mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-10 18:06:55 +00:00
b10947b975
* support k8s 1.22, update admissionregistration.k8s.io/v1beta1 to admissionregistration.k8s.io/v1 Signed-off-by: ShutingZhao <shutting06@gmail.com> * - add failurePolicy to policy spec; - fix typo Signed-off-by: ShutingZhao <shutting06@gmail.com> * - add schema validation for failurePolicy; - add a printer column Signed-off-by: ShutingZhao <shutting06@gmail.com> * set default failure policy to fail if not defined Signed-off-by: ShutingZhao <shutting06@gmail.com> * resolve conflicts Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix missing type for printerColumn Signed-off-by: ShutingZhao <shutting06@gmail.com> * refactor policy controller Signed-off-by: ShutingZhao <shutting06@gmail.com> * add webhook config manager Signed-off-by: ShutingZhao <shutting06@gmail.com> * - build webhook objects per policy update; - add fail webhook to default webhook configurations Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix panic on policy update Signed-off-by: ShutingZhao <shutting06@gmail.com> * build default webhook: match empty if autoUpdateWebhooks is enabled, otherwise match all Signed-off-by: ShutingZhao <shutting06@gmail.com> * - set default webhook configs rule to empty; - handle policy deletion Signed-off-by: ShutingZhao <shutting06@gmail.com> * reset webhook config if policies with a specific failurePolicy are cleaned up Signed-off-by: ShutingZhao <shutting06@gmail.com> * handle wildcard pocliy Signed-off-by: ShutingZhao <shutting06@gmail.com> * update default webhook timeout to 10s Signed-off-by: ShutingZhao <shutting06@gmail.com> * cleanups Signed-off-by: ShutingZhao <shutting06@gmail.com> * added webhook informer to re-create it immediately if missing Signed-off-by: ShutingZhao <shutting06@gmail.com> * update tag webhookTimeoutSeconds description Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix e2e tests Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix linter issue Signed-off-by: ShutingZhao <shutting06@gmail.com> * correct metric endpoint Signed-off-by: ShutingZhao <shutting06@gmail.com> * add pol.generate.kind to webhooks Signed-off-by: ShutingZhao <shutting06@gmail.com>
88 lines
2.2 KiB
Go
88 lines
2.2 KiB
Go
package common
|
|
|
|
import (
|
|
"bytes"
|
|
"fmt"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/kyverno/kyverno/test/e2e"
|
|
)
|
|
|
|
func CallMetrics() (string, error) {
|
|
requestObj := e2e.APIRequest{
|
|
URL: "http://localhost:8000/metrics",
|
|
Type: "GET",
|
|
}
|
|
|
|
response, err := e2e.CallAPI(requestObj)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
buf := new(bytes.Buffer)
|
|
_, err = buf.ReadFrom(response.Body)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
newStr := buf.String()
|
|
return newStr, nil
|
|
}
|
|
|
|
// ProcessMetrics checks the metrics log and identify if the policy is added in cache or not
|
|
func ProcessMetrics(newStr, e2ePolicyName string) error {
|
|
splitByNewLine := strings.Split(newStr, "\n")
|
|
for _, lineSplitByNewLine := range splitByNewLine {
|
|
// kyverno_policy_rule_info_total{policy_background_mode=\"false\",policy_name=\"gen-cluster-policy\",policy_namespace=\"-\",policy_type=\"cluster\",policy_validation_mode=\"audit\",rule_name=\"gen-cluster-role\",rule_type=\"generate\",status_ready="false"} 1
|
|
if !strings.HasPrefix(lineSplitByNewLine, "kyverno_policy_rule_info_total{") {
|
|
continue
|
|
}
|
|
|
|
if !strings.HasSuffix(lineSplitByNewLine, "} 1") {
|
|
continue
|
|
}
|
|
|
|
splitByComma := strings.Split(lineSplitByNewLine, ",")
|
|
for _, lineSplitByComma := range splitByComma {
|
|
if strings.HasPrefix(lineSplitByComma, "policy_name=") {
|
|
splitByQuote := strings.Split(lineSplitByComma, "\"")
|
|
policyName := splitByQuote[1]
|
|
if policyName != e2ePolicyName {
|
|
continue
|
|
}
|
|
}
|
|
if strings.HasPrefix(lineSplitByComma, "status_ready=") {
|
|
splitByQuote := strings.Split(lineSplitByComma, "\"")
|
|
status := splitByQuote[1]
|
|
if status == "true" {
|
|
return nil
|
|
}
|
|
}
|
|
|
|
}
|
|
}
|
|
|
|
return fmt.Errorf("policy %s not found in metrics %s", e2ePolicyName, newStr)
|
|
}
|
|
|
|
func PolicyCreated(policyName string) error {
|
|
return e2e.GetWithRetry(1*time.Second, 60, checkPolicyCreated(policyName))
|
|
}
|
|
|
|
func checkPolicyCreated(policyName string) func() error {
|
|
return func() error {
|
|
var metricsString string
|
|
metricsString, err := CallMetrics()
|
|
if err != nil {
|
|
return fmt.Errorf("failed to get metrics: %v", err)
|
|
}
|
|
|
|
err = ProcessMetrics(metricsString, policyName)
|
|
if err != nil {
|
|
return fmt.Errorf("policy not created: %v", err)
|
|
}
|
|
|
|
return nil
|
|
}
|
|
}
|