From 587d91655a056e65f238d51640198af86a88fae2 Mon Sep 17 00:00:00 2001 From: Mariam Fahmy Date: Tue, 9 Jul 2024 16:30:56 +0800 Subject: [PATCH] fix: remove unused parameters (#10626) Signed-off-by: Mariam Fahmy --- pkg/engine/background.go | 5 +---- pkg/engine/engine.go | 4 ++-- pkg/engine/forceMutate.go | 6 +++--- pkg/engine/fuzz_test.go | 5 ++--- pkg/engine/generation.go | 3 --- pkg/engine/image_verify_test.go | 4 ++-- pkg/engine/internal/imageverifier.go | 6 ++---- pkg/engine/internal/match.go | 4 ++-- pkg/engine/mutation_test.go | 24 ++++++++++++------------ 9 files changed, 26 insertions(+), 35 deletions(-) diff --git a/pkg/engine/background.go b/pkg/engine/background.go index ce5ec525804a..572fb9cff6d9 100644 --- a/pkg/engine/background.go +++ b/pkg/engine/background.go @@ -2,7 +2,6 @@ package engine import ( "context" - "time" "github.com/go-logr/logr" kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1" @@ -20,17 +19,15 @@ import ( // // 2. returns the list of rules that are applicable on this policy and resource, if 1 succeed func (e *engine) applyBackgroundChecks( - ctx context.Context, logger logr.Logger, policyContext engineapi.PolicyContext, ) engineapi.PolicyResponse { - return e.filterRules(policyContext, logger, time.Now()) + return e.filterRules(policyContext, logger) } func (e *engine) filterRules( policyContext engineapi.PolicyContext, logger logr.Logger, - startTime time.Time, ) engineapi.PolicyResponse { policy := policyContext.Policy() resp := engineapi.NewPolicyResponse() diff --git a/pkg/engine/engine.go b/pkg/engine/engine.go index c1dc78a261a3..49221cfcc256 100644 --- a/pkg/engine/engine.go +++ b/pkg/engine/engine.go @@ -123,7 +123,7 @@ func (e *engine) Generate( response := engineapi.NewEngineResponseFromPolicyContext(policyContext) logger := internal.LoggerWithPolicyContext(logging.WithName("engine.generate"), policyContext) if internal.MatchPolicyContext(logger, e.client, policyContext, e.configuration) { - policyResponse := e.generateResponse(ctx, logger, policyContext) + policyResponse := e.generateResponse(logger, policyContext) response = response.WithPolicyResponse(policyResponse) } response = response.WithStats(engineapi.NewExecutionStats(startTime, time.Now())) @@ -158,7 +158,7 @@ func (e *engine) ApplyBackgroundChecks( response := engineapi.NewEngineResponseFromPolicyContext(policyContext) logger := internal.LoggerWithPolicyContext(logging.WithName("engine.background"), policyContext) if internal.MatchPolicyContext(logger, e.client, policyContext, e.configuration) { - policyResponse := e.applyBackgroundChecks(ctx, logger, policyContext) + policyResponse := e.applyBackgroundChecks(logger, policyContext) response = response.WithPolicyResponse(policyResponse) } response = response.WithStats(engineapi.NewExecutionStats(startTime, time.Now())) diff --git a/pkg/engine/forceMutate.go b/pkg/engine/forceMutate.go index 3fc8ca1b21b1..e6ca6edd1148 100644 --- a/pkg/engine/forceMutate.go +++ b/pkg/engine/forceMutate.go @@ -51,7 +51,7 @@ func ForceMutate( } } else { m := r.Mutation - patchedResource, err = applyPatches(r.Name, m.GetPatchStrategicMerge(), m.PatchesJSON6902, patchedResource, logger) + patchedResource, err = applyPatches(m.GetPatchStrategicMerge(), m.PatchesJSON6902, patchedResource, logger) if err != nil { return patchedResource, err } @@ -73,7 +73,7 @@ func applyForEachMutate(name string, foreach []kyvernov1.ForEachMutation, resour return applyForEachMutate(name, nestedForEach, patchedResource, logger) } - patchedResource, err = applyPatches(name, fe.GetPatchStrategicMerge(), fe.PatchesJSON6902, patchedResource, logger) + patchedResource, err = applyPatches(fe.GetPatchStrategicMerge(), fe.PatchesJSON6902, patchedResource, logger) if err != nil { return resource, err } @@ -82,7 +82,7 @@ func applyForEachMutate(name string, foreach []kyvernov1.ForEachMutation, resour return patchedResource, nil } -func applyPatches(name string, mergePatch apiextensions.JSON, jsonPatch string, resource unstructured.Unstructured, logger logr.Logger) (unstructured.Unstructured, error) { +func applyPatches(mergePatch apiextensions.JSON, jsonPatch string, resource unstructured.Unstructured, logger logr.Logger) (unstructured.Unstructured, error) { patcher := mutate.NewPatcher(mergePatch, jsonPatch) resourceBytes, err := resource.MarshalJSON() if err != nil { diff --git a/pkg/engine/fuzz_test.go b/pkg/engine/fuzz_test.go index 1860c4b469f4..b44c870ea634 100644 --- a/pkg/engine/fuzz_test.go +++ b/pkg/engine/fuzz_test.go @@ -213,15 +213,14 @@ func FuzzPodBypass(f *testing.F) { validateContext, pc.WithPolicy(testPolicy.ClusterPolicy), ) - failurePolicy := kyverno.Fail - blocked := blockRequest([]engineapi.EngineResponse{er}, failurePolicy) + blocked := blockRequest([]engineapi.EngineResponse{er}) if blocked != shouldBlock { panic(fmt.Sprintf("\nDid not block a resource that should be blocked:\n%s\n should have been blocked by \n%+v\n\nshouldBlock was %t\nblocked was %t\n", string(resource), testPolicy.ClusterPolicy, shouldBlock, blocked)) } }) } -func blockRequest(engineResponses []engineapi.EngineResponse, failurePolicy kyverno.FailurePolicyType) bool { +func blockRequest(engineResponses []engineapi.EngineResponse) bool { for _, er := range engineResponses { if er.IsFailed() { return true diff --git a/pkg/engine/generation.go b/pkg/engine/generation.go index 826bffbc7ef7..a45004239498 100644 --- a/pkg/engine/generation.go +++ b/pkg/engine/generation.go @@ -1,8 +1,6 @@ package engine import ( - "context" - "github.com/go-logr/logr" "github.com/kyverno/kyverno/pkg/autogen" engineapi "github.com/kyverno/kyverno/pkg/engine/api" @@ -11,7 +9,6 @@ import ( // GenerateResponse checks for validity of generate rule on the resource func (e *engine) generateResponse( - ctx context.Context, logger logr.Logger, policyContext engineapi.PolicyContext, ) engineapi.PolicyResponse { diff --git a/pkg/engine/image_verify_test.go b/pkg/engine/image_verify_test.go index babebc6d82a5..25dec1911224 100644 --- a/pkg/engine/image_verify_test.go +++ b/pkg/engine/image_verify_test.go @@ -711,7 +711,7 @@ func Test_SignaturesMultiKeyZeroGoodKey(t *testing.T) { func Test_RuleSelectorImageVerify(t *testing.T) { policyContext := buildContext(t, testSampleSingleKeyPolicy, testSampleResource, "") - rule := newStaticKeyRule("match-all", "*", testOtherKey) + rule := newStaticKeyRule("match-all", testOtherKey) spec := policyContext.Policy().GetSpec() spec.Rules = append(spec.Rules, *rule) @@ -730,7 +730,7 @@ func Test_RuleSelectorImageVerify(t *testing.T) { assert.Equal(t, resp.PolicyResponse.Rules[0].Status(), engineapi.RuleStatusPass, resp.PolicyResponse.Rules[0].Message()) } -func newStaticKeyRule(name, imageReference, key string) *kyvernov1.Rule { +func newStaticKeyRule(name, key string) *kyvernov1.Rule { return &kyvernov1.Rule{ Name: name, MatchResources: kyvernov1.MatchResources{ diff --git a/pkg/engine/internal/imageverifier.go b/pkg/engine/internal/imageverifier.go index 23c43f1ad4b5..1bed119b639b 100644 --- a/pkg/engine/internal/imageverifier.go +++ b/pkg/engine/internal/imageverifier.go @@ -347,7 +347,7 @@ func (iv *ImageVerifier) verifyImage( iv.ivm.Add(image, engineapi.ImageVerificationSkip) return engineapi.RuleSkip(iv.rule.Name, engineapi.ImageVerify, fmt.Sprintf("skipping image reference image %s, policy %s ruleName %s", image, iv.policyContext.Policy().GetName(), iv.rule.Name)).WithEmitWarning(true), "" } - ruleResp, cosignResp := iv.verifyAttestors(ctx, imageVerify.Attestors, imageVerify, imageInfo, "") + ruleResp, cosignResp := iv.verifyAttestors(ctx, imageVerify.Attestors, imageVerify, imageInfo) if ruleResp.Status() != engineapi.RuleStatusPass { return ruleResp, "" } @@ -367,7 +367,6 @@ func (iv *ImageVerifier) verifyAttestors( attestors []kyvernov1.AttestorSet, imageVerify kyvernov1.ImageVerification, imageInfo apiutils.ImageInfo, - predicateType string, ) (*engineapi.RuleResponse, *images.Response) { var cosignResponse *images.Response image := imageInfo.String() @@ -536,7 +535,7 @@ func (iv *ImageVerifier) buildVerifier( ) (images.ImageVerifier, *images.Options, string) { switch imageVerify.Type { case kyvernov1.Notary: - return iv.buildNotaryVerifier(attestor, imageVerify, image, attestation) + return iv.buildNotaryVerifier(attestor, image, attestation) default: return iv.buildCosignVerifier(attestor, imageVerify, image, attestation) } @@ -654,7 +653,6 @@ func (iv *ImageVerifier) buildCosignVerifier( func (iv *ImageVerifier) buildNotaryVerifier( attestor kyvernov1.Attestor, - imageVerify kyvernov1.ImageVerification, image string, attestation *kyvernov1.Attestation, ) (images.ImageVerifier, *images.Options, string) { diff --git a/pkg/engine/internal/match.go b/pkg/engine/internal/match.go index ea42507825f8..9560172c3f51 100644 --- a/pkg/engine/internal/match.go +++ b/pkg/engine/internal/match.go @@ -31,7 +31,7 @@ func MatchPolicyContext(logger logr.Logger, client engineapi.Client, policyConte } if policy.GetSpec().GetMatchConditions() != nil { - if !checkMatchConditions(logger, client, policyContext, gvk, subresource) { + if !checkMatchConditions(logger, policyContext, gvk, subresource) { logger.V(4).Info("webhookConfiguration.matchConditions doesn't match request") return false } @@ -66,7 +66,7 @@ func checkNamespacedPolicy(policy kyvernov1.PolicyInterface, resources ...unstru return true } -func checkMatchConditions(logger logr.Logger, client engineapi.Client, policyContext engineapi.PolicyContext, gvk schema.GroupVersionKind, subresource string) bool { +func checkMatchConditions(logger logr.Logger, policyContext engineapi.PolicyContext, gvk schema.GroupVersionKind, subresource string) bool { policy := policyContext.Policy() old := policyContext.OldResource() new := policyContext.NewResource() diff --git a/pkg/engine/mutation_test.go b/pkg/engine/mutation_test.go index f218a73b2a13..29845b547fae 100644 --- a/pkg/engine/mutation_test.go +++ b/pkg/engine/mutation_test.go @@ -61,7 +61,7 @@ func loadUnstructured(t *testing.T, bytes []byte) unstructured.Unstructured { return resource } -func createContext(t *testing.T, policy kyverno.PolicyInterface, resource unstructured.Unstructured, operation kyverno.AdmissionOperation) *PolicyContext { +func createContext(t *testing.T, policy kyverno.PolicyInterface, resource unstructured.Unstructured) *PolicyContext { ctx, err := NewPolicyContext( jp, resource, @@ -125,7 +125,7 @@ func Test_VariableSubstitutionPatchStrategicMerge(t *testing.T) { }`) policy := loadResource[kyverno.ClusterPolicy](t, policyRaw) resource := loadUnstructured(t, resourceRaw) - policyContext := createContext(t, &policy, resource, kyverno.Create) + policyContext := createContext(t, &policy, resource) er := testMutate(context.TODO(), nil, nil, policyContext, nil) require.Equal(t, 1, len(er.PolicyResponse.Rules)) @@ -186,7 +186,7 @@ func Test_variableSubstitutionPathNotExist(t *testing.T) { policy := loadResource[kyverno.ClusterPolicy](t, policyRaw) resource := loadUnstructured(t, resourceRaw) - policyContext := createContext(t, &policy, resource, kyverno.Create) + policyContext := createContext(t, &policy, resource) er := testMutate(context.TODO(), nil, nil, policyContext, nil) assert.Equal(t, len(er.PolicyResponse.Rules), 1) @@ -252,7 +252,7 @@ func Test_variableSubstitutionCLI(t *testing.T) { policy := loadResource[kyverno.ClusterPolicy](t, policyRaw) resource := loadUnstructured(t, resourceRaw) - policyContext := createContext(t, &policy, resource, kyverno.Create) + policyContext := createContext(t, &policy, resource) ctxLoaderFactory := factories.DefaultContextLoaderFactory( nil, factories.WithInitializer(func(jsonContext enginecontext.Interface) error { @@ -357,7 +357,7 @@ func Test_chained_rules(t *testing.T) { }`) policy := loadResource[kyverno.ClusterPolicy](t, policyRaw) resource := loadUnstructured(t, resourceRaw) - policyContext := createContext(t, &policy, resource, kyverno.Create) + policyContext := createContext(t, &policy, resource) er := testMutate(context.TODO(), nil, nil, policyContext, nil) require.Equal(t, 2, len(er.PolicyResponse.Rules)) @@ -432,7 +432,7 @@ func Test_precondition(t *testing.T) { }`) policy := loadResource[kyverno.ClusterPolicy](t, policyRaw) resource := loadUnstructured(t, resourceRaw) - policyContext := createContext(t, &policy, resource, kyverno.Create) + policyContext := createContext(t, &policy, resource) er := testMutate(context.TODO(), nil, nil, policyContext, nil) require.Equal(t, 1, len(er.PolicyResponse.Rules)) @@ -515,7 +515,7 @@ func Test_nonZeroIndexNumberPatchesJson6902(t *testing.T) { policy := loadResource[kyverno.ClusterPolicy](t, []byte(policyRaw)) resource := loadUnstructured(t, []byte(resourceRaw)) - policyContext := createContext(t, &policy, resource, kyverno.Create) + policyContext := createContext(t, &policy, resource) er := testMutate(context.TODO(), nil, nil, policyContext, nil) require.Equal(t, 2, len(er.PolicyResponse.Rules)) @@ -954,7 +954,7 @@ func Test_foreach_order_mutation_(t *testing.T) { }`) policy := loadResource[kyverno.ClusterPolicy](t, policyRaw) resource := loadUnstructured(t, resourceRaw) - policyContext := createContext(t, &policy, resource, kyverno.Create) + policyContext := createContext(t, &policy, resource) er := testMutate(context.TODO(), nil, nil, policyContext, nil) @@ -1054,7 +1054,7 @@ func Test_patchStrategicMerge_descending(t *testing.T) { }`) policy := loadResource[kyverno.ClusterPolicy](t, policyRaw) resource := loadUnstructured(t, resourceRaw) - policyContext := createContext(t, &policy, resource, kyverno.Create) + policyContext := createContext(t, &policy, resource) er := testMutate(context.TODO(), nil, nil, policyContext, nil) @@ -1154,7 +1154,7 @@ func Test_patchStrategicMerge_ascending(t *testing.T) { }`) policy := loadResource[kyverno.ClusterPolicy](t, policyRaw) resource := loadUnstructured(t, resourceRaw) - policyContext := createContext(t, &policy, resource, kyverno.Create) + policyContext := createContext(t, &policy, resource) er := testMutate(context.TODO(), nil, nil, policyContext, nil) @@ -1348,7 +1348,7 @@ func Test_mutate_nested_foreach(t *testing.T) { policy := loadResource[kyverno.ClusterPolicy](t, policyRaw) resource := loadUnstructured(t, resourceRaw) expected := loadUnstructured(t, expectedRaw) - policyContext := createContext(t, &policy, resource, kyverno.Create) + policyContext := createContext(t, &policy, resource) er := testMutate(context.TODO(), nil, nil, policyContext, nil) require.Equal(t, 1, len(er.PolicyResponse.Rules)) @@ -1848,7 +1848,7 @@ func Test_mutate_existing_resources(t *testing.T) { targets = append(targets, &target) patchedTargets = append(patchedTargets, loadUnstructured(t, test.patchedTargets[i])) } - policyContext := createContext(t, &policy, trigger, kyverno.Create) + policyContext := createContext(t, &policy, trigger) gvrToListKind := map[schema.GroupVersionResource]string{ {Group: patchedTargets[0].GroupVersionKind().Group, Version: patchedTargets[0].GroupVersionKind().Version, Resource: patchedTargets[0].GroupVersionKind().Kind}: test.targetList,