Fix scheme registration in pkg/apis/templates

constraint/pkg/apis/templates/v1/defaults.go

@@ -1,38 +1,10 @@
 package v1
 
 import (
-	ctschema "github.com/open-policy-agent/frameworks/constraint/pkg/schema"
-	"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions"
-	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
-	"k8s.io/apiextensions-apiserver/pkg/apiserver/schema"
 	"k8s.io/apiextensions-apiserver/pkg/apiserver/schema/defaulting"
 	"k8s.io/apimachinery/pkg/runtime"
 )
 
-const version = "v1"
-
-var (
-	structuralSchema *schema.Structural
-	Scheme           *runtime.Scheme
-)
-
-func init() {
-	Scheme = runtime.NewScheme()
-	var err error
-	if err = apiextensionsv1.AddToScheme(Scheme); err != nil {
-		panic(err)
-	}
-	if err = apiextensions.AddToScheme(Scheme); err != nil {
-		panic(err)
-	}
-	if err = AddToScheme(Scheme); err != nil {
-		panic(err)
-	}
-	if structuralSchema, err = ctschema.CRDSchema(Scheme, version); err != nil {
-		panic(err)
-	}
-}
-
 func addDefaultingFuncs(scheme *runtime.Scheme) error {
 	return RegisterDefaults(scheme)
 }

constraint/pkg/apis/templates/v1/helpers.go

@@ -8,10 +8,10 @@ import (
 // versionless api representation.
 func (versioned *ConstraintTemplate) ToVersionless() (*templates.ConstraintTemplate, error) {
 	versionedCopy := versioned.DeepCopy()
-	Scheme.Default(versionedCopy)
+	sch.Default(versionedCopy)
 
 	versionless := &templates.ConstraintTemplate{}
-	if err := Scheme.Convert(versionedCopy, versionless, nil); err != nil {
+	if err := sch.Convert(versionedCopy, versionless, nil); err != nil {
 		return nil, err
 	}
 

constraint/pkg/apis/templates/v1/helpers_test.go

@@ -0,0 +1,111 @@
+package v1
+
+import (
+	"testing"
+
+	"github.com/google/go-cmp/cmp"
+	"github.com/open-policy-agent/frameworks/constraint/pkg/core/templates"
+	"github.com/open-policy-agent/frameworks/constraint/pkg/schema"
+	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/utils/pointer"
+)
+
+func TestToVersionless(t *testing.T) {
+	tcs := []struct {
+		name      string
+		versioned *ConstraintTemplate
+		want      *templates.ConstraintTemplate
+	}{
+		{
+			name: "basic conversion",
+			versioned: &ConstraintTemplate{
+				TypeMeta: metav1.TypeMeta{
+					Kind:       "ConstraintTemplate",
+					APIVersion: "templates.gatekeeper.sh/v1",
+				},
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "MustHaveMoreCats",
+				},
+				Spec: ConstraintTemplateSpec{
+					CRD: CRD{
+						Spec: CRDSpec{
+							Names: Names{
+								Kind:       "MustHaveMoreCats",
+								ShortNames: []string{"mhmc"},
+							},
+							Validation: &Validation{
+								OpenAPIV3Schema: &apiextensionsv1.JSONSchemaProps{
+									Properties: map[string]apiextensionsv1.JSONSchemaProps{
+										"message": {
+											Type: "string",
+										},
+										"labels": {
+											Type: "array",
+											Items: &apiextensionsv1.JSONSchemaPropsOrArray{
+												Schema: &apiextensionsv1.JSONSchemaProps{
+													Type: "object",
+													Properties: map[string]apiextensionsv1.JSONSchemaProps{
+														"key":          {Type: "string"},
+														"allowedRegex": {Type: "string"},
+													},
+												},
+											},
+										},
+									},
+								},
+							},
+						},
+					},
+					Targets: []Target{
+						{
+							Target: "sometarget",
+							Rego:   `package hello ; violation[{"msg": "msg"}] { true }`,
+						},
+					},
+				},
+			},
+			want: &templates.ConstraintTemplate{
+				// TypeMeta isn't copied in conversion
+				TypeMeta: metav1.TypeMeta{},
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "MustHaveMoreCats",
+				},
+				Spec: templates.ConstraintTemplateSpec{
+					CRD: templates.CRD{
+						Spec: templates.CRDSpec{
+							Names: templates.Names{
+								Kind:       "MustHaveMoreCats",
+								ShortNames: []string{"mhmc"},
+							},
+							Validation: &templates.Validation{
+								// A default was applied
+								LegacySchema:    pointer.BoolPtr(false),
+								OpenAPIV3Schema: schema.VersionlessSchema(),
+							},
+						},
+					},
+					Targets: []templates.Target{
+						{
+							Target: "sometarget",
+							Rego:   `package hello ; violation[{"msg": "msg"}] { true }`,
+						},
+					},
+				},
+			},
+		},
+	}
+
+	for _, tc := range tcs {
+		t.Run(tc.name, func(t *testing.T) {
+			got, err := tc.versioned.ToVersionless()
+			if err != nil {
+				t.Fatalf("Failed to convert to versionless: %s", err)
+			}
+
+			if diff := cmp.Diff(tc.want, got); diff != "" {
+				t.Errorf("ToVersionless() mismatch (-want +got):\n%s", diff)
+			}
+		})
+	}
+}

constraint/pkg/apis/templates/v1/scheme.go

@@ -0,0 +1,42 @@
+package v1
+
+import (
+	ctschema "github.com/open-policy-agent/frameworks/constraint/pkg/schema"
+	"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions"
+	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
+	"k8s.io/apiextensions-apiserver/pkg/apiserver/schema"
+	"k8s.io/apimachinery/pkg/runtime"
+)
+
+const version = "v1"
+
+var (
+	structuralSchema *schema.Structural
+	sch              *runtime.Scheme
+)
+
+func init() {
+	// Prevent problems with ordering of init() function calls.  These
+	// functions are called according to the lexicographic order of their
+	// containing files.  As Register() is called on the localSchemeBuilder by
+	// zz_generated.conversion.go, the conversion functions haven't been
+	// registered with the localSchemeBuilder by the time this init() function
+	// runs.  We sidestep this problem by adding RegisterConversions here.
+	schemeBuilder := runtime.NewSchemeBuilder(localSchemeBuilder...)
+	schemeBuilder.Register(RegisterConversions)
+
+	sch = runtime.NewScheme()
+	var err error
+	if err = apiextensionsv1.AddToScheme(sch); err != nil {
+		panic(err)
+	}
+	if err = apiextensions.AddToScheme(sch); err != nil {
+		panic(err)
+	}
+	if err = schemeBuilder.AddToScheme(sch); err != nil {
+		panic(err)
+	}
+	if structuralSchema, err = ctschema.CRDSchema(sch, version); err != nil {
+		panic(err)
+	}
+}

constraint/pkg/apis/templates/v1alpha1/defaults.go

@@ -1,38 +1,10 @@
 package v1alpha1
 
 import (
-	ctschema "github.com/open-policy-agent/frameworks/constraint/pkg/schema"
-	"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions"
-	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
-	"k8s.io/apiextensions-apiserver/pkg/apiserver/schema"
 	"k8s.io/apiextensions-apiserver/pkg/apiserver/schema/defaulting"
 	"k8s.io/apimachinery/pkg/runtime"
 )
 
-const version = "v1alpha1"
-
-var (
-	structuralSchema *schema.Structural
-	Scheme           *runtime.Scheme
-)
-
-func init() {
-	Scheme = runtime.NewScheme()
-	var err error
-	if err = apiextensionsv1.AddToScheme(Scheme); err != nil {
-		panic(err)
-	}
-	if err = apiextensions.AddToScheme(Scheme); err != nil {
-		panic(err)
-	}
-	if err = AddToScheme(Scheme); err != nil {
-		panic(err)
-	}
-	if structuralSchema, err = ctschema.CRDSchema(Scheme, version); err != nil {
-		panic(err)
-	}
-}
-
 func addDefaultingFuncs(scheme *runtime.Scheme) error {
 	return RegisterDefaults(scheme)
 }

constraint/pkg/apis/templates/v1alpha1/helpers.go

@@ -8,10 +8,10 @@ import (
 // versionless api representation.
 func (versioned *ConstraintTemplate) ToVersionless() (*templates.ConstraintTemplate, error) {
 	versionedCopy := versioned.DeepCopy()
-	Scheme.Default(versionedCopy)
+	sch.Default(versionedCopy)
 
 	versionless := &templates.ConstraintTemplate{}
-	if err := Scheme.Convert(versionedCopy, versionless, nil); err != nil {
+	if err := sch.Convert(versionedCopy, versionless, nil); err != nil {
 		return nil, err
 	}
 

constraint/pkg/apis/templates/v1alpha1/helpers_test.go

@@ -0,0 +1,111 @@
+package v1alpha1
+
+import (
+	"testing"
+
+	"github.com/google/go-cmp/cmp"
+	"github.com/open-policy-agent/frameworks/constraint/pkg/core/templates"
+	"github.com/open-policy-agent/frameworks/constraint/pkg/schema"
+	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/utils/pointer"
+)
+
+func TestToVersionless(t *testing.T) {
+	tcs := []struct {
+		name      string
+		versioned *ConstraintTemplate
+		want      *templates.ConstraintTemplate
+	}{
+		{
+			name: "basic conversion",
+			versioned: &ConstraintTemplate{
+				TypeMeta: metav1.TypeMeta{
+					Kind:       "ConstraintTemplate",
+					APIVersion: "templates.gatekeeper.sh/v1",
+				},
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "MustHaveMoreCats",
+				},
+				Spec: ConstraintTemplateSpec{
+					CRD: CRD{
+						Spec: CRDSpec{
+							Names: Names{
+								Kind:       "MustHaveMoreCats",
+								ShortNames: []string{"mhmc"},
+							},
+							Validation: &Validation{
+								OpenAPIV3Schema: &apiextensionsv1.JSONSchemaProps{
+									Properties: map[string]apiextensionsv1.JSONSchemaProps{
+										"message": {
+											Type: "string",
+										},
+										"labels": {
+											Type: "array",
+											Items: &apiextensionsv1.JSONSchemaPropsOrArray{
+												Schema: &apiextensionsv1.JSONSchemaProps{
+													Type: "object",
+													Properties: map[string]apiextensionsv1.JSONSchemaProps{
+														"key":          {Type: "string"},
+														"allowedRegex": {Type: "string"},
+													},
+												},
+											},
+										},
+									},
+								},
+							},
+						},
+					},
+					Targets: []Target{
+						{
+							Target: "sometarget",
+							Rego:   `package hello ; violation[{"msg": "msg"}] { true }`,
+						},
+					},
+				},
+			},
+			want: &templates.ConstraintTemplate{
+				// TypeMeta isn't copied in conversion
+				TypeMeta: metav1.TypeMeta{},
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "MustHaveMoreCats",
+				},
+				Spec: templates.ConstraintTemplateSpec{
+					CRD: templates.CRD{
+						Spec: templates.CRDSpec{
+							Names: templates.Names{
+								Kind:       "MustHaveMoreCats",
+								ShortNames: []string{"mhmc"},
+							},
+							Validation: &templates.Validation{
+								// A default was applied
+								LegacySchema:    pointer.BoolPtr(true),
+								OpenAPIV3Schema: schema.VersionlessSchemaWithXPreserve(),
+							},
+						},
+					},
+					Targets: []templates.Target{
+						{
+							Target: "sometarget",
+							Rego:   `package hello ; violation[{"msg": "msg"}] { true }`,
+						},
+					},
+				},
+			},
+		},
+	}
+
+	for _, tc := range tcs {
+		t.Run(tc.name, func(t *testing.T) {
+			got, err := tc.versioned.ToVersionless()
+			if err != nil {
+				t.Fatalf("Failed to convert to versionless: %s", err)
+			}
+
+			if diff := cmp.Diff(tc.want, got); diff != "" {
+				t.Errorf("ToVersionless() mismatch (-want +got):\n%s", diff)
+			}
+		})
+	}
+}