mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-05 15:37:19 +00:00
3142af64a0
* feat: add global context entry validation webhook Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: use `k8s.io/apimachinery/pkg/util/json` instead of `encoding/json` Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: lint Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
42 lines
1.2 KiB
Go
42 lines
1.2 KiB
Go
package admission
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
|
admissionv1 "k8s.io/api/admission/v1"
|
|
"k8s.io/apimachinery/pkg/util/json"
|
|
)
|
|
|
|
func UnmarshalPolicy(kind string, raw []byte) (kyvernov1.PolicyInterface, error) {
|
|
if kind == "ClusterPolicy" {
|
|
var policy *kyvernov1.ClusterPolicy
|
|
if err := json.Unmarshal(raw, &policy); err != nil {
|
|
return nil, err
|
|
}
|
|
return policy, nil
|
|
} else if kind == "Policy" {
|
|
var policy *kyvernov1.Policy
|
|
if err := json.Unmarshal(raw, &policy); err != nil {
|
|
return nil, err
|
|
}
|
|
return policy, nil
|
|
}
|
|
return nil, fmt.Errorf("admission request does not contain a policy")
|
|
}
|
|
|
|
func GetPolicy(request admissionv1.AdmissionRequest) (kyvernov1.PolicyInterface, error) {
|
|
return UnmarshalPolicy(request.Kind.Kind, request.Object.Raw)
|
|
}
|
|
|
|
func GetPolicies(request admissionv1.AdmissionRequest) (kyvernov1.PolicyInterface, kyvernov1.PolicyInterface, error) {
|
|
policy, err := UnmarshalPolicy(request.Kind.Kind, request.Object.Raw)
|
|
if err != nil {
|
|
return policy, nil, err
|
|
}
|
|
if request.Operation == admissionv1.Update {
|
|
oldPolicy, err := UnmarshalPolicy(request.Kind.Kind, request.OldObject.Raw)
|
|
return policy, oldPolicy, err
|
|
}
|
|
return policy, nil, nil
|
|
}
|