Skip to content

Commit

Permalink
fix!: renames "url" field into "module".
Browse files Browse the repository at this point in the history
Renames the "url" field into "module". This makes the field name the same
of the name used in the CRDs.

Signed-off-by: José Guilherme Vanz <[email protected]>
  • Loading branch information
jvanz committed Jan 3, 2025
1 parent 10938df commit cfe621d
Show file tree
Hide file tree
Showing 5 changed files with 45 additions and 45 deletions.
40 changes: 20 additions & 20 deletions src/config.rs
Original file line number Diff line number Diff line change
Expand Up @@ -318,7 +318,7 @@ pub enum PolicyOrPolicyGroupSettings {
#[serde(deny_unknown_fields, rename_all = "camelCase")]
pub struct PolicyGroupMember {
/// Thge URL where the policy is located
pub url: String,
pub module: String,
/// The settings for the policy
pub settings: Option<HashMap<String, serde_yaml::Value>>,
/// The list of Kubernetes resources the policy is allowed to access
Expand All @@ -341,7 +341,7 @@ pub enum PolicyOrPolicyGroup {
#[serde(rename_all = "camelCase")]
Policy {
/// The URL where the policy is located
url: String,
module: String,
#[serde(default)]
/// The mode of the policy
policy_mode: PolicyMode,
Expand Down Expand Up @@ -485,7 +485,7 @@ mod tests {
let policies_yaml = r#"
---
example:
url: ghcr.io/kubewarden/policies/context-aware-policy:0.1.0
module: ghcr.io/kubewarden/policies/context-aware-policy:0.1.0
settings: {}
allowedToMutate: true
contextAwareResources:
Expand All @@ -499,10 +499,10 @@ group_policy:
message: "group policy message"
policies:
policy1:
url: ghcr.io/kubewarden/policies/policy1:0.1.0
module: ghcr.io/kubewarden/policies/policy1:0.1.0
settings: {}
policy2:
url: ghcr.io/kubewarden/policies/policy2:0.1.0
module: ghcr.io/kubewarden/policies/policy2:0.1.0
settings: {}
"#;

Expand All @@ -516,7 +516,7 @@ group_policy:
(
"example".to_owned(),
PolicyOrPolicyGroup::Policy {
url: "ghcr.io/kubewarden/policies/context-aware-policy:0.1.0".to_owned(),
module: "ghcr.io/kubewarden/policies/context-aware-policy:0.1.0".to_owned(),
policy_mode: PolicyMode::Protect,
allowed_to_mutate: Some(true),
settings: Some(HashMap::new()),
Expand All @@ -542,15 +542,15 @@ group_policy:
(
"policy1".to_owned(),
PolicyGroupMember {
url: "ghcr.io/kubewarden/policies/policy1:0.1.0".to_owned(),
module: "ghcr.io/kubewarden/policies/policy1:0.1.0".to_owned(),
settings: Some(HashMap::new()),
context_aware_resources: BTreeSet::new(),
},
),
(
"policy2".to_string(),
PolicyGroupMember {
url: "ghcr.io/kubewarden/policies/policy2:0.1.0".to_owned(),
module: "ghcr.io/kubewarden/policies/policy2:0.1.0".to_owned(),
settings: Some(HashMap::new()),
context_aware_resources: BTreeSet::new(),
},
Expand All @@ -568,30 +568,30 @@ group_policy:
r#"
---
example:
url: file:///tmp/namespace-validate-policy.wasm
module: file:///tmp/namespace-validate-policy.wasm
settings: {}
"#, json!({})
)]
#[case::settings_missing(
r#"
---
example:
url: file:///tmp/namespace-validate-policy.wasm
module: file:///tmp/namespace-validate-policy.wasm
"#, json!({})
)]
#[case::settings_null(
r#"
---
example:
url: file:///tmp/namespace-validate-policy.wasm
module: file:///tmp/namespace-validate-policy.wasm
settings: null
"#, json!({})
)]
#[case::settings_provided(
r#"
---
example:
url: file:///tmp/namespace-validate-policy.wasm
module: file:///tmp/namespace-validate-policy.wasm
settings:
"counter": 1
"items": ["a", "b"]
Expand All @@ -617,7 +617,7 @@ example:
let policies_yaml = r#"
---
example:
url: file:///tmp/namespace-validate-policy.wasm
module: file:///tmp/namespace-validate-policy.wasm
settings: {}
"#;
let mut temp_file = NamedTempFile::new().unwrap();
Expand Down Expand Up @@ -654,17 +654,17 @@ example:
r#"
---
example:
url: file:///tmp/namespace-validate-policy.wasm
module: file:///tmp/namespace-validate-policy.wasm
settings: {}
group_policy:
expression: "true"
message: "group policy message"
policies:
policy1:
url: file:///tmp/namespace-validate-policy.wasm
module: file:///tmp/namespace-validate-policy.wasm
settings: {}
policy2:
url: file:///tmp/namespace-validate-policy.wasm
module: file:///tmp/namespace-validate-policy.wasm
settings: {}
"#,
true
Expand All @@ -673,7 +673,7 @@ group_policy:
r#"
---
example/invalid:
url: file:///tmp/namespace-validate-policy.wasm
module: file:///tmp/namespace-validate-policy.wasm
settings: {}
"#,
false
Expand All @@ -682,17 +682,17 @@ example/invalid:
r#"
---
example:
url: file:///tmp/namespace-validate-policy.wasm
module: file:///tmp/namespace-validate-policy.wasm
settings: {}
group_policy:
expression: "true"
message: "group policy message"
policies:
policy1/a:
url: file:///tmp/namespace-validate-policy.wasm
module: file:///tmp/namespace-validate-policy.wasm
settings: {}
policy2:
url: file:///tmp/namespace-validate-policy.wasm
module: file:///tmp/namespace-validate-policy.wasm
settings: {}
"#,
false
Expand Down
24 changes: 12 additions & 12 deletions src/evaluation/evaluation_environment.rs
Original file line number Diff line number Diff line change
Expand Up @@ -214,7 +214,7 @@ impl<'engine, 'precompiled_policies> EvaluationEnvironmentBuilder<'engine, 'prec

match policy {
PolicyOrPolicyGroup::Policy {
url,
module: url,
policy_mode,
allowed_to_mutate,
context_aware_resources,
Expand Down Expand Up @@ -297,7 +297,7 @@ impl<'engine, 'precompiled_policies> EvaluationEnvironmentBuilder<'engine, 'prec
if let Err(e) = self.bootstrap_policy(
&mut eval_env,
policy_id.clone(),
&policy.url,
&policy.module,

Check warning on line 300 in src/evaluation/evaluation_environment.rs

View check run for this annotation

Codecov / codecov/patch

src/evaluation/evaluation_environment.rs#L300

Added line #L300 was not covered by tests
policy_evaluation_settings,
eval_ctx,
) {
Expand Down Expand Up @@ -820,7 +820,7 @@ mod tests {
policies.insert(
policy_id.to_string(),
PolicyOrPolicyGroup::Policy {
url: policy_url.clone(),
module: policy_url.clone(),
policy_mode: PolicyMode::Protect,
allowed_to_mutate: None,
settings: None,
Expand All @@ -838,7 +838,7 @@ mod tests {
policies: vec![(
"happy_policy_1".to_string(),
PolicyGroupMember {
url: "file:///tmp/happy_policy_1.wasm".to_string(),
module: "file:///tmp/happy_policy_1.wasm".to_string(),
settings: None,
context_aware_resources: BTreeSet::new(),
},
Expand All @@ -865,7 +865,7 @@ mod tests {
policies: vec![(
"happy_policy_1".to_string(),
PolicyGroupMember {
url: "file:///tmp/happy_policy_1.wasm".to_string(),
module: "file:///tmp/happy_policy_1.wasm".to_string(),
settings: None,
context_aware_resources: BTreeSet::new(),
},
Expand Down Expand Up @@ -902,7 +902,7 @@ mod tests {
policies: vec![(
"happy_policy_1".to_string(),
PolicyGroupMember {
url: "file:///tmp/happy_policy_1.wasm".to_string(),
module: "file:///tmp/happy_policy_1.wasm".to_string(),
settings: None,
context_aware_resources: BTreeSet::new(),
},
Expand All @@ -921,23 +921,23 @@ mod tests {
(
"happy_policy_1".to_string(),
PolicyGroupMember {
url: "file:///tmp/happy_policy_1.wasm".to_string(),
module: "file:///tmp/happy_policy_1.wasm".to_string(),
settings: None,
context_aware_resources: BTreeSet::new(),
},
),
(
"unhappy_policy_1".to_string(),
PolicyGroupMember {
url: "file:///tmp/unhappy_policy_1.wasm".to_string(),
module: "file:///tmp/unhappy_policy_1.wasm".to_string(),
settings: None,
context_aware_resources: BTreeSet::new(),
},
),
(
"unhappy_policy_2".to_string(),
PolicyGroupMember {
url: "file:///tmp/unhappy_policy_1.wasm".to_string(),
module: "file:///tmp/unhappy_policy_1.wasm".to_string(),
settings: None,
context_aware_resources: BTreeSet::new(),
},
Expand All @@ -959,23 +959,23 @@ mod tests {
(
"happy_policy_1".to_string(),
PolicyGroupMember {
url: "file:///tmp/happy_policy_1.wasm".to_string(),
module: "file:///tmp/happy_policy_1.wasm".to_string(),
settings: None,
context_aware_resources: BTreeSet::new(),
},
),
(
"unhappy_policy_1".to_string(),
PolicyGroupMember {
url: "file:///tmp/unhappy_policy_1.wasm".to_string(),
module: "file:///tmp/unhappy_policy_1.wasm".to_string(),
settings: None,
context_aware_resources: BTreeSet::new(),
},
),
(
"unhappy_policy_2".to_string(),
PolicyGroupMember {
url: "file:///tmp/unhappy_policy_1.wasm".to_string(),
module: "file:///tmp/unhappy_policy_1.wasm".to_string(),
settings: None,
context_aware_resources: BTreeSet::new(),
},
Expand Down
10 changes: 5 additions & 5 deletions src/policy_downloader.rs
Original file line number Diff line number Diff line change
Expand Up @@ -238,14 +238,14 @@ fn policies_to_download(

for (name, policy) in policies {
match policy {
PolicyOrPolicyGroup::Policy { url, .. } => {
PolicyOrPolicyGroup::Policy { module: url, .. } => {
flattened_policies.insert(name.to_owned(), url.to_owned());
}
PolicyOrPolicyGroup::PolicyGroup { policies, .. } => {
for (sub_policy_name, sub_policy) in policies {
flattened_policies.insert(
format!("{name}/#{sub_policy_name}"),
sub_policy.url.to_owned(),
sub_policy.module.to_owned(),
);
}
}
Expand Down Expand Up @@ -291,9 +291,9 @@ mod tests {

let policies_cfg = r#"
pod-privileged:
url: registry://ghcr.io/kubewarden/tests/pod-privileged:v0.1.9
module: registry://ghcr.io/kubewarden/tests/pod-privileged:v0.1.9
another-pod-privileged:
url: registry://ghcr.io/kubewarden/tests/pod-privileged:v0.1.9
module: registry://ghcr.io/kubewarden/tests/pod-privileged:v0.1.9
"#;

let policies: HashMap<String, PolicyOrPolicyGroup> =
Expand Down Expand Up @@ -335,7 +335,7 @@ mod tests {

let policies_cfg = r#"
pod-privileged:
url: registry://ghcr.io/kubewarden/tests/pod-privileged:v0.1.9
module: registry://ghcr.io/kubewarden/tests/pod-privileged:v0.1.9
"#;

let policies: HashMap<String, PolicyOrPolicyGroup> =
Expand Down
10 changes: 5 additions & 5 deletions tests/common/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ pub(crate) fn default_test_config() -> Config {
(
"pod-privileged".to_owned(),
PolicyOrPolicyGroup::Policy {
url: "ghcr.io/kubewarden/tests/pod-privileged:v0.2.1".to_owned(),
module: "ghcr.io/kubewarden/tests/pod-privileged:v0.2.1".to_owned(),
policy_mode: PolicyMode::Protect,
allowed_to_mutate: None,
settings: None,
Expand All @@ -41,7 +41,7 @@ pub(crate) fn default_test_config() -> Config {
(
"raw-mutation".to_owned(),
PolicyOrPolicyGroup::Policy {
url: "ghcr.io/kubewarden/tests/raw-mutation-policy:v0.1.0".to_owned(),
module: "ghcr.io/kubewarden/tests/raw-mutation-policy:v0.1.0".to_owned(),
policy_mode: PolicyMode::Protect,
allowed_to_mutate: Some(true),
settings: Some(HashMap::from([
Expand All @@ -57,7 +57,7 @@ pub(crate) fn default_test_config() -> Config {
(
"sleep".to_owned(),
PolicyOrPolicyGroup::Policy {
url: "ghcr.io/kubewarden/tests/sleeping-policy:v0.1.0".to_owned(),
module: "ghcr.io/kubewarden/tests/sleeping-policy:v0.1.0".to_owned(),
policy_mode: PolicyMode::Protect,
allowed_to_mutate: None,
settings: Some(HashMap::from([("sleepMilliseconds".to_owned(), 2.into())])),
Expand All @@ -73,7 +73,7 @@ pub(crate) fn default_test_config() -> Config {
policies: HashMap::from([(
"pod_privileged".to_string(),
PolicyGroupMember {
url: "ghcr.io/kubewarden/tests/pod-privileged:v0.2.1".to_owned(),
module: "ghcr.io/kubewarden/tests/pod-privileged:v0.2.1".to_owned(),
settings: None,
context_aware_resources: BTreeSet::new(),
},
Expand All @@ -89,7 +89,7 @@ pub(crate) fn default_test_config() -> Config {
policies: HashMap::from([(
"raw_mutation".to_string(),
PolicyGroupMember {
url: "ghcr.io/kubewarden/tests/raw-mutation-policy:v0.1.0".to_owned(),
module: "ghcr.io/kubewarden/tests/raw-mutation-policy:v0.1.0".to_owned(),
settings: Some(HashMap::from([
(
"forbiddenResources".to_owned(),
Expand Down
6 changes: 3 additions & 3 deletions tests/integration_test.rs
Original file line number Diff line number Diff line change
Expand Up @@ -466,7 +466,7 @@ async fn test_verified_policy() {
config.policies = HashMap::from([(
"pod-privileged".to_owned(),
PolicyOrPolicyGroup::Policy {
url: "ghcr.io/kubewarden/tests/pod-privileged:v0.2.1".to_owned(),
module: "ghcr.io/kubewarden/tests/pod-privileged:v0.2.1".to_owned(),
policy_mode: PolicyMode::Protect,
allowed_to_mutate: None,
settings: None,
Expand Down Expand Up @@ -498,7 +498,7 @@ async fn test_policy_with_invalid_settings() {
config.policies.insert(
"invalid_settings".to_owned(),
PolicyOrPolicyGroup::Policy {
url: "ghcr.io/kubewarden/tests/sleeping-policy:v0.1.0".to_owned(),
module: "ghcr.io/kubewarden/tests/sleeping-policy:v0.1.0".to_owned(),
policy_mode: PolicyMode::Protect,
allowed_to_mutate: None,
settings: Some(HashMap::from([(
Expand Down Expand Up @@ -546,7 +546,7 @@ async fn test_policy_with_wrong_url() {
config.policies.insert(
"wrong_url".to_owned(),
PolicyOrPolicyGroup::Policy {
url: "ghcr.io/kubewarden/tests/not_existing:v0.1.0".to_owned(),
module: "ghcr.io/kubewarden/tests/not_existing:v0.1.0".to_owned(),
policy_mode: PolicyMode::Protect,
allowed_to_mutate: None,
settings: None,
Expand Down

0 comments on commit cfe621d

Please sign in to comment.