Skip to content

Commit

Permalink
Add volatile configuration option
Browse files Browse the repository at this point in the history 
With this it is now possible to define a per-source include or exclude
configuration that is applicable for certain date range.

resolves #191
  • Loading branch information
@zregvart
zregvart committed Oct 27, 2023
1 parent d20a480 commit f06fe20
Show file tree
Hide file tree
Showing 5 changed files with 187 additions and 0 deletions.
42 changes: 42 additions & 0 deletions api/config/appstudio.redhat.com_enterprisecontractpolicies.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,48 @@ spec:
description: Arbitrary rule data that will be visible to policy rules
type: object
x-kubernetes-preserve-unknown-fields: true
volatileConfig:
description: Specifies volatile configuration that can include or exclude policy rules based on effective time.
properties:
exclude:
description: Exclude is a set of policy exclusions that, in case of failure, do not block the success of the outcome.
items:
properties:
effectiveOn:
format: date-time
type: string
effectiveUntil:
format: date-time
type: string
value:
type: string
required:
- value
type: object
type: array
x-kubernetes-list-map-keys:
- value
x-kubernetes-list-type: map
include:
description: Include is a set of policy inclusions that are added to the policy evaluation. These take precedence over policy exclusions.
items:
properties:
effectiveOn:
format: date-time
type: string
effectiveUntil:
format: date-time
type: string
value:
type: string
required:
- value
type: object
type: array
x-kubernetes-list-map-keys:
- value
x-kubernetes-list-type: map
type: object
type: object
minItems: 1
type: array
Expand Down
31 changes: 31 additions & 0 deletions api/v1alpha1/enterprisecontractpolicy_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,11 @@ type Source struct {
// +optional
// +kubebuilder:validation:Type:=object
Config *SourceConfig `json:"config,omitempty"`
// Specifies volatile configuration that can include or exclude policy rules
// based on effective time.
// +optional
// +kubebuilder:validation:Type:=object
VolatileConfig *VolatileSourceConfig `json:"volatileConfig,omitempty"`
}

// SourceConfig specifies config options for a policy source.
Expand All @@ -85,6 +90,32 @@ type SourceConfig struct {
Include []string `json:"include,omitempty"`
}

type VolatileCriteria struct {
Value string `json:"value"`
// +optional
// +kubebuilder:validation:Format:=date-time
EffectiveOn string `json:"effectiveOn,omitempty"`
// +optional
// +kubebuilder:validation:Format:=date-time
EffectiveUntil string `json:"effectiveUntil,omitempty"`
}

// VolatileSourceConfig specifies volatile configuration for a policy source.
type VolatileSourceConfig struct {
// Exclude is a set of policy exclusions that, in case of failure, do not block
// the success of the outcome.
// +optional
// +listType:=map
// +listMapKey:=value
Exclude []VolatileCriteria `json:"exclude,omitempty"`
// Include is a set of policy inclusions that are added to the policy evaluation.
// These take precedence over policy exclusions.
// +optional
// +listType:=map
// +listMapKey:=value
Include []VolatileCriteria `json:"include,omitempty"`
}

// EnterpriseContractPolicyConfiguration configuration of modifications to policy evaluation.
// DEPRECATED: Use the config for a policy source instead.
type EnterpriseContractPolicyConfiguration struct {
Expand Down
45 changes: 45 additions & 0 deletions api/v1alpha1/zz_generated.deepcopy.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

42 changes: 42 additions & 0 deletions config/crd/bases/appstudio.redhat.com_enterprisecontractpolicies.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,48 @@ spec:
description: Arbitrary rule data that will be visible to policy rules
type: object
x-kubernetes-preserve-unknown-fields: true
volatileConfig:
description: Specifies volatile configuration that can include or exclude policy rules based on effective time.
properties:
exclude:
description: Exclude is a set of policy exclusions that, in case of failure, do not block the success of the outcome.
items:
properties:
effectiveOn:
format: date-time
type: string
effectiveUntil:
format: date-time
type: string
value:
type: string
required:
- value
type: object
type: array
x-kubernetes-list-map-keys:
- value
x-kubernetes-list-type: map
include:
description: Include is a set of policy inclusions that are added to the policy evaluation. These take precedence over policy exclusions.
items:
properties:
effectiveOn:
format: date-time
type: string
effectiveUntil:
format: date-time
type: string
value:
type: string
required:
- value
type: object
type: array
x-kubernetes-list-map-keys:
- value
x-kubernetes-list-type: map
type: object
type: object
minItems: 1
type: array
Expand Down
27 changes: 27 additions & 0 deletions docs/modules/ROOT/pages/reference.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -143,6 +143,7 @@ Appears In: xref:{anchor_prefix}-github-com-enterprise-contract-enterprise-contr
| *`data`* __string array__ | List of go-getter style policy data source urls
| *`ruleData`* __xref:{anchor_prefix}-k8s-io-apiextensions-apiserver-pkg-apis-apiextensions-v1-json[$$JSON$$]__ | Arbitrary rule data that will be visible to policy rules
| *`config`* __xref:{anchor_prefix}-github-com-enterprise-contract-enterprise-contract-controller-api-v1alpha1-sourceconfig[$$SourceConfig$$]__ | Config specifies which policy rules are included, or excluded, from the provided policy source urls.
| *`volatileConfig`* __xref:{anchor_prefix}-github-com-enterprise-contract-enterprise-contract-controller-api-v1alpha1-volatilesourceconfig[$$VolatileSourceConfig$$]__ | Specifies volatile configuration that can include or exclude policy rules based on effective time.
|===


Expand All @@ -162,3 +163,29 @@ Appears In: xref:{anchor_prefix}-github-com-enterprise-contract-enterprise-contr
|===


[id="{anchor_prefix}-github-com-enterprise-contract-enterprise-contract-controller-api-v1alpha1-volatilecriteria"]
=== VolatileCriteria (xref:{anchor_prefix}-github-com-enterprise-contract-enterprise-contract-controller-api-v1alpha1-struct-value string -json-value- effectiveon string -json-effectiveon-omitempty- effectiveuntil string -json-effectiveuntil-omitempty-[$$struct{Value string "json:\"value\""; EffectiveOn string "json:\"effectiveOn,omitempty\""; EffectiveUntil string "json:\"effectiveUntil,omitempty\""}$$])



[quote]
Appears In: xref:{anchor_prefix}-github-com-enterprise-contract-enterprise-contract-controller-api-v1alpha1-volatilesourceconfig[$$VolatileSourceConfig$$]



[id="{anchor_prefix}-github-com-enterprise-contract-enterprise-contract-controller-api-v1alpha1-volatilesourceconfig"]
=== VolatileSourceConfig

VolatileSourceConfig specifies volatile configuration for a policy source.

[quote]
Appears In: xref:{anchor_prefix}-github-com-enterprise-contract-enterprise-contract-controller-api-v1alpha1-source[$$Source$$]

[cols="25a,75a", options="header"]
|===
| Field | Description
| *`exclude`* __xref:{anchor_prefix}-github-com-enterprise-contract-enterprise-contract-controller-api-v1alpha1-volatilecriteria[$$VolatileCriteria$$] array__ | Exclude is a set of policy exclusions that, in case of failure, do not block the success of the outcome.
| *`include`* __xref:{anchor_prefix}-github-com-enterprise-contract-enterprise-contract-controller-api-v1alpha1-volatilecriteria[$$VolatileCriteria$$] array__ | Include is a set of policy inclusions that are added to the policy evaluation. These take precedence over policy exclusions.
|===


0 comments on commit f06fe20

Please sign in to comment.