feat: bump update request api version (kyverno#10508)

* feat: bump update request api version

Signed-off-by: Charles-Edouard Brétéché <[email protected]>

* use v2

Signed-off-by: Charles-Edouard Brétéché <[email protected]>

* codegen

Signed-off-by: Charles-Edouard Brétéché <[email protected]>

* codegen

Signed-off-by: Charles-Edouard Brétéché <[email protected]>

* fix linter

Signed-off-by: Charles-Edouard Brétéché <[email protected]>

* fix linter

Signed-off-by: Charles-Edouard Brétéché <[email protected]>

---------

Signed-off-by: Charles-Edouard Brétéché <[email protected]>

Makefile

@@ -403,6 +403,7 @@ GOPATH_SHIM                 := ${PWD}/.gopath
 PACKAGE_SHIM                := $(GOPATH_SHIM)/src/$(PACKAGE)
 OUT_PACKAGE                 := $(PACKAGE)/pkg/client
 INPUT_DIRS                  := $(PACKAGE)/api/kyverno/v1,$(PACKAGE)/api/kyverno/v1beta1,$(PACKAGE)/api/kyverno/v2,$(PACKAGE)/api/kyverno/v2beta1,$(PACKAGE)/api/kyverno/v2alpha1,$(PACKAGE)/api/reports/v1,$(PACKAGE)/api/policyreport/v1alpha2
+CLIENT_INPUT_DIRS           := $(PACKAGE)/api/kyverno/v1,$(PACKAGE)/api/kyverno/v2,$(PACKAGE)/api/kyverno/v2beta1,$(PACKAGE)/api/kyverno/v2alpha1,$(PACKAGE)/api/reports/v1,$(PACKAGE)/api/policyreport/v1alpha2
 CLIENTSET_PACKAGE           := $(OUT_PACKAGE)/clientset
 LISTERS_PACKAGE             := $(OUT_PACKAGE)/listers
 INFORMERS_PACKAGE           := $(OUT_PACKAGE)/informers
@@ -432,7 +433,7 @@ codegen-client-clientset: $(PACKAGE_SHIM) $(CLIENT_GEN) ## Generate clientset
 		--clientset-name versioned \
 		--output-package $(CLIENTSET_PACKAGE) \
 		--input-base "" \
-		--input $(INPUT_DIRS)
+		--input $(CLIENT_INPUT_DIRS)
 
 .PHONY: codegen-client-listers
 codegen-client-listers: $(PACKAGE_SHIM) $(LISTER_GEN) ## Generate listers
@@ -441,7 +442,7 @@ codegen-client-listers: $(PACKAGE_SHIM) $(LISTER_GEN) ## Generate listers
 	@GOPATH=$(GOPATH_SHIM) $(LISTER_GEN) \
 		--go-header-file ./scripts/boilerplate.go.txt \
 		--output-package $(LISTERS_PACKAGE) \
-		--input-dirs $(INPUT_DIRS)
+		--input-dirs $(CLIENT_INPUT_DIRS)
 
 .PHONY: codegen-client-informers
 codegen-client-informers: $(PACKAGE_SHIM) $(INFORMER_GEN) ## Generate informers
@@ -450,7 +451,7 @@ codegen-client-informers: $(PACKAGE_SHIM) $(INFORMER_GEN) ## Generate informers
 	@GOPATH=$(GOPATH_SHIM) $(INFORMER_GEN) \
 		--go-header-file ./scripts/boilerplate.go.txt \
 		--output-package $(INFORMERS_PACKAGE) \
-		--input-dirs $(INPUT_DIRS) \
+		--input-dirs $(CLIENT_INPUT_DIRS) \
 		--versioned-clientset-package $(CLIENTSET_PACKAGE)/versioned \
 		--listers-package $(LISTERS_PACKAGE)
 

api/kyverno/v1beta1/updaterequest_types.go

@@ -45,7 +45,6 @@ type UpdateRequestStatus struct {
 // +genclient
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 // +kubebuilder:object:root=true
-// +kubebuilder:storageversion
 // +kubebuilder:subresource:status
 // +kubebuilder:printcolumn:name="Policy",type="string",JSONPath=".spec.policy"
 // +kubebuilder:printcolumn:name="Rule",type="string",JSONPath=".spec.rule"
@@ -56,6 +55,7 @@ type UpdateRequestStatus struct {
 // +kubebuilder:printcolumn:name="status",type="string",JSONPath=".status.state"
 // +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
 // +kubebuilder:resource:shortName=ur,categories=kyverno
+// +kubebuilder:deprecatedversion
 
 // UpdateRequest is a request to process mutate and generate rules in background.
 type UpdateRequest struct {

api/kyverno/v2/constants.go

@@ -0,0 +1,18 @@
+package v2
+
+const (
+	// URMutatePolicyLabel adds the policy name to URs for mutate policies
+	URMutatePolicyLabel            = "mutate.updaterequest.kyverno.io/policy-name"
+	URMutateTriggerNameLabel       = "mutate.updaterequest.kyverno.io/trigger-name"
+	URMutateTriggerNSLabel         = "mutate.updaterequest.kyverno.io/trigger-namespace"
+	URMutateTriggerKindLabel       = "mutate.updaterequest.kyverno.io/trigger-kind"
+	URMutateTriggerAPIVersionLabel = "mutate.updaterequest.kyverno.io/trigger-apiversion"
+
+	// URGeneratePolicyLabel adds the policy name to URs for generate policies
+	URGeneratePolicyLabel          = "generate.kyverno.io/policy-name"
+	URGenerateResourceNameLabel    = "generate.kyverno.io/resource-name"
+	URGenerateResourceUIDLabel     = "generate.kyverno.io/resource-uid"
+	URGenerateResourceNSLabel      = "generate.kyverno.io/resource-namespace"
+	URGenerateResourceKindLabel    = "generate.kyverno.io/resource-kind"
+	URGenerateRetryCountAnnotation = "generate.kyverno.io/retry-count"
+)

api/kyverno/v2/updaterequest_types.go

@@ -51,6 +51,7 @@ type UpdateRequestStatus struct {
 // +kubebuilder:printcolumn:name="status",type="string",JSONPath=".status.state"
 // +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
 // +kubebuilder:resource:shortName=ur,categories=kyverno
+// +kubebuilder:storageversion
 
 // UpdateRequest is a request to process mutate and generate rules in background.
 type UpdateRequest struct {

charts/kyverno/charts/crds/templates/kyverno.io/kyverno.io_updaterequests.yaml

@@ -49,6 +49,7 @@ spec:
     - jsonPath: .metadata.creationTimestamp
       name: Age
       type: date
+    deprecated: true
     name: v1beta1
     schema:
       openAPIV3Schema:
@@ -406,7 +407,7 @@ spec:
             type: object
         type: object
     served: true
-    storage: true
+    storage: false
     subresources:
       status: {}
   - additionalPrinterColumns:
@@ -785,7 +786,7 @@ spec:
             type: object
         type: object
     served: true
-    storage: false
+    storage: true
     subresources:
       status: {}
 {{- end }}

cmd/background-controller/main.go

@@ -61,7 +61,7 @@ func createrLeaderControllers(
 		eng,
 		kyvernoInformer.Kyverno().V1().ClusterPolicies(),
 		kyvernoInformer.Kyverno().V1().Policies(),
-		kyvernoInformer.Kyverno().V1beta1().UpdateRequests(),
+		kyvernoInformer.Kyverno().V2().UpdateRequests(),
 		configuration,
 		eventGenerator,
 		kubeInformer.Core().V1().Namespaces(),
@@ -80,7 +80,7 @@ func createrLeaderControllers(
 		eng,
 		kyvernoInformer.Kyverno().V1().ClusterPolicies(),
 		kyvernoInformer.Kyverno().V1().Policies(),
-		kyvernoInformer.Kyverno().V1beta1().UpdateRequests(),
+		kyvernoInformer.Kyverno().V2().UpdateRequests(),
 		kubeInformer.Core().V1().Namespaces(),
 		eventGenerator,
 		configuration,

cmd/cli/kubectl-kyverno/apis/v1alpha1/user_info.go

@@ -1,7 +1,7 @@
 package v1alpha1
 
 import (
-	kyvernov1beta1 "github.com/kyverno/kyverno/api/kyverno/v1beta1"
+	kyvernov2 "github.com/kyverno/kyverno/api/kyverno/v2"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
@@ -15,5 +15,5 @@ type UserInfo struct {
 	metav1.ObjectMeta `json:"metadata,omitempty"`
 
 	// RequestInfo declares user infos
-	kyvernov1beta1.RequestInfo `json:",inline"`
+	kyvernov2.RequestInfo `json:",inline"`
 }

cmd/cli/kubectl-kyverno/commands/apply/command.go

@@ -12,7 +12,7 @@ import (
 
 	"github.com/go-git/go-billy/v5/memfs"
 	kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
-	"github.com/kyverno/kyverno/api/kyverno/v1beta1"
+	kyvernov2 "github.com/kyverno/kyverno/api/kyverno/v2"
 	kyvernov2beta1 "github.com/kyverno/kyverno/api/kyverno/v2beta1"
 	"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/command"
 	"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/deprecations"
@@ -141,7 +141,7 @@ func (c *ApplyCommandConfig) applyCommandHelper(out io.Writer) (*processor.Resul
 	if err != nil {
 		return rc, resources1, skipInvalidPolicies, responses1, err
 	}
-	var userInfo *v1beta1.RequestInfo
+	var userInfo *kyvernov2.RequestInfo
 	if c.UserInfoPath != "" {
 		info, err := userinfo.Load(nil, c.UserInfoPath, "")
 		if err != nil {
@@ -263,7 +263,7 @@ func (c *ApplyCommandConfig) applyPolicytoResource(
 	exceptions []*kyvernov2beta1.PolicyException,
 	skipInvalidPolicies *SkippedInvalidPolicies,
 	dClient dclient.Interface,
-	userInfo *v1beta1.RequestInfo,
+	userInfo *kyvernov2.RequestInfo,
 	mutateLogPathIsDir bool,
 ) (*processor.ResultCounts, []*unstructured.Unstructured, []engineapi.EngineResponse, error) {
 	if vars != nil {

cmd/cli/kubectl-kyverno/commands/create/user-info/command.go

@@ -4,7 +4,7 @@ import (
 	"os"
 	"text/template"
 
-	"github.com/kyverno/kyverno/api/kyverno/v1beta1"
+	kyvernov2 "github.com/kyverno/kyverno/api/kyverno/v2"
 	"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/command"
 	"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/commands/create/templates"
 	"github.com/spf13/cobra"
@@ -36,7 +36,7 @@ func Command() *cobra.Command {
 				defer file.Close()
 				output = file
 			}
-			values := v1beta1.RequestInfo{
+			values := kyvernov2.RequestInfo{
 				Roles:        roles,
 				ClusterRoles: clusterRoles,
 				AdmissionUserInfo: authenticationv1.UserInfo{

cmd/cli/kubectl-kyverno/commands/test/test.go

@@ -5,7 +5,7 @@ import (
 	"io"
 
 	kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
-	"github.com/kyverno/kyverno/api/kyverno/v1beta1"
+	kyvernov2 "github.com/kyverno/kyverno/api/kyverno/v2"
 	"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/deprecations"
 	"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/exception"
 	"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/log"
@@ -45,7 +45,7 @@ func runTest(out io.Writer, testCase test.TestCase, registryAccess bool) ([]engi
 		return nil, err
 	}
 	// user info
-	var userInfo *v1beta1.RequestInfo
+	var userInfo *kyvernov2.RequestInfo
 	if testCase.Test.UserInfo != "" {
 		fmt.Fprintln(out, "  Loading user infos", "...")
 		info, err := userinfo.Load(testCase.Fs, testCase.Test.UserInfo, testDir)

cmd/cli/kubectl-kyverno/processor/generate.go

@@ -6,7 +6,7 @@ import (
 	"strings"
 
 	kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
-	kyvernov1beta1 "github.com/kyverno/kyverno/api/kyverno/v1beta1"
+	kyvernov2 "github.com/kyverno/kyverno/api/kyverno/v2"
 	"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/log"
 	"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/resource"
 	"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/store"
@@ -80,9 +80,9 @@ func handleGeneratePolicy(out io.Writer, store *store.Store, generateResponse *e
 		return nil, err
 	}
 
-	gr := kyvernov1beta1.UpdateRequest{
-		Spec: kyvernov1beta1.UpdateRequestSpec{
-			Type:   kyvernov1beta1.Generate,
+	gr := kyvernov2.UpdateRequest{
+		Spec: kyvernov2.UpdateRequestSpec{
+			Type:   kyvernov2.Generate,
 			Policy: generateResponse.Policy().GetName(),
 			Resource: kyvernov1.ResourceSpec{
 				Kind:       generateResponse.Resource.GetKind(),

cmd/cli/kubectl-kyverno/processor/policy_processor.go

@@ -10,7 +10,7 @@ import (
 
 	json_patch "github.com/evanphx/json-patch/v5"
 	kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
-	kyvernov1beta1 "github.com/kyverno/kyverno/api/kyverno/v1beta1"
+	kyvernov2 "github.com/kyverno/kyverno/api/kyverno/v2"
 	kyvernov2beta1 "github.com/kyverno/kyverno/api/kyverno/v2beta1"
 	"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/apis/v1alpha1"
 	"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/log"
@@ -44,7 +44,7 @@ type PolicyProcessor struct {
 	MutateLogPath             string
 	MutateLogPathIsDir        bool
 	Variables                 *variables.Variables
-	UserInfo                  *kyvernov1beta1.RequestInfo
+	UserInfo                  *kyvernov2.RequestInfo
 	PolicyReport              bool
 	NamespaceSelectorMap      map[string]map[string]string
 	Stdin                     bool

cmd/cli/kubectl-kyverno/userinfo/userinfo_test.go

@@ -7,7 +7,7 @@ import (
 
 	"github.com/go-git/go-billy/v5"
 	"github.com/go-git/go-billy/v5/memfs"
-	kyvernov1beta1 "github.com/kyverno/kyverno/api/kyverno/v1beta1"
+	kyvernov2 "github.com/kyverno/kyverno/api/kyverno/v2"
 	"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/apis/v1alpha1"
 	authenticationv1 "k8s.io/api/authentication/v1"
 )
@@ -57,7 +57,7 @@ func TestLoad(t *testing.T) {
 		path:         "../_testdata/user-infos/valid.yaml",
 		resourcePath: "",
 		want: &v1alpha1.UserInfo{
-			RequestInfo: kyvernov1beta1.RequestInfo{
+			RequestInfo: kyvernov2.RequestInfo{
 				ClusterRoles: []string{"cluster-admin"},
 				AdmissionUserInfo: authenticationv1.UserInfo{
 					Username: "[email protected]",
@@ -85,7 +85,7 @@ func TestLoad(t *testing.T) {
 		path:         "valid.yaml",
 		resourcePath: "",
 		want: &v1alpha1.UserInfo{
-			RequestInfo: kyvernov1beta1.RequestInfo{
+			RequestInfo: kyvernov2.RequestInfo{
 				ClusterRoles: []string{"cluster-admin"},
 				AdmissionUserInfo: authenticationv1.UserInfo{
 					Username: "[email protected]",

cmd/kyverno/main.go

@@ -507,7 +507,7 @@ func main() {
 		// create webhooks server
 		urgen := webhookgenerate.NewGenerator(
 			setup.KyvernoClient,
-			kyvernoInformer.Kyverno().V1beta1().UpdateRequests(),
+			kyvernoInformer.Kyverno().V2().UpdateRequests(),
 			urGenerator,
 		)
 		policyHandlers := webhookspolicy.NewHandlers(
@@ -523,7 +523,7 @@ func main() {
 			setup.MetricsManager,
 			policyCache,
 			kubeInformer.Core().V1().Namespaces().Lister(),
-			kyvernoInformer.Kyverno().V1beta1().UpdateRequests().Lister().UpdateRequests(config.KyvernoNamespace()),
+			kyvernoInformer.Kyverno().V2().UpdateRequests().Lister().UpdateRequests(config.KyvernoNamespace()),
 			kyvernoInformer.Kyverno().V1().ClusterPolicies(),
 			kyvernoInformer.Kyverno().V1().Policies(),
 			urgen,

config/crds/kyverno/kyverno.io_updaterequests.yaml

@@ -43,6 +43,7 @@ spec:
     - jsonPath: .metadata.creationTimestamp
       name: Age
       type: date
+    deprecated: true
     name: v1beta1
     schema:
       openAPIV3Schema:
@@ -400,7 +401,7 @@ spec:
             type: object
         type: object
     served: true
-    storage: true
+    storage: false
     subresources:
       status: {}
   - additionalPrinterColumns:
@@ -779,6 +780,6 @@ spec:
             type: object
         type: object
     served: true
-    storage: false
+    storage: true
     subresources:
       status: {}

config/install-latest-testing.yaml

@@ -40657,6 +40657,7 @@ spec:
     - jsonPath: .metadata.creationTimestamp
       name: Age
       type: date
+    deprecated: true
     name: v1beta1
     schema:
       openAPIV3Schema:
@@ -41014,7 +41015,7 @@ spec:
             type: object
         type: object
     served: true
-    storage: true
+    storage: false
     subresources:
       status: {}
   - additionalPrinterColumns:
@@ -41393,7 +41394,7 @@ spec:
             type: object
         type: object
     served: true
-    storage: false
+    storage: true
     subresources:
       status: {}
 ---

docs/user/cli/crd/index.html

@@ -233,7 +233,7 @@ <h3 id="cli.kyverno.io/v1alpha1.UserInfo">UserInfo
 <td>
 <code>RequestInfo</code><br/>
 <em>
-github.com/kyverno/kyverno/api/kyverno/v1beta1.RequestInfo
+github.com/kyverno/kyverno/api/kyverno/v2.RequestInfo
 </em>
 </td>
 <td>

docs/user/cli/crd/kyverno_kubectl.v1alpha1.html

@@ -458,7 +458,7 @@ <H3 id="cli-kyverno-io-v1alpha1-UserInfo">UserInfo
 
 
 
-              <span style="font-family: monospace">github.com/kyverno/kyverno/api/kyverno/v1beta1.RequestInfo</span>
+              <span style="font-family: monospace">github.com/kyverno/kyverno/api/kyverno/v2.RequestInfo</span>
 
 
         </td>

pkg/background/common/context.go

@@ -5,7 +5,7 @@ import (
 
 	"github.com/go-logr/logr"
 	kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
-	kyvernov1beta1 "github.com/kyverno/kyverno/api/kyverno/v1beta1"
+	kyvernov2 "github.com/kyverno/kyverno/api/kyverno/v2"
 	"github.com/kyverno/kyverno/pkg/clients/dclient"
 	"github.com/kyverno/kyverno/pkg/config"
 	"github.com/kyverno/kyverno/pkg/engine"
@@ -17,7 +17,7 @@ import (
 func NewBackgroundContext(
 	logger logr.Logger,
 	dclient dclient.Interface,
-	ur *kyvernov1beta1.UpdateRequest,
+	ur *kyvernov2.UpdateRequest,
 	policy kyvernov1.PolicyInterface,
 	trigger *unstructured.Unstructured,
 	cfg config.Configuration,