-
Notifications
You must be signed in to change notification settings - Fork 49
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add type for matching Constraints #193
Add type for matching Constraints #193
Commits on Jan 27, 2022
-
Targets sometimes need to maintain state about the system. For example, the Gatekeeper target needs to track the set of current Namespaces on the cluster in order to properly match objects to Constraints when Audit is called. This commit adds a Cache interface which Targets may choose to implement. If they implement this interface, Client attempts to add and remove objects from the Target cache just as it does for Driver caches. These operations are not atomic, so it is possible for systems to get into an inconsistent state. There isn't a good solution to this now - I've opened open-policy-agent#189 to solve this in the future. The implications are quite complex and there's a lot of edge cases. This commit also modifies the test target handler matchers - they now access the test target's cache in order to function. These matchers aren't called yet - we don't want to break Gatekeeper since Gatekeeper Golang matchers are not yet implemented. Signed-off-by: Will Beason <willbeason@google.com>
Will Beason committedJan 27, 2022 Configuration menu - View commit details
-
Copy full SHA for 057d14c - Browse repository at this point
Copy the full SHA 057d14cView commit details -
Signed-off-by: Will Beason <willbeason@google.com>
Will Beason committedJan 27, 2022 Configuration menu - View commit details
-
Copy full SHA for 975c408 - Browse repository at this point
Copy the full SHA 975c408View commit details -
Remove ability for caches to fail deleting
Otherwise it is easy to get into inconsistent cache states. There's lots of edge cases that can cause unpredictable behaviors that we don't want to allow. Signed-off-by: Will Beason <willbeason@google.com>
Will Beason committedJan 27, 2022 Configuration menu - View commit details
-
Copy full SHA for c7c6cab - Browse repository at this point
Copy the full SHA c7c6cabView commit details -
Since adding data can fail in the target cache, remove data from the driver cache. Note that addition/deletion occur in opposite orders for AddData and RemoveData - this is because we want to prioritize reversible over potentially-irreversible operations. Removing data from the handler cache can't fail, so it is safe to add it first. Signed-off-by: Will Beason <willbeason@google.com>
Will Beason committedJan 27, 2022 Configuration menu - View commit details
-
Copy full SHA for f7a2163 - Browse repository at this point
Copy the full SHA f7a2163View commit details
Commits on Jan 28, 2022
-
Make it impossible for handler caches to fail deletion
Otherwise we can easily end up in very annoying inconsistent states. If deleteion really, really needs to fail then the application should panic rather than allow things to get in an inconsistent state. Per discussion Signed-off-by: Will Beason <willbeason@google.com>
Will Beason committedJan 28, 2022 Configuration menu - View commit details
-
Copy full SHA for d115fc8 - Browse repository at this point
Copy the full SHA d115fc8View commit details
Commits on Feb 8, 2022
-
Add type for matching Constraints
Prep work for compiler sharding. This adds a store of the matchers corresponding to Constraints by-target and by-kind. We could do constriant matching per-target, but it's better for us to fail fast rather than partially review objects when we're just going to return errors. Thus, ConstraintsFor iterates over all targets itself rather than requiring its caller to. Signed-off-by: Will Beason <willbeason@google.com>
Will Beason committedFeb 8, 2022 Configuration menu - View commit details
-
Copy full SHA for d920f79 - Browse repository at this point
Copy the full SHA d920f79View commit details -
Split out per-handler matching
Each Handler potentially has its own review type to be matched against, so this makes requests for matching happen per-target. Signed-off-by: Will Beason <willbeason@google.com>
Will Beason committedFeb 8, 2022 Configuration menu - View commit details
-
Copy full SHA for 4252f52 - Browse repository at this point
Copy the full SHA 4252f52View commit details -
Signed-off-by: Will Beason <willbeason@google.com>
Will Beason committedFeb 8, 2022 Configuration menu - View commit details
-
Copy full SHA for c929dc9 - Browse repository at this point
Copy the full SHA c929dc9View commit details -
Signed-off-by: Will Beason <willbeason@google.com>
Will Beason committedFeb 8, 2022 Configuration menu - View commit details
-
Copy full SHA for f4f6830 - Browse repository at this point
Copy the full SHA f4f6830View commit details -
Signed-off-by: Will Beason <willbeason@google.com>
Will Beason committedFeb 8, 2022 Configuration menu - View commit details
-
Copy full SHA for 544a387 - Browse repository at this point
Copy the full SHA 544a387View commit details -
Merge branch 'golang-autoreject' into mega-1
Signed-off-by: Will Beason <willbeason@google.com>
Will Beason committedFeb 8, 2022 Configuration menu - View commit details
-
Copy full SHA for c3b59fd - Browse repository at this point
Copy the full SHA c3b59fdView commit details -
Merge branch 'constraint-matcher' into mega-1
Signed-off-by: Will Beason <willbeason@google.com>
Will Beason committedFeb 8, 2022 Configuration menu - View commit details
-
Copy full SHA for 6650fba - Browse repository at this point
Copy the full SHA 6650fbaView commit details
Commits on Feb 10, 2022
-
Merge branch 'master' into constraint-matcher
Signed-off-by: Will Beason <willbeason@google.com>
Will Beason committedFeb 10, 2022 Configuration menu - View commit details
-
Copy full SHA for 938558d - Browse repository at this point
Copy the full SHA 938558dView commit details -
Merge branch 'master' into constraint-matcher
Signed-off-by: Will Beason <willbeason@google.com>
Will Beason committedFeb 10, 2022 Configuration menu - View commit details
-
Copy full SHA for b23d39e - Browse repository at this point
Copy the full SHA b23d39eView commit details