diff --git a/.github/workflows/conformance-tests.yaml b/.github/workflows/conformance-tests.yaml index b9be117..d3fa0b6 100644 --- a/.github/workflows/conformance-tests.yaml +++ b/.github/workflows/conformance-tests.yaml @@ -82,15 +82,13 @@ jobs: - name: Wait for kyverno ready run: | set -e - kubectl wait --namespace kyverno --for=condition=ready pod --selector '!job-name' --timeout=60s + kubectl wait --namespace kyverno --for=condition=ready pod --selector '!job-name' --timeout=120s - name: API Service status run: | set -e kubectl get apiservices v1alpha2.wgpolicyk8s.io v1.reports.kyverno.io - name: Install Chainsaw - uses: kyverno/action-install-chainsaw@204730d723e1fd712e54e069031290ba2c1c14bd # v0.1.6 - with: - release: v0.0.9 + uses: kyverno/action-install-chainsaw@573a9c636f7c586f86ecb9de9674176daf80ee29 # v0.2.5 - name: Test with Chainsaw env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/migration-tests.yaml b/.github/workflows/migration-tests.yaml index fb8bdaf..81c1106 100644 --- a/.github/workflows/migration-tests.yaml +++ b/.github/workflows/migration-tests.yaml @@ -73,7 +73,7 @@ jobs: - name: Wait for kyverno ready run: | set -e - kubectl wait --namespace kyverno --for=condition=ready pod --selector '!job-name' --timeout=60s + kubectl wait --namespace kyverno --for=condition=ready pod --selector '!job-name' --timeout=120s - name: API Service status before migation run: | set -e @@ -98,9 +98,7 @@ jobs: set -e kubectl get apiservices v1alpha2.wgpolicyk8s.io v1.reports.kyverno.io - name: Install Chainsaw - uses: kyverno/action-install-chainsaw@07b6c986572f2abaf6647c85d37cbecfddc4a6ab # v0.1.3 - with: - release: v0.0.9 + uses: kyverno/action-install-chainsaw@573a9c636f7c586f86ecb9de9674176daf80ee29 # v0.2.5 - name: Test with Chainsaw env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/Makefile b/Makefile index 762f3c8..4e10b2a 100644 --- a/Makefile +++ b/Makefile @@ -158,6 +158,7 @@ codegen-helm-docs: ## Generate helm docs codegen-install-manifest: $(HELM) ## Create install manifest @echo Generate latest install manifest... >&2 @$(HELM) template reports-server --namespace reports-server ./charts/reports-server/ \ + --set image.tag=latest \ --set templating.enabled=true \ | $(SED) -e '/^#.*/d' \ > ./config/install.yaml @@ -165,6 +166,7 @@ codegen-install-manifest: $(HELM) ## Create install manifest codegen-install-manifest-inmemory: $(HELM) ## Create install manifest without postgres @echo Generate latest install manifest... >&2 @$(HELM) template reports-server --namespace reports-server ./charts/reports-server/ \ + --set image.tag=latest \ --set config.debug=true \ --set postgresql.enabled=false \ --set templating.enabled=true \ diff --git a/config/install-inmemory.yaml b/config/install-inmemory.yaml index 5120923..98ab3f9 100644 --- a/config/install-inmemory.yaml +++ b/config/install-inmemory.yaml @@ -183,7 +183,7 @@ spec: runAsUser: 1000 seccompProfile: type: RuntimeDefault - image: "ghcr.io/kyverno/reports-server:v0.1.0-alpha.1" + image: "ghcr.io/kyverno/reports-server:latest" imagePullPolicy: IfNotPresent ports: - name: https diff --git a/config/install.yaml b/config/install.yaml index 8f4acf4..cbc71d4 100644 --- a/config/install.yaml +++ b/config/install.yaml @@ -278,7 +278,7 @@ spec: runAsUser: 1000 seccompProfile: type: RuntimeDefault - image: "ghcr.io/kyverno/reports-server:v0.1.0-alpha.1" + image: "ghcr.io/kyverno/reports-server:latest" imagePullPolicy: IfNotPresent ports: - name: https diff --git a/pkg/api/cephr.go b/pkg/api/cephr.go index 8658064..5e32fbb 100644 --- a/pkg/api/cephr.go +++ b/pkg/api/cephr.go @@ -73,6 +73,10 @@ func (c *cephrStore) List(ctx context.Context, options *metainternalversion.List cephrList := &reportsv1.ClusterEphemeralReportList{ Items: make([]reportsv1.ClusterEphemeralReport, 0), + ListMeta: metav1.ListMeta{ + // TODO: Fix this!! + ResourceVersion: "1", + }, } for _, cephr := range list.Items { if cephr.Labels == nil { @@ -119,10 +123,12 @@ func (c *cephrStore) Create(ctx context.Context, obj runtime.Object, createValid klog.Infof("creating cluster ephemeral reports name=%s", cephr.Name) if !isDryRun { - if err := c.createCephr(cephr); err != nil { + r, err := c.createCephr(cephr) + if err != nil { return nil, errors.NewBadRequest(fmt.Sprintf("cannot create cluster ephemeral report: %s", err.Error())) } - if err := c.broadcaster.Action(watch.Added, obj); err != nil { + klog.Info(r.ResourceVersion) + if err := c.broadcaster.Action(watch.Added, r); err != nil { klog.ErrorS(err, "failed to broadcast event") } } @@ -144,10 +150,11 @@ func (c *cephrStore) Update(ctx context.Context, name string, objInfo rest.Updat } cephr := updatedObject.(*reportsv1.ClusterEphemeralReport) if forceAllowCreate { - if err := c.updateCephr(cephr, oldObj); err != nil { + r, err := c.updateCephr(cephr, oldObj) + if err != nil { klog.ErrorS(err, "failed to update resource") } - if err := c.broadcaster.Action(watch.Added, updatedObject); err != nil { + if err := c.broadcaster.Action(watch.Added, r); err != nil { klog.ErrorS(err, "failed to broadcast event") } return updatedObject, true, nil @@ -174,10 +181,11 @@ func (c *cephrStore) Update(ctx context.Context, name string, objInfo rest.Updat klog.Infof("updating cluster ephemeral reports name=%s", cephr.Name) if !isDryRun { - if err := c.updateCephr(cephr, oldObj); err != nil { + r, err := c.updateCephr(cephr, oldObj) + if err != nil { return nil, false, errors.NewBadRequest(fmt.Sprintf("cannot create cluster ephemeral report: %s", err.Error())) } - if err := c.broadcaster.Action(watch.Modified, updatedObject); err != nil { + if err := c.broadcaster.Action(watch.Modified, r); err != nil { klog.ErrorS(err, "failed to broadcast event") } } @@ -302,22 +310,22 @@ func (c *cephrStore) listCephr() (*reportsv1.ClusterEphemeralReportList, error) return reportList, nil } -func (c *cephrStore) createCephr(report *reportsv1.ClusterEphemeralReport) error { +func (c *cephrStore) createCephr(report *reportsv1.ClusterEphemeralReport) (*reportsv1.ClusterEphemeralReport, error) { report.ResourceVersion = fmt.Sprint(1) report.UID = uuid.NewUUID() report.CreationTimestamp = metav1.Now() - return c.store.ClusterEphemeralReports().Create(context.TODO(), *report) + return report, c.store.ClusterEphemeralReports().Create(context.TODO(), *report) } -func (c *cephrStore) updateCephr(report *reportsv1.ClusterEphemeralReport, oldReport *reportsv1.ClusterEphemeralReport) error { +func (c *cephrStore) updateCephr(report *reportsv1.ClusterEphemeralReport, oldReport *reportsv1.ClusterEphemeralReport) (*reportsv1.ClusterEphemeralReport, error) { oldRV, err := strconv.ParseInt(oldReport.ResourceVersion, 10, 64) if err != nil { - return errorpkg.Wrapf(err, "could not parse resource version") + return nil, errorpkg.Wrapf(err, "could not parse resource version") } report.ResourceVersion = fmt.Sprint(oldRV + 1) - return c.store.ClusterEphemeralReports().Update(context.TODO(), *report) + return report, c.store.ClusterEphemeralReports().Update(context.TODO(), *report) } func (c *cephrStore) deleteCephr(report *reportsv1.ClusterEphemeralReport) error { diff --git a/pkg/api/cpolr.go b/pkg/api/cpolr.go index 88e08aa..459389e 100644 --- a/pkg/api/cpolr.go +++ b/pkg/api/cpolr.go @@ -73,6 +73,10 @@ func (c *cpolrStore) List(ctx context.Context, options *metainternalversion.List cpolrList := &v1alpha2.ClusterPolicyReportList{ Items: make([]v1alpha2.ClusterPolicyReport, 0), + ListMeta: metav1.ListMeta{ + // TODO: Fix this!! + ResourceVersion: "1", + }, } for _, cpolr := range list.Items { if cpolr.Labels == nil { @@ -119,10 +123,11 @@ func (c *cpolrStore) Create(ctx context.Context, obj runtime.Object, createValid klog.Infof("creating cluster policy report name=%s", cpolr.Name) if !isDryRun { - if err := c.createCpolr(cpolr); err != nil { + r, err := c.createCpolr(cpolr) + if err != nil { return nil, errors.NewBadRequest(fmt.Sprintf("cannot create cluster policy report: %s", err.Error())) } - if err := c.broadcaster.Action(watch.Added, obj); err != nil { + if err := c.broadcaster.Action(watch.Added, r); err != nil { klog.ErrorS(err, "failed to broadcast event") } } @@ -144,10 +149,11 @@ func (c *cpolrStore) Update(ctx context.Context, name string, objInfo rest.Updat } cpolr := updatedObject.(*v1alpha2.ClusterPolicyReport) if forceAllowCreate { - if err := c.updateCpolr(cpolr, oldObj); err != nil { + r, err := c.updateCpolr(cpolr, oldObj) + if err != nil { klog.ErrorS(err, "failed to update resource") } - if err := c.broadcaster.Action(watch.Added, updatedObject); err != nil { + if err := c.broadcaster.Action(watch.Added, r); err != nil { klog.ErrorS(err, "failed to broadcast event") } return updatedObject, true, nil @@ -174,10 +180,11 @@ func (c *cpolrStore) Update(ctx context.Context, name string, objInfo rest.Updat klog.Infof("updating cluster policy report name=%s", cpolr.Name) if !isDryRun { - if err := c.updateCpolr(cpolr, oldObj); err != nil { + r, err := c.updateCpolr(cpolr, oldObj) + if err != nil { return nil, false, errors.NewBadRequest(fmt.Sprintf("cannot create cluster policy report: %s", err.Error())) } - if err := c.broadcaster.Action(watch.Modified, updatedObject); err != nil { + if err := c.broadcaster.Action(watch.Modified, r); err != nil { klog.ErrorS(err, "failed to broadcast event") } } @@ -302,22 +309,22 @@ func (c *cpolrStore) listCpolr() (*v1alpha2.ClusterPolicyReportList, error) { return reportList, nil } -func (c *cpolrStore) createCpolr(report *v1alpha2.ClusterPolicyReport) error { +func (c *cpolrStore) createCpolr(report *v1alpha2.ClusterPolicyReport) (*v1alpha2.ClusterPolicyReport, error) { report.ResourceVersion = fmt.Sprint(1) report.UID = uuid.NewUUID() report.CreationTimestamp = metav1.Now() - return c.store.ClusterPolicyReports().Create(context.TODO(), *report) + return report, c.store.ClusterPolicyReports().Create(context.TODO(), *report) } -func (c *cpolrStore) updateCpolr(report *v1alpha2.ClusterPolicyReport, oldReport *v1alpha2.ClusterPolicyReport) error { +func (c *cpolrStore) updateCpolr(report *v1alpha2.ClusterPolicyReport, oldReport *v1alpha2.ClusterPolicyReport) (*v1alpha2.ClusterPolicyReport, error) { oldRV, err := strconv.ParseInt(oldReport.ResourceVersion, 10, 64) if err != nil { - return errorpkg.Wrapf(err, "could not parse resource version") + return nil, errorpkg.Wrapf(err, "could not parse resource version") } report.ResourceVersion = fmt.Sprint(oldRV + 1) - return c.store.ClusterPolicyReports().Update(context.TODO(), *report) + return report, c.store.ClusterPolicyReports().Update(context.TODO(), *report) } func (c *cpolrStore) deleteCpolr(report *v1alpha2.ClusterPolicyReport) error { diff --git a/pkg/api/ephr.go b/pkg/api/ephr.go index a4f40f5..581ea89 100644 --- a/pkg/api/ephr.go +++ b/pkg/api/ephr.go @@ -76,6 +76,10 @@ func (p *ephrStore) List(ctx context.Context, options *metainternalversion.ListO ephrList := &reportsv1.EphemeralReportList{ Items: make([]reportsv1.EphemeralReport, 0), + ListMeta: metav1.ListMeta{ + // TODO: Fix this!! + ResourceVersion: "1", + }, } for _, ephr := range list.Items { if ephr.Labels == nil { @@ -130,11 +134,11 @@ func (p *ephrStore) Create(ctx context.Context, obj runtime.Object, createValida klog.Infof("creating ephemeral reports name=%s namespace=%s", ephr.Name, ephr.Namespace) if !isDryRun { - err := p.createEphr(ephr) + r, err := p.createEphr(ephr) if err != nil { return nil, errors.NewBadRequest(fmt.Sprintf("cannot create ephemeral report: %s", err.Error())) } - if err := p.broadcaster.Action(watch.Added, obj); err != nil { + if err := p.broadcaster.Action(watch.Added, r); err != nil { klog.ErrorS(err, "failed to broadcast event") } } @@ -158,10 +162,11 @@ func (p *ephrStore) Update(ctx context.Context, name string, objInfo rest.Update ephr := updatedObject.(*reportsv1.EphemeralReport) if forceAllowCreate { - if err := p.updateEphr(ephr, oldObj); err != nil { + r, err := p.updateEphr(ephr, oldObj) + if err != nil { klog.ErrorS(err, "failed to update resource") } - if err := p.broadcaster.Action(watch.Added, updatedObject); err != nil { + if err := p.broadcaster.Action(watch.Added, r); err != nil { klog.ErrorS(err, "failed to broadcast event") } return updatedObject, true, nil @@ -192,11 +197,11 @@ func (p *ephrStore) Update(ctx context.Context, name string, objInfo rest.Update klog.Infof("updating ephemeral reports name=%s namespace=%s", ephr.Name, ephr.Namespace) if !isDryRun { - err := p.updateEphr(ephr, oldObj) + r, err := p.updateEphr(ephr, oldObj) if err != nil { return nil, false, errors.NewBadRequest(fmt.Sprintf("cannot create ephemeral report: %s", err.Error())) } - if err := p.broadcaster.Action(watch.Modified, updatedObject); err != nil { + if err := p.broadcaster.Action(watch.Modified, r); err != nil { klog.ErrorS(err, "failed to broadcast event") } } @@ -324,22 +329,22 @@ func (p *ephrStore) listEphr(namespace string) (*reportsv1.EphemeralReportList, return reportList, nil } -func (p *ephrStore) createEphr(report *reportsv1.EphemeralReport) error { +func (p *ephrStore) createEphr(report *reportsv1.EphemeralReport) (*reportsv1.EphemeralReport, error) { report.ResourceVersion = fmt.Sprint(1) report.UID = uuid.NewUUID() report.CreationTimestamp = metav1.Now() - return p.store.EphemeralReports().Create(context.TODO(), *report) + return report, p.store.EphemeralReports().Create(context.TODO(), *report) } -func (p *ephrStore) updateEphr(report *reportsv1.EphemeralReport, oldReport *reportsv1.EphemeralReport) error { +func (p *ephrStore) updateEphr(report *reportsv1.EphemeralReport, oldReport *reportsv1.EphemeralReport) (*reportsv1.EphemeralReport, error) { oldRV, err := strconv.ParseInt(oldReport.ResourceVersion, 10, 64) if err != nil { - return errorpkg.Wrapf(err, "could not parse resource version") + return nil, errorpkg.Wrapf(err, "could not parse resource version") } report.ResourceVersion = fmt.Sprint(oldRV + 1) - return p.store.EphemeralReports().Update(context.TODO(), *report) + return report, p.store.EphemeralReports().Update(context.TODO(), *report) } func (p *ephrStore) deleteEphr(report *reportsv1.EphemeralReport) error { diff --git a/pkg/api/polr.go b/pkg/api/polr.go index b6ae03a..f7c8fe5 100644 --- a/pkg/api/polr.go +++ b/pkg/api/polr.go @@ -76,6 +76,10 @@ func (p *polrStore) List(ctx context.Context, options *metainternalversion.ListO polrList := &v1alpha2.PolicyReportList{ Items: make([]v1alpha2.PolicyReport, 0), + ListMeta: metav1.ListMeta{ + // TODO: Fix this!! + ResourceVersion: "1", + }, } for _, polr := range list.Items { if polr.Labels == nil { @@ -130,11 +134,12 @@ func (p *polrStore) Create(ctx context.Context, obj runtime.Object, createValida klog.Infof("creating policy reports name=%s namespace=%s", polr.Name, polr.Namespace) if !isDryRun { - err := p.createPolr(polr) + r, err := p.createPolr(polr) if err != nil { return nil, errors.NewBadRequest(fmt.Sprintf("cannot create policy report: %s", err.Error())) } - if err := p.broadcaster.Action(watch.Added, obj); err != nil { + klog.Info(r.ResourceVersion) + if err := p.broadcaster.Action(watch.Added, r); err != nil { klog.ErrorS(err, "failed to broadcast event") } } @@ -158,10 +163,11 @@ func (p *polrStore) Update(ctx context.Context, name string, objInfo rest.Update polr := updatedObject.(*v1alpha2.PolicyReport) if forceAllowCreate { - if err := p.updatePolr(polr, oldObj); err != nil { + r, err := p.updatePolr(polr, oldObj) + if err != nil { klog.ErrorS(err, "failed to update resource") } - if err := p.broadcaster.Action(watch.Added, updatedObject); err != nil { + if err := p.broadcaster.Action(watch.Added, r); err != nil { klog.ErrorS(err, "failed to broadcast event") } return updatedObject, true, nil @@ -192,11 +198,11 @@ func (p *polrStore) Update(ctx context.Context, name string, objInfo rest.Update klog.Infof("updating policy reports name=%s namespace=%s", polr.Name, polr.Namespace) if !isDryRun { - err := p.updatePolr(polr, oldObj) + r, err := p.updatePolr(polr, oldObj) if err != nil { return nil, false, errors.NewBadRequest(fmt.Sprintf("cannot create policy report: %s", err.Error())) } - if err := p.broadcaster.Action(watch.Modified, updatedObject); err != nil { + if err := p.broadcaster.Action(watch.Modified, r); err != nil { klog.ErrorS(err, "failed to broadcast event") } } @@ -324,22 +330,22 @@ func (p *polrStore) listPolr(namespace string) (*v1alpha2.PolicyReportList, erro return reportList, nil } -func (p *polrStore) createPolr(report *v1alpha2.PolicyReport) error { +func (p *polrStore) createPolr(report *v1alpha2.PolicyReport) (*v1alpha2.PolicyReport, error) { report.ResourceVersion = fmt.Sprint(1) report.UID = uuid.NewUUID() report.CreationTimestamp = metav1.Now() - return p.store.PolicyReports().Create(context.TODO(), *report) + return report, p.store.PolicyReports().Create(context.TODO(), *report) } -func (p *polrStore) updatePolr(report *v1alpha2.PolicyReport, oldReport *v1alpha2.PolicyReport) error { +func (p *polrStore) updatePolr(report *v1alpha2.PolicyReport, oldReport *v1alpha2.PolicyReport) (*v1alpha2.PolicyReport, error) { oldRV, err := strconv.ParseInt(oldReport.ResourceVersion, 10, 64) if err != nil { - return errorpkg.Wrapf(err, "could not parse resource version") + return nil, errorpkg.Wrapf(err, "could not parse resource version") } report.ResourceVersion = fmt.Sprint(oldRV + 1) - return p.store.PolicyReports().Update(context.TODO(), *report) + return report, p.store.PolicyReports().Update(context.TODO(), *report) } func (p *polrStore) deletePolr(report *v1alpha2.PolicyReport) error {