Skip to content

Commit

Permalink
fix: Move K8scel driver from framework (#3570)
Browse files Browse the repository at this point in the history
Signed-off-by: Avinash Patnala <avinashpatnala@google.com>
Co-authored-by: Avinash Patnala <avinashpatnala@google.com>
  • Loading branch information
abhipatnala and Avinash Patnala authored Nov 4, 2024
1 parent 3cc730e commit 682a493
Show file tree
Hide file tree
Showing 51 changed files with 12,591 additions and 2,414 deletions.
16 changes: 8 additions & 8 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,8 @@ require (
github.com/google/uuid v1.6.0
github.com/onsi/gomega v1.34.1
github.com/open-policy-agent/cert-controller v0.11.0
github.com/open-policy-agent/frameworks/constraint v0.0.0-20240927180816-0f64229c5539
github.com/open-policy-agent/frameworks/constraint v0.0.0-20241007142041-e84361fed758
github.com/open-policy-agent/opa v0.68.0
github.com/pkg/errors v0.9.1
github.com/prometheus/client_golang v1.20.4
github.com/spf13/cobra v1.8.1
Expand All @@ -30,7 +31,7 @@ require (
go.opentelemetry.io/otel/sdk/metric v1.28.0
go.uber.org/automaxprocs v1.5.3
go.uber.org/zap v1.26.0
golang.org/x/net v0.28.0
golang.org/x/net v0.29.0
golang.org/x/oauth2 v0.21.0
golang.org/x/sync v0.8.0
golang.org/x/time v0.6.0
Expand All @@ -41,6 +42,7 @@ require (
k8s.io/api v0.30.5
k8s.io/apiextensions-apiserver v0.30.5
k8s.io/apimachinery v0.30.5
k8s.io/apiserver v0.30.5
k8s.io/client-go v0.30.5
k8s.io/klog/v2 v2.120.1
k8s.io/utils v0.0.0-20240502163921-fe8a2dddb1d0
Expand Down Expand Up @@ -113,7 +115,6 @@ require (
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/open-policy-agent/opa v0.68.0 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/image-spec v1.1.0 // indirect
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
Expand All @@ -138,18 +139,17 @@ require (
go.opentelemetry.io/proto/otlp v1.3.1 // indirect
go.uber.org/atomic v1.11.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
golang.org/x/crypto v0.26.0 // indirect
golang.org/x/crypto v0.27.0 // indirect
golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect
golang.org/x/sys v0.23.0 // indirect
golang.org/x/term v0.23.0 // indirect
golang.org/x/text v0.17.0 // indirect
golang.org/x/sys v0.25.0 // indirect
golang.org/x/term v0.24.0 // indirect
golang.org/x/text v0.18.0 // indirect
gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
google.golang.org/api v0.189.0 // indirect
google.golang.org/genproto v0.0.0-20240722135656-d784300faade // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20240722135656-d784300faade // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240722135656-d784300faade // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
k8s.io/apiserver v0.30.5 // indirect
k8s.io/component-base v0.30.5 // indirect
k8s.io/kube-openapi v0.0.0-20240430033511-f0e62f92d13f // indirect
sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0 // indirect
Expand Down
24 changes: 12 additions & 12 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -290,8 +290,8 @@ github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k=
github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY=
github.com/open-policy-agent/cert-controller v0.11.0 h1:zXaXeaS4eRAZXhUH5SxWqky681Y2KWjQv/z3X8iMcaQ=
github.com/open-policy-agent/cert-controller v0.11.0/go.mod h1:456gr2XKHzxDOjxJZUST5rLIX8olrHkBUymy49FZzps=
github.com/open-policy-agent/frameworks/constraint v0.0.0-20240927180816-0f64229c5539 h1:NzRAkolrFLPlayf3vrF7w1YVvjHhgWSspJ6qo6k7u7Y=
github.com/open-policy-agent/frameworks/constraint v0.0.0-20240927180816-0f64229c5539/go.mod h1:NCQnaS9y9rusD6bNXCfXR9efKiPENHS2bFvrjzF8of4=
github.com/open-policy-agent/frameworks/constraint v0.0.0-20241007142041-e84361fed758 h1:Gj1cruTJnVHDpna4+6Ju4BxMxN4DKRIWlJ5QDYKQwgM=
github.com/open-policy-agent/frameworks/constraint v0.0.0-20241007142041-e84361fed758/go.mod h1:qebKix6mHZToKGNq7hY/6IS0l+OlvcCIzDnQhJbl4wE=
github.com/open-policy-agent/opa v0.68.0 h1:Jl3U2vXRjwk7JrHmS19U3HZO5qxQRinQbJ2eCJYSqJQ=
github.com/open-policy-agent/opa v0.68.0/go.mod h1:5E5SvaPwTpwt2WM177I9Z3eT7qUpmOGjk1ZdHs+TZ4w=
github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
Expand Down Expand Up @@ -422,8 +422,8 @@ golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnf
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw=
golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54=
golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A=
golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8=
golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY=
Expand All @@ -445,8 +445,8 @@ golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLL
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE=
golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg=
golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo=
golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs=
golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
Expand All @@ -466,14 +466,14 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.23.0 h1:YfKFowiIMvtgl1UERQoTPPToxltDeZfbj4H7dVUCwmM=
golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU=
golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk=
golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34=
golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.24.0 h1:Mh5cbb+Zk2hqqXNO7S1iTjEphVL+jb8ZWaqh/g+JWkM=
golang.org/x/term v0.24.0/go.mod h1:lOBK/LVxemqiMij05LGJ0tzNr8xlmwBRJ81PX6wVLH8=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224=
golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U=
golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
Expand Down
2 changes: 1 addition & 1 deletion main.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,6 @@ import (
"github.com/go-logr/zapr"
"github.com/open-policy-agent/cert-controller/pkg/rotator"
constraintclient "github.com/open-policy-agent/frameworks/constraint/pkg/client"
"github.com/open-policy-agent/frameworks/constraint/pkg/client/drivers/k8scel"
"github.com/open-policy-agent/frameworks/constraint/pkg/client/drivers/rego"
frameworksexternaldata "github.com/open-policy-agent/frameworks/constraint/pkg/externaldata"
api "github.com/open-policy-agent/gatekeeper/v3/apis"
Expand All @@ -46,6 +45,7 @@ import (
"github.com/open-policy-agent/gatekeeper/v3/pkg/cachemanager"
"github.com/open-policy-agent/gatekeeper/v3/pkg/controller"
"github.com/open-policy-agent/gatekeeper/v3/pkg/controller/config/process"
"github.com/open-policy-agent/gatekeeper/v3/pkg/drivers/k8scel"
"github.com/open-policy-agent/gatekeeper/v3/pkg/expansion"
"github.com/open-policy-agent/gatekeeper/v3/pkg/externaldata"
"github.com/open-policy-agent/gatekeeper/v3/pkg/metrics"
Expand Down
74 changes: 3 additions & 71 deletions pkg/controller/constraint/constraint_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -27,12 +27,12 @@ import (
"github.com/go-logr/logr"
"github.com/open-policy-agent/frameworks/constraint/pkg/apis/templates/v1beta1"
constraintclient "github.com/open-policy-agent/frameworks/constraint/pkg/client"
celSchema "github.com/open-policy-agent/frameworks/constraint/pkg/client/drivers/k8scel/schema"
"github.com/open-policy-agent/frameworks/constraint/pkg/client/drivers/k8scel/transform"
"github.com/open-policy-agent/frameworks/constraint/pkg/core/templates"
constraintstatusv1beta1 "github.com/open-policy-agent/gatekeeper/v3/apis/status/v1beta1"
"github.com/open-policy-agent/gatekeeper/v3/pkg/controller/config/process"
"github.com/open-policy-agent/gatekeeper/v3/pkg/controller/constraintstatus"
celSchema "github.com/open-policy-agent/gatekeeper/v3/pkg/drivers/k8scel/schema"
"github.com/open-policy-agent/gatekeeper/v3/pkg/drivers/k8scel/transform"
"github.com/open-policy-agent/gatekeeper/v3/pkg/logging"
"github.com/open-policy-agent/gatekeeper/v3/pkg/metrics"
"github.com/open-policy-agent/gatekeeper/v3/pkg/operations"
Expand All @@ -49,8 +49,6 @@ import (
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/runtime/schema"
"k8s.io/apimachinery/pkg/types"
"k8s.io/client-go/kubernetes"
rest "k8s.io/client-go/rest"
"k8s.io/utils/ptr"
"sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/controller-runtime/pkg/client/apiutil"
Expand All @@ -75,11 +73,6 @@ var (
ErrValidatingAdmissionPolicyAPIDisabled = errors.New("ValidatingAdmissionPolicy API is not enabled")
ErrVAPConditionsNotSatisfied = errors.New("Conditions are not satisfied to generate ValidatingAdmissionPolicy and ValidatingAdmissionPolicyBinding")
)
var vapMux sync.RWMutex

var VapAPIEnabled *bool

var GroupVersion *schema.GroupVersion

type Adder struct {
CFClient *constraintclient.Client
Expand Down Expand Up @@ -317,7 +310,7 @@ func (r *ReconcileConstraint) Reconcile(ctx context.Context, request reconcile.R
isAPIEnabled := false
var groupVersion *schema.GroupVersion
if generateVAPB {
isAPIEnabled, groupVersion = IsVapAPIEnabled()
isAPIEnabled, groupVersion = transform.IsVapAPIEnabled(&log)
}
if generateVAPB {
if !isAPIEnabled {
Expand Down Expand Up @@ -620,67 +613,6 @@ func (c *ConstraintsCache) reportTotalConstraints(ctx context.Context, reporter
}
}

func IsVapAPIEnabled() (bool, *schema.GroupVersion) {
vapMux.RLock()
if VapAPIEnabled != nil {
apiEnabled, gvk := *VapAPIEnabled, GroupVersion
vapMux.RUnlock()
return apiEnabled, gvk
}

vapMux.RUnlock()
vapMux.Lock()
defer vapMux.Unlock()

if VapAPIEnabled != nil {
return *VapAPIEnabled, GroupVersion
}
config, err := rest.InClusterConfig()
if err != nil {
log.Info("IsVapAPIEnabled InClusterConfig", "error", err)
VapAPIEnabled = new(bool)
*VapAPIEnabled = false
return false, nil
}
clientset, err := kubernetes.NewForConfig(config)
if err != nil {
log.Info("IsVapAPIEnabled NewForConfig", "error", err)
*VapAPIEnabled = false
return false, nil
}

groupVersion := admissionregistrationv1.SchemeGroupVersion
resList, err := clientset.Discovery().ServerResourcesForGroupVersion(groupVersion.String())
if err == nil {
for i := 0; i < len(resList.APIResources); i++ {
if resList.APIResources[i].Name == "validatingadmissionpolicies" {
VapAPIEnabled = new(bool)
*VapAPIEnabled = true
GroupVersion = &groupVersion
return true, GroupVersion
}
}
}

groupVersion = admissionregistrationv1beta1.SchemeGroupVersion
resList, err = clientset.Discovery().ServerResourcesForGroupVersion(groupVersion.String())
if err == nil {
for i := 0; i < len(resList.APIResources); i++ {
if resList.APIResources[i].Name == "validatingadmissionpolicies" {
VapAPIEnabled = new(bool)
*VapAPIEnabled = true
GroupVersion = &groupVersion
return true, GroupVersion
}
}
}

log.Error(err, "error checking VAP API availability", "IsVapAPIEnabled", "false")
VapAPIEnabled = new(bool)
*VapAPIEnabled = false
return false, nil
}

func vapBindingForVersion(gvk schema.GroupVersion) (client.Object, error) {
switch gvk.Version {
case "v1":
Expand Down
2 changes: 1 addition & 1 deletion pkg/controller/constraint/constraint_controller_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,10 @@ import (
"github.com/davecgh/go-spew/spew"
apiconstraints "github.com/open-policy-agent/frameworks/constraint/pkg/apis/constraints"
templatesv1 "github.com/open-policy-agent/frameworks/constraint/pkg/apis/templates/v1"
celSchema "github.com/open-policy-agent/frameworks/constraint/pkg/client/drivers/k8scel/schema"
regoSchema "github.com/open-policy-agent/frameworks/constraint/pkg/client/drivers/rego/schema"
"github.com/open-policy-agent/frameworks/constraint/pkg/core/templates"
constraintstatusv1beta1 "github.com/open-policy-agent/gatekeeper/v3/apis/status/v1beta1"
celSchema "github.com/open-policy-agent/gatekeeper/v3/pkg/drivers/k8scel/schema"
"github.com/open-policy-agent/gatekeeper/v3/pkg/metrics"
"github.com/open-policy-agent/gatekeeper/v3/pkg/target"
"github.com/open-policy-agent/gatekeeper/v3/pkg/util"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,13 +24,13 @@ import (

"github.com/open-policy-agent/frameworks/constraint/pkg/apis/templates/v1beta1"
constraintclient "github.com/open-policy-agent/frameworks/constraint/pkg/client"
celSchema "github.com/open-policy-agent/frameworks/constraint/pkg/client/drivers/k8scel/schema"
"github.com/open-policy-agent/frameworks/constraint/pkg/client/drivers/k8scel/transform"
"github.com/open-policy-agent/frameworks/constraint/pkg/core/templates"
statusv1beta1 "github.com/open-policy-agent/gatekeeper/v3/apis/status/v1beta1"
"github.com/open-policy-agent/gatekeeper/v3/pkg/controller/constraint"
"github.com/open-policy-agent/gatekeeper/v3/pkg/controller/constraintstatus"
"github.com/open-policy-agent/gatekeeper/v3/pkg/controller/constrainttemplatestatus"
celSchema "github.com/open-policy-agent/gatekeeper/v3/pkg/drivers/k8scel/schema"
"github.com/open-policy-agent/gatekeeper/v3/pkg/drivers/k8scel/transform"
"github.com/open-policy-agent/gatekeeper/v3/pkg/logging"
"github.com/open-policy-agent/gatekeeper/v3/pkg/metrics"
"github.com/open-policy-agent/gatekeeper/v3/pkg/operations"
Expand Down Expand Up @@ -479,7 +479,7 @@ func (r *ReconcileConstraintTemplate) handleUpdate(
isVapAPIEnabled := false
var groupVersion *schema.GroupVersion
if generateVap {
isVapAPIEnabled, groupVersion = constraint.IsVapAPIEnabled()
isVapAPIEnabled, groupVersion = transform.IsVapAPIEnabled(&logger)
}
logger.Info("isVapAPIEnabled", "isVapAPIEnabled", isVapAPIEnabled)
logger.Info("groupVersion", "groupVersion", groupVersion)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,13 +25,14 @@ import (
templatesv1 "github.com/open-policy-agent/frameworks/constraint/pkg/apis/templates/v1"
"github.com/open-policy-agent/frameworks/constraint/pkg/apis/templates/v1beta1"
constraintclient "github.com/open-policy-agent/frameworks/constraint/pkg/client"
"github.com/open-policy-agent/frameworks/constraint/pkg/client/drivers/k8scel"
celSchema "github.com/open-policy-agent/frameworks/constraint/pkg/client/drivers/k8scel/schema"
"github.com/open-policy-agent/frameworks/constraint/pkg/client/drivers/rego"
"github.com/open-policy-agent/frameworks/constraint/pkg/client/reviews"
"github.com/open-policy-agent/frameworks/constraint/pkg/core/templates"
statusv1beta1 "github.com/open-policy-agent/gatekeeper/v3/apis/status/v1beta1"
"github.com/open-policy-agent/gatekeeper/v3/pkg/controller/constraint"
"github.com/open-policy-agent/gatekeeper/v3/pkg/drivers/k8scel"
celSchema "github.com/open-policy-agent/gatekeeper/v3/pkg/drivers/k8scel/schema"
"github.com/open-policy-agent/gatekeeper/v3/pkg/drivers/k8scel/transform"
"github.com/open-policy-agent/gatekeeper/v3/pkg/fakes"
"github.com/open-policy-agent/gatekeeper/v3/pkg/readiness"
"github.com/open-policy-agent/gatekeeper/v3/pkg/target"
Expand Down Expand Up @@ -271,8 +272,8 @@ func TestReconcile(t *testing.T) {
ctx := context.Background()
testutils.StartManager(ctx, t, mgr)

constraint.VapAPIEnabled = ptr.To[bool](true)
constraint.GroupVersion = &admissionregistrationv1beta1.SchemeGroupVersion
transform.VapAPIEnabled = ptr.To[bool](true)
transform.GroupVersion = &admissionregistrationv1beta1.SchemeGroupVersion

t.Run("CRD Gets Created", func(t *testing.T) {
suffix := "CRDGetsCreated"
Expand Down Expand Up @@ -696,7 +697,7 @@ func TestReconcile(t *testing.T) {
suffix := "VapShouldBeCreatedV1"

logger.Info("Running test: Vap should be created with v1")
constraint.GroupVersion = &admissionregistrationv1.SchemeGroupVersion
transform.GroupVersion = &admissionregistrationv1.SchemeGroupVersion
constraintTemplate := makeReconcileConstraintTemplateForVap(suffix, ptr.To[bool](true))
t.Cleanup(testutils.DeleteObjectAndConfirm(ctx, t, c, expectedCRD(suffix)))
testutils.CreateThenCleanup(ctx, t, c, constraintTemplate)
Expand All @@ -721,7 +722,7 @@ func TestReconcile(t *testing.T) {
suffix := "VapBindingShouldBeCreatedV1"
logger.Info("Running test: VapBinding should be created with v1")
constraint.DefaultGenerateVAPB = ptr.To[bool](true)
constraint.GroupVersion = &admissionregistrationv1.SchemeGroupVersion
transform.GroupVersion = &admissionregistrationv1.SchemeGroupVersion
constraintTemplate := makeReconcileConstraintTemplateForVap(suffix, ptr.To[bool](true))
cstr := newDenyAllCstr(suffix)
t.Cleanup(testutils.DeleteObjectAndConfirm(ctx, t, c, expectedCRD(suffix)))
Expand Down
13 changes: 13 additions & 0 deletions pkg/drivers/k8scel/args.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
package k8scel

type Arg func(*Driver) error

// GatherStats starts collecting various stats around the
// underlying engine's calls.
func GatherStats() Arg {
return func(driver *Driver) error {
driver.gatherStats = true

return nil
}
}
Loading

0 comments on commit 682a493

Please sign in to comment.