mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-05 23:46:56 +00:00
b61a1f3d18
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>
30 lines
865 B
Go
30 lines
865 B
Go
package exception
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/go-logr/logr"
|
|
kyvernov2beta1 "github.com/kyverno/kyverno/api/kyverno/v2beta1"
|
|
)
|
|
|
|
const (
|
|
namespacesDontMatch = "PolicyException resource namespace must match the defined namespace."
|
|
disabledPolex = "PolicyException resources would not be processed until it is enabled."
|
|
)
|
|
|
|
type ValidationOptions struct {
|
|
Enabled bool
|
|
Namespace string
|
|
}
|
|
|
|
// Validate checks policy exception is valid
|
|
func Validate(ctx context.Context, logger logr.Logger, polex *kyvernov2beta1.PolicyException, opts ValidationOptions) ([]string, error) {
|
|
var warnings []string
|
|
if !opts.Enabled {
|
|
warnings = append(warnings, disabledPolex)
|
|
} else if opts.Namespace != "" && opts.Namespace != polex.Namespace {
|
|
warnings = append(warnings, namespacesDontMatch)
|
|
}
|
|
errs := polex.Validate()
|
|
return warnings, errs.ToAggregate()
|
|
}
|