Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
gatekeeper example api upgrade
Browse files Browse the repository at this point in the history
@7navyasa
7navyasa committed Jul 12, 2024
1 parent b4fc52d commit 1f97a70
Showing 6 changed files with 12 additions and 12 deletions.
2 changes: 1 addition & 1 deletion examples/gatekeeper/duplicate-s3/samples/allowed-bucket.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
apiVersion: s3.aws.crossplane.io/v1beta1
apiVersion: s3.aws.upbound.io/v1beta1
kind: Bucket
metadata:
annotations:
2 changes: 1 addition & 1 deletion examples/gatekeeper/duplicate-s3/samples/constraint.yaml
View file
Original file line number Diff line number Diff line change
@@ -7,5 +7,5 @@ spec:
kinds:
- apiGroups: ["awsblueprints.io"]
kinds: ["ObjectStorage"]
- apiGroups: ["s3.aws.crossplane.io"]
- apiGroups: ["s3.aws.upbound.io"]
kinds: ["Bucket"]
2 changes: 1 addition & 1 deletion examples/gatekeeper/duplicate-s3/samples/existing-buckets.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
apiVersion: s3.aws.crossplane.io/v1beta1
apiVersion: s3.aws.upbound.io/v1beta1
kind: Bucket
metadata:
annotations:
2 changes: 1 addition & 1 deletion examples/gatekeeper/duplicate-s3/samples/not-allowed-bucket.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
apiVersion: s3.aws.crossplane.io/v1beta1
apiVersion: s3.aws.upbound.io/v1beta1
kind: Bucket
metadata:
annotations:
2 changes: 1 addition & 1 deletion examples/gatekeeper/duplicate-s3/syncset.yaml
View file
Original file line number Diff line number Diff line change
@@ -4,6 +4,6 @@ metadata:
name: s3-syncset
spec:
gvks:
- group: "s3.aws.crossplane.io"
- group: "s3.aws.upbound.io"
version: "v1beta1"
kind: "Bucket"
14 changes: 7 additions & 7 deletions examples/gatekeeper/duplicate-s3/template.yaml
View file
Original file line number Diff line number Diff line change
@@ -20,8 +20,8 @@ spec:
#}
sameClaim(obj, review) {
obj.metadata.labels["crossplane.io/claim-namespace"] == review.object.metadata.namespace
obj.metadata.labels["crossplane.io/claim-name"] == review.object.metadata.name
obj.metadata.labels["upbound.io/claim-namespace"] == review.object.metadata.namespace
obj.metadata.labels["upbound.io/claim-name"] == review.object.metadata.name
}
sameBucketMR(obj, review) {
@@ -32,12 +32,12 @@ spec:
violation[{"msg": msg}] {
review := input.review
review.object.kind == "ObjectStorage"
obj := data.inventory.cluster["s3.aws.crossplane.io/v1beta1"].Bucket[_]
obj := data.inventory.cluster["s3.aws.upbound.io/v1beta1"].Bucket[_]
not sameClaim(obj, review)
claimName := review.object.metadata.name
claimNameSpace := review.object.metadata.namespace
bucket := review.object.spec.resourceConfig.name
bucket == obj.metadata.annotations["crossplane.io/external-name"]
bucket == obj.metadata.annotations["upbound.io/external-name"]
msg := sprintf(
"Claim %v in namespace %v requesting Bucket %v is already managed by Bucket MR %v",
@@ -48,10 +48,10 @@ spec:
violation[{"msg": msg}] {
review := input.review
review.object.kind == "Bucket"
obj := data.inventory.cluster["s3.aws.crossplane.io/v1beta1"].Bucket[_]
obj := data.inventory.cluster["s3.aws.upbound.io/v1beta1"].Bucket[_]
not sameBucketMR(obj, review)
newBucket := review.object.metadata.annotations["crossplane.io/external-name"]
existingBucket := obj.metadata.annotations["crossplane.io/external-name"]
newBucket := review.object.metadata.annotations["upbound.io/external-name"]
existingBucket := obj.metadata.annotations["upbound.io/external-name"]
newBucket == existingBucket
msg := sprintf(

0 comments on commit 1f97a70

Please sign in to comment.