Skip to content

Commit

Permalink
feat: add AssertionTree api (kyverno#480)
Browse files Browse the repository at this point in the history 
Signed-off-by: Charles-Edouard Brétéché <[email protected]>
  • Loading branch information
@eddycharly
eddycharly authored Sep 18, 2024
1 parent 1a34dd6 commit f349c31
Show file tree
Hide file tree
Showing 22 changed files with 198 additions and 131 deletions.
14 changes: 4 additions & 10 deletions .crds/json.kyverno.io_validatingpolicies.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,6 @@ spec:
properties:
check:
description: Check is the assertion check definition.
type: object
x-kubernetes-preserve-unknown-fields: true
message:
description: Message is the message associated message.
Expand All @@ -74,7 +73,6 @@ spec:
properties:
check:
description: Check is the assertion check definition.
type: object
x-kubernetes-preserve-unknown-fields: true
message:
description: Message is the message associated message.
Expand Down Expand Up @@ -109,16 +107,14 @@ spec:
description: All allows specifying assertion trees which
will be ANDed.
items:
description: Any can be any type.
type: object
description: AssertionTree represents an assertion tree.
x-kubernetes-preserve-unknown-fields: true
type: array
any:
description: Any allows specifying assertion trees which
will be ORed.
items:
description: Any can be any type.
type: object
description: AssertionTree represents an assertion tree.
x-kubernetes-preserve-unknown-fields: true
type: array
type: object
Expand Down Expand Up @@ -150,16 +146,14 @@ spec:
description: All allows specifying assertion trees which
will be ANDed.
items:
description: Any can be any type.
type: object
description: AssertionTree represents an assertion tree.
x-kubernetes-preserve-unknown-fields: true
type: array
any:
description: Any allows specifying assertion trees which
will be ORed.
items:
description: Any can be any type.
type: object
description: AssertionTree represents an assertion tree.
x-kubernetes-preserve-unknown-fields: true
type: array
type: object
Expand Down
8 changes: 4 additions & 4 deletions .schemas/json/_definitions.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17724,15 +17724,15 @@
"description": "All allows specifying assertion trees which will be ANDed.",
"type": "array",
"items": {
"description": "Any can be any type.",
"description": "AssertionTree represents an assertion tree.",
"x-kubernetes-preserve-unknown-fields": true
}
},
"any": {
"description": "Any allows specifying assertion trees which will be ORed.",
"type": "array",
"items": {
"description": "Any can be any type.",
"description": "AssertionTree represents an assertion tree.",
"x-kubernetes-preserve-unknown-fields": true
}
}
Expand Down Expand Up @@ -17772,15 +17772,15 @@
"description": "All allows specifying assertion trees which will be ANDed.",
"type": "array",
"items": {
"description": "Any can be any type.",
"description": "AssertionTree represents an assertion tree.",
"x-kubernetes-preserve-unknown-fields": true
}
},
"any": {
"description": "Any allows specifying assertion trees which will be ORed.",
"type": "array",
"items": {
"description": "Any can be any type.",
"description": "AssertionTree represents an assertion tree.",
"x-kubernetes-preserve-unknown-fields": true
}
}
Expand Down
8 changes: 4 additions & 4 deletions .schemas/json/validatingpolicy-json-v1alpha1.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -406,7 +406,7 @@
"null"
],
"items": {
"description": "Any can be any type.",
"description": "AssertionTree represents an assertion tree.",
"x-kubernetes-preserve-unknown-fields": true
}
},
Expand All @@ -417,7 +417,7 @@
"null"
],
"items": {
"description": "Any can be any type.",
"description": "AssertionTree represents an assertion tree.",
"x-kubernetes-preserve-unknown-fields": true
}
}
Expand Down Expand Up @@ -472,7 +472,7 @@
"null"
],
"items": {
"description": "Any can be any type.",
"description": "AssertionTree represents an assertion tree.",
"x-kubernetes-preserve-unknown-fields": true
}
},
Expand All @@ -483,7 +483,7 @@
"null"
],
"items": {
"description": "Any can be any type.",
"description": "AssertionTree represents an assertion tree.",
"x-kubernetes-preserve-unknown-fields": true
}
}
Expand Down
8 changes: 4 additions & 4 deletions .schemas/json/validatingpolicylist-json-v1alpha1.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -429,7 +429,7 @@
"null"
],
"items": {
"description": "Any can be any type.",
"description": "AssertionTree represents an assertion tree.",
"x-kubernetes-preserve-unknown-fields": true
}
},
Expand All @@ -440,7 +440,7 @@
"null"
],
"items": {
"description": "Any can be any type.",
"description": "AssertionTree represents an assertion tree.",
"x-kubernetes-preserve-unknown-fields": true
}
}
Expand Down Expand Up @@ -495,7 +495,7 @@
"null"
],
"items": {
"description": "Any can be any type.",
"description": "AssertionTree represents an assertion tree.",
"x-kubernetes-preserve-unknown-fields": true
}
},
Expand All @@ -506,7 +506,7 @@
"null"
],
"items": {
"description": "Any can be any type.",
"description": "AssertionTree represents an assertion tree.",
"x-kubernetes-preserve-unknown-fields": true
}
}
Expand Down
2 changes: 1 addition & 1 deletion .schemas/openapi/v2/schema.json
View file

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion .schemas/openapi/v3/apis/json.kyverno.io/v1alpha1.json
View file

Large diffs are not rendered by default.

14 changes: 4 additions & 10 deletions charts/kyverno-json/templates/crds.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,6 @@ spec:
properties:
check:
description: Check is the assertion check definition.
type: object
x-kubernetes-preserve-unknown-fields: true
message:
description: Message is the message associated message.
Expand All @@ -83,7 +82,6 @@ spec:
properties:
check:
description: Check is the assertion check definition.
type: object
x-kubernetes-preserve-unknown-fields: true
message:
description: Message is the message associated message.
Expand Down Expand Up @@ -118,16 +116,14 @@ spec:
description: All allows specifying assertion trees which
will be ANDed.
items:
description: Any can be any type.
type: object
description: AssertionTree represents an assertion tree.
x-kubernetes-preserve-unknown-fields: true
type: array
any:
description: Any allows specifying assertion trees which
will be ORed.
items:
description: Any can be any type.
type: object
description: AssertionTree represents an assertion tree.
x-kubernetes-preserve-unknown-fields: true
type: array
type: object
Expand Down Expand Up @@ -159,16 +155,14 @@ spec:
description: All allows specifying assertion trees which
will be ANDed.
items:
description: Any can be any type.
type: object
description: AssertionTree represents an assertion tree.
x-kubernetes-preserve-unknown-fields: true
type: array
any:
description: Any allows specifying assertion trees which
will be ORed.
items:
description: Any can be any type.
type: object
description: AssertionTree represents an assertion tree.
x-kubernetes-preserve-unknown-fields: true
type: array
type: object
Expand Down
1 change: 0 additions & 1 deletion go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ require (
github.com/blang/semver/v4 v4.0.0
github.com/gin-contrib/cors v1.7.2
github.com/gin-gonic/gin v1.10.0
github.com/jinzhu/copier v0.4.0
github.com/jmespath-community/go-jmespath v1.1.2-0.20240117150817-e430401a2172
github.com/kyverno/pkg/ext v0.0.0-20240418121121-df8add26c55c
github.com/loopfz/gadgeto v0.11.4
Expand Down
2 changes: 0 additions & 2 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,8 +153,6 @@ github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4=
github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY=
github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
github.com/jinzhu/copier v0.4.0 h1:w3ciUoD19shMCRargcpm0cm91ytaBhDvuRpz1ODO/U8=
github.com/jinzhu/copier v0.4.0/go.mod h1:DfbEm0FYsaqBcKcFuvmOZb218JkPGtvSHsKg8S8hyyg=
github.com/jmespath-community/go-jmespath v1.1.2-0.20240117150817-e430401a2172 h1:XQYEhx+bEiWn6eiHFivu4wEHm91FoZ/gCvoLZK6Ze5Y=
github.com/jmespath-community/go-jmespath v1.1.2-0.20240117150817-e430401a2172/go.mod h1:j4OeykGPBbhX3rw4AOPGXSmX2/zuWXktm704A4MtHFs=
github.com/jonboulle/clockwork v0.4.0 h1:p4Cf1aMWXnXAUh8lVfewRBx1zaTSYKrKMF2g3ST4RZ4=
Expand Down
61 changes: 51 additions & 10 deletions pkg/apis/policy/v1alpha1/any.go
View file
Original file line number Diff line number Diff line change
@@ -1,24 +1,65 @@
package v1alpha1

import (
"github.com/jinzhu/copier"
"fmt"

"k8s.io/apimachinery/pkg/util/json"
)

func deepCopy(in any) any {
if in == nil {
return nil
}
switch in := in.(type) {
case string:
return in
case int:
return in
case int32:
return in
case int64:
return in
case float32:
return in
case float64:
return in
case bool:
return in
case []any:
var out []any
for _, in := range in {
out = append(out, deepCopy(in))
}
return out
case map[string]any:
out := map[string]any{}
for k, in := range in {
out[k] = deepCopy(in)
}
return out
}
panic(fmt.Sprintf("deep copy failed - unrecognized type %T", in))
}

// Any can be any type.
// +k8s:deepcopy-gen=false
// +kubebuilder:validation:XPreserveUnknownFields
// +kubebuilder:validation:Type:=""
type Any struct {
// Value contains the value of the Any object.
// +kubebuilder:pruning:PreserveUnknownFields
// +kubebuilder:validation:Schemaless
// +optional
Value any `json:",inline"`
value any `json:"-"`
}

func NewAny(value any) Any {
return Any{value}
}

func (t *Any) Value() any {
return t.value
}

func (in *Any) DeepCopyInto(out *Any) {
if err := copier.CopyWithOption(out, in, copier.Option{DeepCopy: true}); err != nil {
panic("deep copy failed")
}
out.value = deepCopy(in.value)
}

func (in *Any) DeepCopy() *Any {
Expand All @@ -31,7 +72,7 @@ func (in *Any) DeepCopy() *Any {
}

func (a *Any) MarshalJSON() ([]byte, error) {
return json.Marshal(a.Value)
return json.Marshal(a.value)
}

func (a *Any) UnmarshalJSON(data []byte) error {
Expand All @@ -40,6 +81,6 @@ func (a *Any) UnmarshalJSON(data []byte) error {
if err != nil {
return err
}
a.Value = v
a.value = v
return nil
}
21 changes: 9 additions & 12 deletions pkg/apis/policy/v1alpha1/any_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,9 +40,9 @@ func TestAny_DeepCopyInto(t *testing.T) {
}
in := Any{map[string]any{"inner": inner}}
out := in.DeepCopy()
inPtr := in.Value.(map[string]any)["inner"].(map[string]any)
inPtr := in.Value().(map[string]any)["inner"].(map[string]any)
inPtr["foo"] = 55
outPtr := out.Value.(map[string]any)["inner"].(map[string]any)
outPtr := out.Value().(map[string]any)["inner"].(map[string]any)
assert.NotEqual(t, inPtr, outPtr)
}
}
Expand Down Expand Up @@ -81,9 +81,7 @@ func TestAny_MarshalJSON(t *testing.T) {
}}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
a := &Any{
Value: tt.value,
}
a := NewAny(tt.value)
got, err := a.MarshalJSON()
if tt.wantErr {
assert.Error(t, err)
Expand All @@ -99,37 +97,36 @@ func TestAny_UnmarshalJSON(t *testing.T) {
tests := []struct {
name string
data []byte
want *Any
want Any
wantErr bool
}{{
name: "nil",
data: []byte("null"),
want: &Any{},
want: NewAny(nil),
wantErr: false,
}, {
name: "int",
data: []byte("42"),
want: &Any{Value: int64(42)},
want: NewAny(int64(42)),
wantErr: false,
}, {
name: "string",
data: []byte(`"foo"`),
want: &Any{Value: "foo"},
want: NewAny("foo"),
wantErr: false,
}, {
name: "map",
data: []byte(`{"foo":42}`),
want: &Any{Value: map[string]any{"foo": int64(42)}},
want: NewAny(map[string]any{"foo": int64(42)}),
wantErr: false,
}, {
name: "error",
data: []byte(`{"foo":`),
want: nil,
wantErr: true,
}}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
a := &Any{}
var a Any
err := a.UnmarshalJSON(tt.data)
if tt.wantErr {
assert.Error(t, err)
Expand Down
Loading

0 comments on commit f349c31

Please sign in to comment.