mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-11 02:16:53 +00:00
Code Activity
kyverno/pkg/background/common/util.go
Chandan-DK cafc0990f9
fix: generate policy fails if triggered resource name exceeds 63 characters limit (#8466) 
* fix: generate label resource name character length issue

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* add source label

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* modify newUR function

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* fix

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* improve readability

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* remove generate source name label

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* Revert changes

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* update ResourceSpec

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* add URGenerateResourceUIDLabel

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* make codegen crds all

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* make codegen client all

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* add GenerateSourceUIDLabel

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* modify comment

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* make codegen crds all

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* make codegen-docs-all

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* make codegen-all

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* set trigger uid

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* add uid in transform()

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* add name label

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* fix: use resource name labels along with its UID

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: use the resource name label only if its uid label isn't set

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* add kuttl tests

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: delete the trigger resource in the test

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: delete the source in the kuttl test

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* add generate trigger uid label

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* modify TriggerInfo function

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* populate uid field for new update requests

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* populate new ur spec with uid

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* handle downstream resources cleanup

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* populate uid of ur status

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* fetch triggers by the UID label

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* label triggers

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fetch trigger by comparing UID

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fetch cloneList downstream resource by UID

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* update test names

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* remove trigger name label assertions from kuttl tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add unit name selector

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add sleep

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* assert events on failures

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* rename tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: Chandan-DK <chandandk468@gmail.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: shuting <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-11-06 10:37:13 +00:00

108 lines
4 KiB
Go
Raw Blame History

package common
import (
"context"
"fmt"
"strconv"
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
kyvernov1beta1 "github.com/kyverno/kyverno/api/kyverno/v1beta1"
"github.com/kyverno/kyverno/pkg/client/clientset/versioned"
kyvernov1beta1listers "github.com/kyverno/kyverno/pkg/client/listers/kyverno/v1beta1"
"github.com/kyverno/kyverno/pkg/clients/dclient"
"github.com/kyverno/kyverno/pkg/config"
"github.com/kyverno/kyverno/pkg/logging"
errors "github.com/pkg/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
)
func UpdateStatus(client versioned.Interface, urLister kyvernov1beta1listers.UpdateRequestNamespaceLister, name string, state kyvernov1beta1.UpdateRequestState, message string, genResources []kyvernov1.ResourceSpec) (*kyvernov1beta1.UpdateRequest, error) {
var latest *kyvernov1beta1.UpdateRequest
ur, err := client.KyvernoV1beta1().UpdateRequests(config.KyvernoNamespace()).Get(context.TODO(), name, metav1.GetOptions{})
if err != nil {
return ur, errors.Wrapf(err, "failed to fetch update request")
}
latest = ur.DeepCopy()
latest.Status.State = state
latest.Status.Message = message
if genResources != nil {
latest.Status.GeneratedResources = genResources
}
new, err := client.KyvernoV1beta1().UpdateRequests(config.KyvernoNamespace()).UpdateStatus(context.TODO(), latest, metav1.UpdateOptions{})
if err != nil {
return ur, errors.Wrapf(err, "failed to update ur status to %s", string(state))
}
logging.V(3).Info("updated update request status", "name", name, "status", string(state), "state", new.Status.State)
return ur, nil
}
func PolicyKey(namespace, name string) string {
if namespace != "" {
return namespace + "/" + name
}
return name
}
func ResourceSpecFromUnstructured(obj unstructured.Unstructured) kyvernov1.ResourceSpec {
return kyvernov1.ResourceSpec{
APIVersion: obj.GetAPIVersion(),
Kind: obj.GetKind(),
Namespace: obj.GetNamespace(),
Name: obj.GetName(),
UID: obj.GetUID(),
}
}
func increaseRetryAnnotation(ur *kyvernov1beta1.UpdateRequest) (int, map[string]string, error) {
urAnnotations := ur.Annotations
if len(urAnnotations) == 0 {
urAnnotations = map[string]string{
kyvernov1beta1.URGenerateRetryCountAnnotation: "1",
}
}
retry := 1
val, ok := urAnnotations[kyvernov1beta1.URGenerateRetryCountAnnotation]
if !ok {
urAnnotations[kyvernov1beta1.URGenerateRetryCountAnnotation] = "1"
} else {
retryUint, err := strconv.ParseUint(val, 10, 64)
if err != nil {
return retry, urAnnotations, fmt.Errorf("unable to convert retry-count %v: %w", val, err)
}
retry = int(retryUint)
retry += 1
incrementedRetryString := strconv.Itoa(retry)
urAnnotations[kyvernov1beta1.URGenerateRetryCountAnnotation] = incrementedRetryString
}
return retry, urAnnotations, nil
}
func UpdateRetryAnnotation(kyvernoClient versioned.Interface, ur *kyvernov1beta1.UpdateRequest) error {
retry, urAnnotations, err := increaseRetryAnnotation(ur)
if err != nil {
return err
}
if retry > 3 {
err = kyvernoClient.KyvernoV1beta1().UpdateRequests(config.KyvernoNamespace()).Delete(context.TODO(), ur.GetName(), metav1.DeleteOptions{})
if err != nil {
return errors.Wrapf(err, "exceeds retry limit, failed to delete the UR: %s, retry: %v, resourceVersion: %s", ur.Name, retry, ur.GetResourceVersion())
}
} else {
ur.SetAnnotations(urAnnotations)
_, err = kyvernoClient.KyvernoV1beta1().UpdateRequests(config.KyvernoNamespace()).Update(context.TODO(), ur, metav1.UpdateOptions{})
if err != nil {
return errors.Wrapf(err, "failed to update annotation in update request: %s for the resource, retry: %v, resourceVersion %s, annotations: %v", ur.Name, retry, ur.GetResourceVersion(), urAnnotations)
}
}
return nil
}
func FindDownstream(client dclient.Interface, apiVersion, kind string, labels map[string]string) (*unstructured.UnstructuredList, error) {
selector := &metav1.LabelSelector{MatchLabels: labels}
return client.ListResource(context.TODO(), apiVersion, kind, "", selector)
}
View git blame Copy permalink