall the context data: %v", err)
|
|
return err
|
|
}
|
|
|
|
modifiedResource := struct {
|
|
Request interface{} `json:"request"`
|
|
}{
|
|
Request: struct {
|
|
Object interface{} `json:"object"`
|
|
}{
|
|
Object: data,
|
|
},
|
|
}
|
|
|
|
objRaw, err := json.Marshal(modifiedResource)
|
|
if err != nil {
|
|
glog.V(4).Infof("failed to marshall the updated context data")
|
|
return err
|
|
}
|
|
return ctx.AddJSON(objRaw)
|
|
}
|
|
|
|
//AddUserInfo adds data at path: request.userInfo
|
|
func (ctx *Context) AddUserInfo(userInfo authenticationv1.UserInfo) error {
|
|
modifiedResource := struct {
|
|
Request interface{} `json:"request"`
|
|
}{
|
|
Request: struct {
|
|
UserInfo interface{} `json:"userInfo"`
|
|
}{
|
|
UserInfo: userInfo,
|
|
},
|
|
}
|
|
|
|
objRaw, err := json.Marshal(modifiedResource)
|
|
if err != nil {
|
|
glog.V(4).Infof("failed to marshall the updated context data")
|
|
return err
|
|
}
|
|
return ctx.AddJSON(objRaw)
|
|
}
|