mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-09 09:26:54 +00:00
be06bff665
* support inline exceptions in cli apply Signed-off-by: bakito <github@bakito.ch> * rename flag Signed-off-by: bakito <github@bakito.ch> * Update cmd/cli/kubectl-kyverno/commands/apply/command.go Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com> Signed-off-by: Marc Brugger <github@bakito.ch> * Update docs/user/cli/commands/kyverno_apply.md Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com> Signed-off-by: Marc Brugger <github@bakito.ch> * Restore missed sections from merge Signed-off-by: Marc Brugger <github@bakito.ch> --------- Signed-off-by: bakito <github@bakito.ch> Signed-off-by: Marc Brugger <github@bakito.ch> Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
76 lines
2.3 KiB
Go
76 lines
2.3 KiB
Go
package exception
|
|
|
|
import (
|
|
"os"
|
|
"testing"
|
|
|
|
kyvernov2 "github.com/kyverno/kyverno/api/kyverno/v2"
|
|
kyvernov2alpha1 "github.com/kyverno/kyverno/api/kyverno/v2alpha1"
|
|
kyvernov2beta1 "github.com/kyverno/kyverno/api/kyverno/v2beta1"
|
|
"github.com/stretchr/testify/require"
|
|
corev1 "k8s.io/api/core/v1"
|
|
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
|
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
|
"k8s.io/apimachinery/pkg/runtime"
|
|
)
|
|
|
|
func Test_load(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
policies string
|
|
wantLoaded int
|
|
wantErr bool
|
|
}{{
|
|
name: "not a policy exception",
|
|
policies: "../_testdata/resources/namespace.yaml",
|
|
wantErr: true,
|
|
}, {
|
|
name: "policy exception",
|
|
policies: "../_testdata/exceptions/exception.yaml",
|
|
wantLoaded: 1,
|
|
}, {
|
|
name: "policy exception and policy",
|
|
policies: "../_testdata/exceptions/exception-and-policy.yaml",
|
|
wantErr: true,
|
|
}}
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
bytes, err := os.ReadFile(tt.policies)
|
|
require.NoError(t, err)
|
|
require.NoError(t, err)
|
|
if res, err := load(bytes); (err != nil) != tt.wantErr {
|
|
t.Errorf("Load() error = %v, wantErr %v", err, tt.wantErr)
|
|
} else if len(res) != tt.wantLoaded {
|
|
t.Errorf("Load() loaded amount = %v, wantLoaded %v", len(res), tt.wantLoaded)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func Test_SelectFrom(t *testing.T) {
|
|
resources := toUnstructured(t,
|
|
&corev1.ConfigMap{TypeMeta: v1.TypeMeta{Kind: "ConfigMap", APIVersion: "v1"}},
|
|
&kyvernov2.PolicyException{TypeMeta: v1.TypeMeta{
|
|
Kind: exceptionV2.Kind, APIVersion: exceptionV2.GroupVersion().String()},
|
|
},
|
|
&kyvernov2alpha1.PolicyException{TypeMeta: v1.TypeMeta{
|
|
Kind: exceptionV2alpha1.Kind, APIVersion: exceptionV2alpha1.GroupVersion().String()},
|
|
},
|
|
&kyvernov2beta1.PolicyException{TypeMeta: v1.TypeMeta{
|
|
Kind: exceptionV2beta1.Kind, APIVersion: exceptionV2beta1.GroupVersion().String()},
|
|
},
|
|
)
|
|
exceptions := SelectFrom(resources)
|
|
require.Len(t, exceptions, 3)
|
|
}
|
|
|
|
func toUnstructured(t *testing.T, in ...interface{}) []*unstructured.Unstructured {
|
|
var resources []*unstructured.Unstructured
|
|
for _, r := range in {
|
|
us, err := runtime.DefaultUnstructuredConverter.ToUnstructured(r)
|
|
require.NoError(t, err)
|
|
resources = append(resources, &unstructured.Unstructured{Object: us})
|
|
}
|
|
|
|
return resources
|
|
}
|