/
policy_status.go
84 lines (75 loc) · 3 KB
/
policy_status.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
package v1
import (
"k8s.io/apimachinery/pkg/api/meta"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
const (
// PolicyConditionReady means that the policy is ready
PolicyConditionReady = "Ready"
)
const (
// PolicyReasonSucceeded is the reason set when the policy is ready
PolicyReasonSucceeded = "Succeeded"
// PolicyReasonSucceeded is the reason set when the policy is not ready
PolicyReasonFailed = "Failed"
)
// Deprecated. Policy metrics are now available via the "/metrics" endpoint.
// See: https://kyverno.io/docs/monitoring-kyverno-with-prometheus-metrics/
type PolicyStatus struct {
// Deprecated in favor of Conditions
Ready bool `json:"ready" yaml:"ready"`
// +optional
Conditions []metav1.Condition `json:"conditions,omitempty"`
// +optional
Autogen AutogenStatus `json:"autogen" yaml:"autogen"`
// +optional
RuleCount RuleCountStatus `json:"rulecount" yaml:"rulecount"`
// ValidatingAdmissionPolicy contains status information
// +optional
ValidatingAdmissionPolicy ValidatingAdmissionPolicyStatus `json:"validatingadmissionpolicy" yaml:"validatingadmissionpolicy"`
}
// RuleCountStatus contains four variables which describes counts for
// validate, generate, mutate and verify images rules
type RuleCountStatus struct {
// Count for validate rules in policy
Validate int `json:"validate" yaml:"validate"`
// Count for generate rules in policy
Generate int `json:"generate" yaml:"generate"`
// Count for mutate rules in policy
Mutate int `json:"mutate" yaml:"mutate"`
// Count for verify image rules in policy
VerifyImages int `json:"verifyimages" yaml:"verifyimages"`
}
func (status *PolicyStatus) SetReady(ready bool, message string) {
condition := metav1.Condition{
Type: PolicyConditionReady,
Message: message,
}
if ready {
condition.Status = metav1.ConditionTrue
condition.Reason = PolicyReasonSucceeded
} else {
condition.Status = metav1.ConditionFalse
condition.Reason = PolicyReasonFailed
}
status.Ready = ready
meta.SetStatusCondition(&status.Conditions, condition)
}
// IsReady indicates if the policy is ready to serve the admission request
func (status *PolicyStatus) IsReady() bool {
condition := meta.FindStatusCondition(status.Conditions, PolicyConditionReady)
return condition != nil && condition.Status == metav1.ConditionTrue
}
// AutogenStatus contains autogen status information.
type AutogenStatus struct {
// Rules is a list of Rule instances. It contains auto generated rules added for pod controllers
Rules []Rule `json:"rules,omitempty" yaml:"rules,omitempty"`
}
// ValidatingAdmissionPolicy contains status information
type ValidatingAdmissionPolicyStatus struct {
// Generated indicates whether a validating admission policy is generated from the policy or not
Generated bool `json:"generated" yaml:"generated"`
// Message is a human readable message indicating details about the generation of validating admission policy
// It is an empty string when validating admission policy is successfully generated.
Message string `json:"message" yaml:"message"`
}