Skip to content

Commit

Permalink
Merge pull request #5698 from stormqueen1990/fix/validation-name-refe…
Browse files Browse the repository at this point in the history
…rence

fix(namereference): add configuration for new admission API
  • Loading branch information
k8s-ci-robot authored Jun 8, 2024
2 parents 16a7ce2 + 3065eb3 commit 8566628
Show file tree
Hide file tree
Showing 2 changed files with 89 additions and 0 deletions.
7 changes: 7 additions & 0 deletions api/internal/konfig/builtinpluginconsts/namereference.go
Original file line number Diff line number Diff line change
Expand Up @@ -421,6 +421,13 @@ nameReference:
fieldSpecs:
- path: spec/ingressClassName
kind: Ingress
- kind: ValidatingAdmissionPolicy
group: admissionregistration.k8s.io
fieldSpecs:
- path: spec/policyName
kind: ValidatingAdmissionPolicyBinding
group: admissionregistration.k8s.io
`
)

Expand Down
82 changes: 82 additions & 0 deletions api/krusty/namereference_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -786,3 +786,85 @@ spec:
name: tester
`)
}

func TestBackReferenceAdmissionPolicy(t *testing.T) {
th := kusttest_test.MakeHarness(t)
th.WriteK(".", `
resources:
- admission.yaml
namePrefix: a-prefix-
`)
th.WriteF("admission.yaml", `---
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingAdmissionPolicy
metadata:
name: sample-policy
spec:
failurePolicy: Fail
paramKind:
apiVersion: apps/v1
kind: Deployment
matchConstraints:
resourceRules:
- apiGroups:
- apps
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- deployments
validations:
- expression: "!object.metadata.name.startsWith('test-')"
message: prefix 'test-' is not allowed
reason: Invalid
---
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingAdmissionPolicyBinding
metadata:
name: sample-policy-binding
spec:
policyName: sample-policy
validationActions:
- Deny
`)

m := th.Run(".", th.MakeDefaultOptions())
th.AssertActualEqualsExpected(m, `
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingAdmissionPolicy
metadata:
name: a-prefix-sample-policy
spec:
failurePolicy: Fail
matchConstraints:
resourceRules:
- apiGroups:
- apps
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- deployments
paramKind:
apiVersion: apps/v1
kind: Deployment
validations:
- expression: '!object.metadata.name.startsWith(''test-'')'
message: prefix 'test-' is not allowed
reason: Invalid
---
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingAdmissionPolicyBinding
metadata:
name: a-prefix-sample-policy-binding
spec:
policyName: a-prefix-sample-policy
validationActions:
- Deny
`)
}

0 comments on commit 8566628

Please sign in to comment.