Skip to content

Commit

Permalink
fix open-policy-agent#3261 Sort constraint status audit results (open…
Browse files Browse the repository at this point in the history
…-policy-agent#3277)

Signed-off-by: Prachi Pendse <[email protected]>
Co-authored-by: Max Smythe <[email protected]>
  • Loading branch information
prachirp and maxsmythe authored Feb 22, 2024
1 parent 075b092 commit fed8e15
Showing 1 changed file with 34 additions and 0 deletions.
34 changes: 34 additions & 0 deletions pkg/audit/manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"io"
"os"
"path"
"sort"
"strconv"
"strings"
"time"
Expand Down Expand Up @@ -138,6 +139,36 @@ type updateListEntry struct {
enforcementAction util.EnforcementAction
}

// ByGVKNNMsg implements sort.Interface based on the group, version, kind, name, namespace, and msg fields.
type byGVKNNMsg []updateListEntry

func (a byGVKNNMsg) Len() int {
return len(a)
}

func (a byGVKNNMsg) Less(i, j int) bool {
if a[i].group != a[j].group {
return a[i].group < a[j].group
}
if a[i].version != a[j].version {
return a[i].version < a[j].version
}
if a[i].kind != a[j].kind {
return a[i].kind < a[j].kind
}
if a[i].namespace != a[j].namespace {
return a[i].namespace < a[j].namespace
}
if a[i].name != a[j].name {
return a[i].name < a[j].name
}
return a[i].msg < a[j].msg
}

func (a byGVKNNMsg) Swap(i, j int) {
a[i], a[j] = a[j], a[i]
}

// nsCache is used for caching namespaces and their labels.
type nsCache struct {
cache map[string]corev1.Namespace
Expand Down Expand Up @@ -863,6 +894,9 @@ func (am *Manager) skipExcludedNamespace(obj *unstructured.Unstructured) (bool,
func (ucloop *updateConstraintLoop) updateConstraintStatus(ctx context.Context, instance *unstructured.Unstructured, auditResults []updateListEntry, timestamp string, totalViolations int64) error {
constraintName := instance.GetName()
ucloop.log.Info("updating constraint status", "constraintName", constraintName)
// sort audit results
sort.Sort(byGVKNNMsg(auditResults))

// create constraint status violations
var statusViolations []interface{}
for i := range auditResults {
Expand Down

0 comments on commit fed8e15

Please sign in to comment.