diff --git a/.github/actions/setup-build-env/action.yaml b/.github/actions/setup-build-env/action.yaml index 6fe3805..af99ad0 100644 --- a/.github/actions/setup-build-env/action.yaml +++ b/.github/actions/setup-build-env/action.yaml @@ -28,7 +28,7 @@ runs: git fetch --prune --unshallow - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 with: - go-version: ~1.21.3 + go-version: ~1.22.2 - shell: bash run: | go mod download diff --git a/.github/workflows/conformance-tests.yaml b/.github/workflows/conformance-tests.yaml index d3fa0b6..cc6fdb7 100644 --- a/.github/workflows/conformance-tests.yaml +++ b/.github/workflows/conformance-tests.yaml @@ -41,7 +41,7 @@ jobs: - name: Setup Go uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 with: - go-version: ~1.21.1 + go-version: ~1.22.2 - name: Install helm id: helm uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5 diff --git a/.github/workflows/migration-tests.yaml b/.github/workflows/migration-tests.yaml index 81c1106..f09abf1 100644 --- a/.github/workflows/migration-tests.yaml +++ b/.github/workflows/migration-tests.yaml @@ -41,7 +41,7 @@ jobs: - name: Setup Go uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 with: - go-version: ~1.21.1 + go-version: ~1.22.2 - name: Install helm id: helm uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5 diff --git a/Dockerfile b/Dockerfile index efc3336..8990627 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ ARG ARCH -FROM golang:1.21.5 as build +FROM golang:1.22.2 as build WORKDIR / COPY . ./ diff --git a/go.mod b/go.mod index 3337f51..07e55e8 100644 --- a/go.mod +++ b/go.mod @@ -1,14 +1,13 @@ module github.com/kyverno/reports-server -go 1.21.4 - -toolchain go1.21.5 +go 1.22.2 require ( github.com/kyverno/kyverno v1.12.0-alpha.1 github.com/lib/pq v1.10.9 github.com/pkg/errors v0.9.1 github.com/spf13/cobra v1.8.0 + k8s.io/api v0.29.1 k8s.io/apimachinery v0.29.2 k8s.io/apiserver v0.29.1 k8s.io/client-go v0.29.1 @@ -98,7 +97,6 @@ require ( gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/api v0.29.1 // indirect k8s.io/kms v0.29.1 // indirect k8s.io/utils v0.0.0-20240102154912-e7106e64919e // indirect sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0 // indirect diff --git a/pkg/api/cephr.go b/pkg/api/cephr.go index 243a7cf..9980d52 100644 --- a/pkg/api/cephr.go +++ b/pkg/api/cephr.go @@ -4,6 +4,7 @@ import ( "context" "fmt" "slices" + "strconv" reportsv1 "github.com/kyverno/kyverno/api/reports/v1" "github.com/kyverno/reports-server/pkg/storage" @@ -51,7 +52,7 @@ func (c *cephrStore) NewList() runtime.Object { } func (c *cephrStore) List(ctx context.Context, options *metainternalversion.ListOptions) (runtime.Object, error) { - labelSelector := labels.Everything() + var labelSelector labels.Selector // fieldSelector := fields.Everything() // TODO: Field selectors if options != nil { if options.LabelSelector != nil { @@ -74,19 +75,33 @@ func (c *cephrStore) List(ctx context.Context, options *metainternalversion.List cephrList := &reportsv1.ClusterEphemeralReportList{ Items: make([]reportsv1.ClusterEphemeralReport, 0), ListMeta: metav1.ListMeta{ - // TODO: Fix this!! ResourceVersion: "1", }, } + var desiredRv uint64 + if len(options.ResourceVersion) == 0 { + desiredRv = 1 + } else { + desiredRv, err = strconv.ParseUint(options.ResourceVersion, 10, 64) + if err != nil { + return nil, err + } + } + var resourceVersion uint64 + resourceVersion = 1 for _, cephr := range list.Items { - if cephr.Labels == nil { - return list, nil + allow, rv, err := allowObjectListWatch(cephr.ObjectMeta, labelSelector, desiredRv, options.ResourceVersionMatch) + if err != nil { + return nil, err } - if labelSelector.Matches(labels.Set(cephr.Labels)) { + if rv > resourceVersion { + resourceVersion = rv + } + if allow { cephrList.Items = append(cephrList.Items, cephr) } } - + cephrList.ListMeta.ResourceVersion = strconv.FormatUint(resourceVersion, 10) return cephrList, nil } diff --git a/pkg/api/cpolr.go b/pkg/api/cpolr.go index f42fe83..498e10f 100644 --- a/pkg/api/cpolr.go +++ b/pkg/api/cpolr.go @@ -4,6 +4,7 @@ import ( "context" "fmt" "slices" + "strconv" "github.com/kyverno/reports-server/pkg/storage" "github.com/kyverno/reports-server/pkg/utils" @@ -51,7 +52,7 @@ func (c *cpolrStore) NewList() runtime.Object { } func (c *cpolrStore) List(ctx context.Context, options *metainternalversion.ListOptions) (runtime.Object, error) { - labelSelector := labels.Everything() + var labelSelector labels.Selector // fieldSelector := fields.Everything() // TODO: Field selectors if options != nil { if options.LabelSelector != nil { @@ -74,19 +75,33 @@ func (c *cpolrStore) List(ctx context.Context, options *metainternalversion.List cpolrList := &v1alpha2.ClusterPolicyReportList{ Items: make([]v1alpha2.ClusterPolicyReport, 0), ListMeta: metav1.ListMeta{ - // TODO: Fix this!! ResourceVersion: "1", }, } + var desiredRv uint64 + if len(options.ResourceVersion) == 0 { + desiredRv = 1 + } else { + desiredRv, err = strconv.ParseUint(options.ResourceVersion, 10, 64) + if err != nil { + return nil, err + } + } + var resourceVersion uint64 + resourceVersion = 1 for _, cpolr := range list.Items { - if cpolr.Labels == nil { - return list, nil + allow, rv, err := allowObjectListWatch(cpolr.ObjectMeta, labelSelector, desiredRv, options.ResourceVersionMatch) + if err != nil { + return nil, err } - if labelSelector.Matches(labels.Set(cpolr.Labels)) { + if rv > resourceVersion { + resourceVersion = rv + } + if allow { cpolrList.Items = append(cpolrList.Items, cpolr) } } - + cpolrList.ListMeta.ResourceVersion = strconv.FormatUint(resourceVersion, 10) return cpolrList, nil } diff --git a/pkg/api/ephr.go b/pkg/api/ephr.go index 1e5a1b5..8c31c5d 100644 --- a/pkg/api/ephr.go +++ b/pkg/api/ephr.go @@ -4,6 +4,7 @@ import ( "context" "fmt" "slices" + "strconv" reportsv1 "github.com/kyverno/kyverno/api/reports/v1" "github.com/kyverno/reports-server/pkg/storage" @@ -52,7 +53,7 @@ func (p *ephrStore) NewList() runtime.Object { } func (p *ephrStore) List(ctx context.Context, options *metainternalversion.ListOptions) (runtime.Object, error) { - labelSelector := labels.Everything() + var labelSelector labels.Selector // fieldSelector := fields.Everything() // TODO: Field selectors if options != nil { if options.LabelSelector != nil { @@ -77,19 +78,33 @@ func (p *ephrStore) List(ctx context.Context, options *metainternalversion.ListO ephrList := &reportsv1.EphemeralReportList{ Items: make([]reportsv1.EphemeralReport, 0), ListMeta: metav1.ListMeta{ - // TODO: Fix this!! ResourceVersion: "1", }, } + var desiredRv uint64 + if len(options.ResourceVersion) == 0 { + desiredRv = 1 + } else { + desiredRv, err = strconv.ParseUint(options.ResourceVersion, 10, 64) + if err != nil { + return nil, err + } + } + var resourceVersion uint64 + resourceVersion = 1 for _, ephr := range list.Items { - if ephr.Labels == nil { - return list, nil + allow, rv, err := allowObjectListWatch(ephr.ObjectMeta, labelSelector, desiredRv, options.ResourceVersionMatch) + if err != nil { + return nil, err } - if labelSelector.Matches(labels.Set(ephr.Labels)) { + if rv > resourceVersion { + resourceVersion = rv + } + if allow { ephrList.Items = append(ephrList.Items, ephr) } } - + ephrList.ListMeta.ResourceVersion = strconv.FormatUint(resourceVersion, 10) return ephrList, nil } diff --git a/pkg/api/filter.go b/pkg/api/filter.go new file mode 100644 index 0000000..58ad5dc --- /dev/null +++ b/pkg/api/filter.go @@ -0,0 +1,36 @@ +package api + +import ( + "strconv" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" +) + +func allowObjectListWatch(object metav1.ObjectMeta, labelSelector labels.Selector, desiredRv uint64, rvmatch metav1.ResourceVersionMatch) (bool, uint64, error) { + rv, err := strconv.ParseUint(object.ResourceVersion, 10, 64) + if err != nil { + return false, 0, err + } + + switch rvmatch { + case metav1.ResourceVersionMatchNotOlderThan: + if rv < desiredRv { + return false, 0, nil + } + case metav1.ResourceVersionMatchExact: + if rv != desiredRv { + return false, 0, nil + } + } + + if labelSelector == nil { + return true, rv, nil + } + + if labelSelector.Matches(labels.Set(object.Labels)) { + return true, rv, nil + } else { + return false, 0, nil + } +} diff --git a/pkg/api/polr.go b/pkg/api/polr.go index 1faf65d..e82785d 100644 --- a/pkg/api/polr.go +++ b/pkg/api/polr.go @@ -4,6 +4,7 @@ import ( "context" "fmt" "slices" + "strconv" "github.com/kyverno/reports-server/pkg/storage" "github.com/kyverno/reports-server/pkg/utils" @@ -52,7 +53,7 @@ func (p *polrStore) NewList() runtime.Object { } func (p *polrStore) List(ctx context.Context, options *metainternalversion.ListOptions) (runtime.Object, error) { - labelSelector := labels.Everything() + var labelSelector labels.Selector // fieldSelector := fields.Everything() // TODO: Field selectors if options != nil { if options.LabelSelector != nil { @@ -77,19 +78,33 @@ func (p *polrStore) List(ctx context.Context, options *metainternalversion.ListO polrList := &v1alpha2.PolicyReportList{ Items: make([]v1alpha2.PolicyReport, 0), ListMeta: metav1.ListMeta{ - // TODO: Fix this!! ResourceVersion: "1", }, } + var desiredRv uint64 + if len(options.ResourceVersion) == 0 { + desiredRv = 1 + } else { + desiredRv, err = strconv.ParseUint(options.ResourceVersion, 10, 64) + if err != nil { + return nil, err + } + } + var resourceVersion uint64 + resourceVersion = 1 for _, polr := range list.Items { - if polr.Labels == nil { - return list, nil + allow, rv, err := allowObjectListWatch(polr.ObjectMeta, labelSelector, desiredRv, options.ResourceVersionMatch) + if err != nil { + return nil, err } - if labelSelector.Matches(labels.Set(polr.Labels)) { + if rv > resourceVersion { + resourceVersion = rv + } + if allow { polrList.Items = append(polrList.Items, polr) } } - + polrList.ListMeta.ResourceVersion = strconv.FormatUint(resourceVersion, 10) return polrList, nil } diff --git a/tools/go.mod b/tools/go.mod index acdf173..eb88310 100644 --- a/tools/go.mod +++ b/tools/go.mod @@ -1,6 +1,6 @@ module github.com/kyverno/reports-server/tools -go 1.21 +go 1.22.2 require ( github.com/google/addlicense v1.1.1