make agent and policies CRD backwards compatible

weaveworks · May 29, 2022 · 61e4ca1 · 61e4ca1
1 parent ab6d14b
commit 61e4ca1
Show file tree

Hide file tree

Showing 13 changed files with 841 additions and 218 deletions.
diff --git a/PROJECT b/PROJECT
@@ -7,6 +7,9 @@ resources:
 - api:
     crdVersion: v1
     namespaced: false
+  - api:
+    crdVersion: v2beta1
+    namespaced: false
   domain: weave.works
   kind: Policy
   path: github.com/weaveworks/policy-agent/api/v1

diff --git a/api/v1/policy_types.go b/api/v1/policy_types.go
@@ -22,16 +22,11 @@ import (
 )
 
 const (
-	PolicyResourceName    = "policies"
-	PolicyKind            = "Policy"
-	PolicySetResourceName = "policysets"
-	PolicySetKind         = "PolicySet"
+	ResourceName = "policies"
+	Kind         = "Policy"
 )
 
-var (
-	PolicyGroupVersionResource    = GroupVersion.WithResource(PolicyResourceName)
-	PolicySetGroupVersionResource = GroupVersion.WithResource(PolicySetResourceName)
-)
+var GroupVersionResource = GroupVersion.WithResource(ResourceName)
 
 // PolicyParameters defines a needed input in a policy
 type PolicyParameters struct {
@@ -59,13 +54,6 @@ type PolicyTargets struct {
 	Namespaces []string `json:"namespaces"`
 }
 
-type PolicyStandard struct {
-	// ID idenitifer of the standarad
-	ID string `json:"id"`
-	// Controls standard controls
-	Controls []string `json:"controls,omitempty"`
-}
-
 // PolicySpec defines the desired state of Policy
 // It describes all that is needed to evaluate a resource against a rego code
 //+kubebuilder:object:generate:true
@@ -77,8 +65,8 @@ type PolicySpec struct {
 	// Code contains the policy rego code
 	Code string `json:"code"`
 	// +optional
-	// Enabled flag for third parties consumers that indicates if this policy should be considered or not
-	Enabled bool `json:"enabled,omitempty"`
+	// Enable specifies if this policy should be used for evaluation or not
+	Enable string `json:"enable,omitempty"`
 	// +optional
 	// Parameters are the inputs needed for the policy validation
 	Parameters []PolicyParameters `json:"parameters,omitempty"`
@@ -99,36 +87,22 @@ type PolicySpec struct {
 	// Severity is a measure of the impact of that policy, can be low, medium or high
 	Severity string `json:"severity"`
 	// +optional
-	// Standards is a list of policy standards that this policy falls under
-	Standards []PolicyStandard `json:"standards"`
-}
-
-type PolicySetFilters struct {
-	IDs        []string `json:"ids,omitempty"`
-	Categories []string `json:"categories,omitempty"`
-	Severities []string `json:"severities,omitempty"`
-	Standards  []string `json:"standards,omitempty"`
-	Tags       []string `json:"tags,omitempty"`
-}
-
-type PolicySetSpec struct {
-	ID      string           `json:"id"`
-	Name    string           `json:"name"`
-	Filters PolicySetFilters `json:"filters"`
+	// Controls is a list of policy controls that this policy falls under
+	Controls []string `json:"controls,omitempty"`
 }
 
-// +kubebuilder:object:root=true
+//+kubebuilder:object:root=true
 // +kubebuilder:resource:scope=Cluster
 
 // Policy is the Schema for the policies API
 type Policy struct {
 	metav1.TypeMeta   `json:",inline"`
 	metav1.ObjectMeta `json:"metadata,omitempty"`
-	Spec              PolicySpec `json:"spec,omitempty"`
+
+	Spec PolicySpec `json:"spec,omitempty"`
 }
 
-// +kubebuilder:object:root=true
-// +kubebuilder:resource:scope=Cluster
+//+kubebuilder:object:root=true
 
 // PolicyList contains a list of Policy
 type PolicyList struct {
@@ -137,27 +111,6 @@ type PolicyList struct {
 	Items           []Policy `json:"items"`
 }
 
-// +kubebuilder:object:root=true
-// +kubebuilder:resource:scope=Cluster
-
-// PolicySet is the Schema for the policysets API
-type PolicySet struct {
-	metav1.TypeMeta   `json:",inline"`
-	metav1.ObjectMeta `json:"metadata,omitempty"`
-
-	Spec PolicySetSpec `json:"spec,omitempty"`
-}
-
-// +kubebuilder:object:root=true
-// +kubebuilder:resource:scope=Cluster
-
-// PolicySetList contains a list of PolicySet
-type PolicySetList struct {
-	metav1.TypeMeta `json:",inline"`
-	metav1.ListMeta `json:"metadata,omitempty"`
-	Items           []PolicySet `json:"items"`
-}
-
 func init() {
-	SchemeBuilder.Register(&Policy{}, &PolicyList{}, &PolicySet{}, &PolicySetList{})
+	SchemeBuilder.Register(&Policy{}, &PolicyList{})
 }
diff --git a/api/v1/zz_generated.deepcopy.go b/api/v1/zz_generated.deepcopy.go
diff --git a/api/v2beta1/groupversion_info.go b/api/v2beta1/groupversion_info.go
@@ -0,0 +1,36 @@
+/*
+Copyright 2022.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package v1 contains API Schema definitions for the  v1 API group
+//+kubebuilder:object:generate=true
+//+groupName=pac.weave.works
+package v2beta1
+
+import (
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"sigs.k8s.io/controller-runtime/pkg/scheme"
+)
+
+var (
+	// GroupVersion is group version used to register these objects
+	GroupVersion = schema.GroupVersion{Group: "pac.weave.works", Version: "v2beta1"}
+
+	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
+	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}
+
+	// AddToScheme adds the types in this group-version to the given scheme.
+	AddToScheme = SchemeBuilder.AddToScheme
+)