From 0b4e0d37856dae449f594525dc78fb1a6aa8c3a9 Mon Sep 17 00:00:00 2001 From: Franco Date: Fri, 31 Jan 2025 12:14:03 -0300 Subject: [PATCH] Handle delition of PolicyExceptions with MatchingLabels --- internal/controller/policymanifest_controller.go | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/internal/controller/policymanifest_controller.go b/internal/controller/policymanifest_controller.go index 96783aa..4121bcc 100644 --- a/internal/controller/policymanifest_controller.go +++ b/internal/controller/policymanifest_controller.go @@ -68,7 +68,16 @@ func (r *PolicyManifestReconciler) Reconcile(ctx context.Context, req ctrl.Reque // Check if the PolicyManifest has any exceptions defined before creation if len(polman.Spec.Exceptions) == 0 && len(polman.Spec.AutomatedExceptions) == 0 { - // TODO: Cleanup exceptions if they exist + // Create label selector + labelSelector := client.MatchingLabels{ + GSPolicy: polman.ObjectMeta.Labels[GSPolicy], + ManagedBy: ComponentName, + } + // Delete Exception + if err := r.DeleteAllOf(ctx, &kyvernov2beta1.PolicyException{}, labelSelector); err != nil { + log.Log.Error(err, fmt.Sprintf("unable to delete PolicyException for %s", polman.ObjectMeta.Name)) + return ctrl.Result{}, nil + } // Exit since there are no exceptions return utils.JitterRequeue(DefaultRequeueDuration, r.MaxJitterPercent, r.Log), nil } @@ -80,7 +89,7 @@ func (r *PolicyManifestReconciler) Reconcile(ctx context.Context, req ctrl.Reque kyvernoPolicyException.Name = fmt.Sprintf("gs-kpo-%s-exceptions", polman.ObjectMeta.Name) // Set labels. kyvernoPolicyException.Labels = generateLabels() - kyvernoPolicyException.Labels["policy.giantswarm.io/policy"] = polman.ObjectMeta.Labels["policy.giantswarm.io/policy"] + kyvernoPolicyException.Labels[GSPolicy] = polman.ObjectMeta.Labels[GSPolicy] kyvernoPolicyException.Spec.Background = &r.Background