mirror of
https://github.com/kyverno/kyverno.git
synced 2025-01-20 18:52:16 +00:00
f2833861f8
* fix: properly update policy context after preexisting resource in violation check Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * chore: remove all copy function usages Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * chore: nit Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * refactor context resource swap Signed-off-by: Jim Bugwadia <jim@nirmata.com> * feat: chainsaw tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: test: Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: logger panic Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: copy cover policycontext Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: ShutingZhao <shuting@nirmata.com>
88 lines
2.1 KiB
Go
88 lines
2.1 KiB
Go
package policycontext
|
|
|
|
import (
|
|
"testing"
|
|
|
|
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
|
"github.com/kyverno/kyverno/pkg/config"
|
|
"github.com/kyverno/kyverno/pkg/engine/jmespath"
|
|
kubeutils "github.com/kyverno/kyverno/pkg/utils/kube"
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
var (
|
|
cfg = config.NewDefaultConfiguration(false)
|
|
jp = jmespath.New(cfg)
|
|
)
|
|
|
|
func Test_setResources(t *testing.T) {
|
|
newResource, err := kubeutils.BytesToUnstructured([]byte(`{
|
|
"apiVersion": "v1",
|
|
"kind": "Namespace",
|
|
"metadata": {
|
|
"labels": {
|
|
"kubernetes.io/metadata.name": "test",
|
|
"size": "small"
|
|
},
|
|
"name": "namespace1"
|
|
},
|
|
"spec": {}
|
|
}`))
|
|
assert.Nil(t, err)
|
|
|
|
oldResource, err := kubeutils.BytesToUnstructured([]byte(`{
|
|
"apiVersion": "v1",
|
|
"kind": "Namespace",
|
|
"metadata": {
|
|
"labels": {
|
|
"kubernetes.io/metadata.name": "test",
|
|
"size": "small"
|
|
},
|
|
"name": "namespace2"
|
|
},
|
|
"spec": {}
|
|
}`))
|
|
assert.Nil(t, err)
|
|
|
|
pc, err := NewPolicyContext(jp, *newResource, kyvernov1.Update, nil, cfg)
|
|
assert.Nil(t, err)
|
|
pc = pc.WithOldResource(*oldResource)
|
|
|
|
n := pc.NewResource()
|
|
assert.Equal(t, "namespace1", n.GetName())
|
|
|
|
o := pc.OldResource()
|
|
assert.Equal(t, "namespace2", o.GetName())
|
|
|
|
// swap resources
|
|
pc.SetResources(*newResource, *oldResource)
|
|
|
|
n = pc.NewResource()
|
|
assert.Equal(t, "namespace2", n.GetName())
|
|
|
|
name, err := pc.JSONContext().Query("request.object.metadata.name")
|
|
assert.Nil(t, err)
|
|
assert.Equal(t, "namespace2", name)
|
|
|
|
o = pc.OldResource()
|
|
assert.Equal(t, "namespace1", o.GetName())
|
|
name, err = pc.JSONContext().Query("request.oldObject.metadata.name")
|
|
assert.Nil(t, err)
|
|
assert.Equal(t, "namespace1", name)
|
|
|
|
// swap back resources
|
|
pc.SetResources(*oldResource, *newResource)
|
|
|
|
n = pc.NewResource()
|
|
assert.Equal(t, "namespace1", n.GetName())
|
|
|
|
name, err = pc.JSONContext().Query("request.object.metadata.name")
|
|
assert.Nil(t, err)
|
|
assert.Equal(t, "namespace1", name)
|
|
|
|
o = pc.OldResource()
|
|
assert.Equal(t, "namespace2", o.GetName())
|
|
name, err = pc.JSONContext().Query("request.oldObject.metadata.name")
|
|
assert.Nil(t, err)
|
|
assert.Equal(t, "namespace2", name)
|
|
}
|