From b15146f83882981d6bb51fd14c985d515b8a1a9f Mon Sep 17 00:00:00 2001 From: David-Jaeyoon-Lee Date: Wed, 30 Oct 2024 19:56:08 +0000 Subject: [PATCH] fix error handling and check kind when reading expansion template Signed-off-by: David-Jaeyoon-Lee --- pkg/gator/errors.go | 2 +- pkg/gator/reader/read_constraints.go | 2 +- pkg/gator/verify/runner.go | 4 ++++ 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/pkg/gator/errors.go b/pkg/gator/errors.go index 0bfe7710970..c6ff699e20a 100644 --- a/pkg/gator/errors.go +++ b/pkg/gator/errors.go @@ -9,7 +9,7 @@ var ( // ErrNotAConstraint indicates the user-indicated file does not contain a // Constraint. ErrNotAConstraint = errors.New("not a Constraint") - // ErrNotAnExpansion indicates the user-indicated file does not contain a + // ErrNotAnExpansion indicates the user-indicated file does not contain an // ExpansionTemplate. ErrNotAnExpansion = errors.New("not an Expansion Template") // ErrAddingTemplate indicates a problem instantiating a Suite's ConstraintTemplate. diff --git a/pkg/gator/reader/read_constraints.go b/pkg/gator/reader/read_constraints.go index 7c16df182cc..960738512da 100644 --- a/pkg/gator/reader/read_constraints.go +++ b/pkg/gator/reader/read_constraints.go @@ -184,7 +184,7 @@ func ReadExpansion(f fs.FS, path string) (*unstructured.Unstructured, error) { } gvk := u.GroupVersionKind() - if gvk.Group != "expansion.gatekeeper.sh" { + if gvk.Group != "expansion.gatekeeper.sh" || gvk.Kind != "ExpansionTemplate" { return nil, gator.ErrNotAnExpansion } diff --git a/pkg/gator/verify/runner.go b/pkg/gator/verify/runner.go index 9fcc4b29fc9..2f995124c24 100644 --- a/pkg/gator/verify/runner.go +++ b/pkg/gator/verify/runner.go @@ -366,6 +366,10 @@ func (r *Runner) runReview(ctx context.Context, newClient func() (gator.Client, } review, err := c.Review(ctx, au, reviews.EnforcementPoint(util.GatorEnforcementPoint)) + if err != nil { + return nil, fmt.Errorf("reviewing %v %s/%s: %w", + toReview.GroupVersionKind(), toReview.GetNamespace(), toReview.GetName(), err) + } if e != nil { resultants, err := e.Expand(toReview)