refactor: rename Policy to ValidationPolicy (#109)

Signed-off-by: Charles-Edouard Brétéché <[email protected]>

catalog/aws/policy-1.yaml

@@ -1,5 +1,5 @@
 apiVersion: json.kyverno.io/v1alpha1
-kind: Policy
+kind: ValidationPolicy
 metadata:
   name: test
   labels:
@@ -10,9 +10,8 @@ metadata:
 spec:
   rules:
     - name: foo-bar
-      validate:
-        assert:
-          all:
-          - check:
-              foo:
-                /(bar)/: 10
+      assert:
+        all:
+        - check:
+            foo:
+              /(bar)/: 10

catalog/ecs/policy-1.yaml

@@ -1,13 +1,12 @@
 apiVersion: json.kyverno.io/v1alpha1
-kind: Policy
+kind: ValidationPolicy
 metadata:
   name: test
 spec:
   rules:
     - name: foo-bar
-      validate:
-        assert:
-          all:
-          - check:
-              foo:
-                /(bar)/: 10
+      assert:
+        all:
+        - check:
+            foo:
+              /(bar)/: 10

config/crds/json.kyverno.io_policies.yaml → config/crds/json.kyverno.io_validationpolicies.yaml

@@ -4,20 +4,20 @@ kind: CustomResourceDefinition
 metadata:
   annotations:
     controller-gen.kubebuilder.io/version: v0.12.0
-  name: policies.json.kyverno.io
+  name: validationpolicies.json.kyverno.io
 spec:
   group: json.kyverno.io
   names:
-    kind: Policy
-    listKind: PolicyList
-    plural: policies
-    singular: policy
+    kind: ValidationPolicy
+    listKind: ValidationPolicyList
+    plural: validationpolicies
+    singular: validationpolicy
   scope: Cluster
   versions:
   - name: v1alpha1
     schema:
       openAPIV3Schema:
-        description: Policy is the resource that contains the policy definition.
+        description: ValidationPolicy is the resource that contains the policy definition.
         properties:
           apiVersion:
             description: 'APIVersion defines the versioned schema of this representation
@@ -39,6 +39,42 @@ spec:
                   multiple rules and each rule can validate, mutate, or generate resources.
                 items:
                   properties:
+                    assert:
+                      description: Assert is used to validate matching resources.
+                      properties:
+                        all:
+                          description: All allows specifying resources which will
+                            be ANDed.
+                          items:
+                            properties:
+                              check:
+                                description: Check is the assertion check definition.
+                                type: object
+                                x-kubernetes-preserve-unknown-fields: true
+                              message:
+                                description: Message is the variable associated message.
+                                type: string
+                            required:
+                            - check
+                            type: object
+                          type: array
+                        any:
+                          description: Any allows specifying resources which will
+                            be ORed.
+                          items:
+                            properties:
+                              check:
+                                description: Check is the assertion check definition.
+                                type: object
+                                x-kubernetes-preserve-unknown-fields: true
+                              message:
+                                description: Message is the variable associated message.
+                                type: string
+                            required:
+                            - check
+                            type: object
+                          type: array
+                      type: object
                     context:
                       description: Context defines variables and data sources that
                         can be used during rule execution.
@@ -105,49 +141,6 @@ spec:
                         unique within the policy.
                       maxLength: 63
                       type: string
-                    validate:
-                      description: Validation is used to validate matching resources.
-                      properties:
-                        assert:
-                          description: Assert specifies an overlay-style pattern used
-                            to check resources.
-                          properties:
-                            all:
-                              description: All allows specifying resources which will
-                                be ANDed.
-                              items:
-                                properties:
-                                  check:
-                                    description: Check is the assertion check definition.
-                                    type: object
-                                    x-kubernetes-preserve-unknown-fields: true
-                                  message:
-                                    description: Message is the variable associated
-                                      message.
-                                    type: string
-                                required:
-                                - check
-                                type: object
-                              type: array
-                            any:
-                              description: Any allows specifying resources which will
-                                be ORed.
-                              items:
-                                properties:
-                                  check:
-                                    description: Check is the assertion check definition.
-                                    type: object
-                                    x-kubernetes-preserve-unknown-fields: true
-                                  message:
-                                    description: Message is the variable associated
-                                      message.
-                                    type: string
-                                required:
-                                - check
-                                type: object
-                              type: array
-                          type: object
-                      type: object
                   required:
                   - name
                   type: object

docs/user/apis/md/kyverno-json.v1alpha1.md

@@ -10,36 +10,36 @@ auto_generated: true
 ## Resource Types 
 
 
-- [Policy](#json-kyverno-io-v1alpha1-Policy)
-- [PolicyList](#json-kyverno-io-v1alpha1-PolicyList)
+- [ValidationPolicy](#json-kyverno-io-v1alpha1-ValidationPolicy)
+- [ValidationPolicyList](#json-kyverno-io-v1alpha1-ValidationPolicyList)
 
-## `Policy`     {#json-kyverno-io-v1alpha1-Policy}
+## `ValidationPolicy`     {#json-kyverno-io-v1alpha1-ValidationPolicy}
 
 **Appears in:**
 
-- [PolicyList](#json-kyverno-io-v1alpha1-PolicyList)
+- [ValidationPolicyList](#json-kyverno-io-v1alpha1-ValidationPolicyList)
 
-<p>Policy is the resource that contains the policy definition.</p>
+<p>ValidationPolicy is the resource that contains the policy definition.</p>
 
 
 | Field | Type | Required | Description |
 |---|---|---|---|
 | `apiVersion` | `string` | :white_check_mark: | `json.kyverno.io/v1alpha1` |
-| `kind` | `string` | :white_check_mark: | `Policy` |
+| `kind` | `string` | :white_check_mark: | `ValidationPolicy` |
 | `metadata` | [`meta/v1.ObjectMeta`](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#objectmeta-v1-meta) |  | <p>Standard object's metadata.</p> |
 | `spec` | [`PolicySpec`](#json-kyverno-io-v1alpha1-PolicySpec) | :white_check_mark: | <p>Policy spec.</p> |
 
-## `PolicyList`     {#json-kyverno-io-v1alpha1-PolicyList}
+## `ValidationPolicyList`     {#json-kyverno-io-v1alpha1-ValidationPolicyList}
 
-<p>PolicyList is a list of Policy instances.</p>
+<p>ValidationPolicyList is a list of Policy instances.</p>
 
 
 | Field | Type | Required | Description |
 |---|---|---|---|
 | `apiVersion` | `string` | :white_check_mark: | `json.kyverno.io/v1alpha1` |
-| `kind` | `string` | :white_check_mark: | `PolicyList` |
+| `kind` | `string` | :white_check_mark: | `ValidationPolicyList` |
 | `metadata` | [`meta/v1.ListMeta`](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#listmeta-v1-meta) | :white_check_mark: | *No description provided.* |
-| `items` | [`[]Policy`](#json-kyverno-io-v1alpha1-Policy) | :white_check_mark: | *No description provided.* |
+| `items` | [`[]ValidationPolicy`](#json-kyverno-io-v1alpha1-ValidationPolicy) | :white_check_mark: | *No description provided.* |
 
 ## `Any`     {#json-kyverno-io-v1alpha1-Any}
 
@@ -57,7 +57,7 @@ auto_generated: true
 
 **Appears in:**
 
-- [Validation](#json-kyverno-io-v1alpha1-Validation)
+- [ValidationRule](#json-kyverno-io-v1alpha1-ValidationRule)
 
 | Field | Type | Required | Description |
 |---|---|---|---|
@@ -79,7 +79,7 @@ auto_generated: true
 
 **Appears in:**
 
-- [Rule](#json-kyverno-io-v1alpha1-Rule)
+- [ValidationRule](#json-kyverno-io-v1alpha1-ValidationRule)
 
 <p>ContextEntry adds variables and data sources to a rule Context.</p>
 
@@ -93,7 +93,7 @@ auto_generated: true
 
 **Appears in:**
 
-- [Rule](#json-kyverno-io-v1alpha1-Rule)
+- [ValidationRule](#json-kyverno-io-v1alpha1-ValidationRule)
 
 | Field | Type | Required | Description |
 |---|---|---|---|
@@ -104,13 +104,13 @@ auto_generated: true
 
 **Appears in:**
 
-- [Policy](#json-kyverno-io-v1alpha1-Policy)
+- [ValidationPolicy](#json-kyverno-io-v1alpha1-ValidationPolicy)
 
 | Field | Type | Required | Description |
 |---|---|---|---|
-| `rules` | [`[]Rule`](#json-kyverno-io-v1alpha1-Rule) | :white_check_mark: | <p>Rules is a list of Rule instances. A Policy contains multiple rules and each rule can validate, mutate, or generate resources.</p> |
+| `rules` | [`[]ValidationRule`](#json-kyverno-io-v1alpha1-ValidationRule) | :white_check_mark: | <p>Rules is a list of Rule instances. A Policy contains multiple rules and each rule can validate, mutate, or generate resources.</p> |
 
-## `Rule`     {#json-kyverno-io-v1alpha1-Rule}
+## `ValidationRule`     {#json-kyverno-io-v1alpha1-ValidationRule}
 
 **Appears in:**
 
@@ -122,19 +122,6 @@ auto_generated: true
 | `context` | [`[]ContextEntry`](#json-kyverno-io-v1alpha1-ContextEntry) | :white_check_mark: | <p>Context defines variables and data sources that can be used during rule execution.</p> |
 | `match` | [`Match`](#json-kyverno-io-v1alpha1-Match) | :white_check_mark: | <p>Match defines when this policy rule should be applied. The match criteria can include resource information (e.g. kind, name, namespace, labels) and admission review request information like the user name or role. At least one kind is required.</p> |
 | `exclude` | [`Match`](#json-kyverno-io-v1alpha1-Match) | :white_check_mark: | <p>Exclude defines when this policy rule should not be applied. The exclude criteria can include resource information (e.g. kind, name, namespace, labels) and admission review request information like the name or role.</p> |
-| `validate` | [`Validation`](#json-kyverno-io-v1alpha1-Validation) | :white_check_mark: | <p>Validation is used to validate matching resources.</p> |
-
-## `Validation`     {#json-kyverno-io-v1alpha1-Validation}
-
-**Appears in:**
-
-- [Rule](#json-kyverno-io-v1alpha1-Rule)
-
-<p>Validation defines checks to be performed on matching resources.</p>
-
-
-| Field | Type | Required | Description |
-|---|---|---|---|
-| `assert` | [`Assert`](#json-kyverno-io-v1alpha1-Assert) | :white_check_mark: | <p>Assert specifies an overlay-style pattern used to check resources.</p> |
+| `assert` | [`Assert`](#json-kyverno-io-v1alpha1-Assert) | :white_check_mark: | <p>Assert is used to validate matching resources.</p> |
 
 

hack/docs/catalog/main.go

@@ -21,7 +21,7 @@ const (
 
 type pol struct {
 	Path   string
-	Policy *v1alpha1.Policy
+	Policy *v1alpha1.ValidationPolicy
 }
 
 func (p pol) TargetPath() string {

pkg/apis/v1alpha1/policy.go → pkg/apis/v1alpha1/validation_policy.go

@@ -10,8 +10,8 @@ import (
 // +kubebuilder:object:root=true
 // +kubebuilder:resource:scope=Cluster
 
-// Policy is the resource that contains the policy definition.
-type Policy struct {
+// ValidationPolicy is the resource that contains the policy definition.
+type ValidationPolicy struct {
 	metav1.TypeMeta `json:",inline"`
 
 	// Standard object's metadata.
@@ -24,9 +24,9 @@ type Policy struct {
 
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 
-// PolicyList is a list of Policy instances.
-type PolicyList struct {
+// ValidationPolicyList is a list of Policy instances.
+type ValidationPolicyList struct {
 	metav1.TypeMeta `json:",inline" yaml:",inline"`
 	metav1.ListMeta `json:"metadata" yaml:"metadata"`
-	Items           []Policy `json:"items" yaml:"items"`
+	Items           []ValidationPolicy `json:"items" yaml:"items"`
 }

pkg/apis/v1alpha1/policy_spec.go → pkg/apis/v1alpha1/validation_policy_spec.go

@@ -2,5 +2,5 @@ package v1alpha1
 
 type PolicySpec struct {
 	// Rules is a list of Rule instances. A Policy contains multiple rules and each rule can validate, mutate, or generate resources.
-	Rules []Rule `json:"rules,omitempty"`
+	Rules []ValidationRule `json:"rules,omitempty"`
 }

pkg/apis/v1alpha1/rule.go → pkg/apis/v1alpha1/validation_rule.go

@@ -1,6 +1,6 @@
 package v1alpha1
 
-type Rule struct {
+type ValidationRule struct {
 	// Name is a label to identify the rule, It must be unique within the policy.
 	// +kubebuilder:validation:MaxLength=63
 	Name string `json:"name"`
@@ -19,6 +19,6 @@ type Rule struct {
 	// and admission review request information like the name or role.
 	Exclude *Match `json:"exclude,omitempty"`
 
-	// Validation is used to validate matching resources.
-	Validation *Validation `json:"validate,omitempty"`
+	// Assert is used to validate matching resources.
+	Assert *Assert `json:"assert,omitempty"`
 }