mirror of
https://github.com/kyverno/kyverno.git
synced 2024-12-15 17:51:20 +00:00
a9fef256c7
* updates for foreach and mutate Signed-off-by: Jim Bugwadia <jim@nirmata.com> * allow tests to pass on Windows Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter check Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add elementIndex variable Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix jsonResult usage Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add mutate validation and fix error in validate.foreach Signed-off-by: Jim Bugwadia <jim@nirmata.com> * format Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update message Signed-off-by: Jim Bugwadia <jim@nirmata.com> * do not skip validation for all array entries when one is skipped Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add foreach tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix format errors Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove unused declarations Signed-off-by: Jim Bugwadia <jim@nirmata.com> * revert namespaceWithLabelYaml Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix mutate of element list Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update CRDs Signed-off-by: Jim Bugwadia <jim@nirmata.com> * Update api/kyverno/v1/policy_types.go Co-authored-by: Steven E. Harris <seh@panix.com> * Update pkg/engine/forceMutate.go Co-authored-by: Steven E. Harris <seh@panix.com> * Update pkg/engine/forceMutate.go Co-authored-by: Steven E. Harris <seh@panix.com> * Update pkg/engine/forceMutate.go Co-authored-by: Steven E. Harris <seh@panix.com> * Update pkg/engine/mutation.go Co-authored-by: Steven E. Harris <seh@panix.com> * Update pkg/engine/mutation.go Co-authored-by: Steven E. Harris <seh@panix.com> * Update pkg/engine/mutation.go Co-authored-by: Steven E. Harris <seh@panix.com> * Update pkg/engine/validate/validate.go Co-authored-by: Steven E. Harris <seh@panix.com> * Update pkg/engine/validate/validate.go Co-authored-by: Steven E. Harris <seh@panix.com> * Update test/cli/test/custom-functions/policy.yaml Co-authored-by: Steven E. Harris <seh@panix.com> * Update test/cli/test/foreach/policies.yaml Co-authored-by: Steven E. Harris <seh@panix.com> * accept review comments and format Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add comments to strategicMergePatch buffer Signed-off-by: Jim Bugwadia <jim@nirmata.com> * load context and evaluate preconditions foreach element Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add test for foreach mutate context and precondition * precondition testcase * address review comments Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update message Signed-off-by: Jim Bugwadia <jim@nirmata.com> * format Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Steven E. Harris <seh@panix.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
60 lines
1.4 KiB
Go
60 lines
1.4 KiB
Go
package validate
|
|
|
|
import (
|
|
"container/list"
|
|
|
|
commonAnchors "github.com/kyverno/kyverno/pkg/engine/anchor"
|
|
)
|
|
|
|
// Checks if pattern has anchors
|
|
func hasNestedAnchors(pattern interface{}) bool {
|
|
switch typed := pattern.(type) {
|
|
case map[string]interface{}:
|
|
if anchors := getAnchorsFromMap(typed); len(anchors) > 0 {
|
|
return true
|
|
}
|
|
for _, value := range typed {
|
|
if hasNestedAnchors(value) {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
case []interface{}:
|
|
for _, value := range typed {
|
|
if hasNestedAnchors(value) {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
default:
|
|
return false
|
|
}
|
|
}
|
|
|
|
// getSortedNestedAnchorResource - sorts anchors key
|
|
func getSortedNestedAnchorResource(resources map[string]interface{}) *list.List {
|
|
sortedResourceKeys := list.New()
|
|
for k, v := range resources {
|
|
if commonAnchors.IsGlobalAnchor(k) {
|
|
sortedResourceKeys.PushFront(k)
|
|
continue
|
|
}
|
|
if hasNestedAnchors(v) {
|
|
sortedResourceKeys.PushFront(k)
|
|
} else {
|
|
sortedResourceKeys.PushBack(k)
|
|
}
|
|
}
|
|
return sortedResourceKeys
|
|
}
|
|
|
|
// getAnchorsFromMap gets the anchor map
|
|
func getAnchorsFromMap(anchorsMap map[string]interface{}) map[string]interface{} {
|
|
result := make(map[string]interface{})
|
|
for key, value := range anchorsMap {
|
|
if commonAnchors.IsConditionAnchor(key) || commonAnchors.IsExistenceAnchor(key) || commonAnchors.IsEqualityAnchor(key) || commonAnchors.IsNegationAnchor(key) || commonAnchors.IsGlobalAnchor(key) {
|
|
result[key] = value
|
|
}
|
|
}
|
|
return result
|
|
}
|