feat: add ruleset api(#1844)

* fix(controller): decode old object for delete requests Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * fix(config): remove usergroups default Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * fix(config): remove usergroups default Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * sec(ghsa-2ww6-hf35-mfjm): intercept namespace subresource Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(api): add rulestatus api Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(api): add rulestatus api Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(api): add rulestatus api Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(api): add rulestatus api Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(api): add rulestatus api Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(api): add rulestatus api Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(api): add rulestatus api Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
2026-02-14 18:09:58 +00:00 · 2026-01-27 14:28:48 +01:00
parent b9a14a954d
commit a6b830b1af
284 changed files with 12699 additions and 2162 deletions
--- a/internal/controllers/pod/metadata.go
+++ b/internal/controllers/pod/metadata.go
@@ -21,6 +21,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/reconcile"

 	capsulev1beta2 "github.com/projectcapsule/capsule/api/v1beta2"
+	caperrors "github.com/projectcapsule/capsule/pkg/api/errors"
 	"github.com/projectcapsule/capsule/pkg/utils"
 )

@@ -30,6 +31,7 @@ type MetadataReconciler struct {

 func (m *MetadataReconciler) SetupWithManager(ctx context.Context, mgr ctrl.Manager) error {
 	return ctrl.NewControllerManagedBy(mgr).
+		Named("capsule/pod").
 		For(&corev1.Pod{}, m.forOptionPerInstanceName(ctx)).
 		Complete(m)
 }
@@ -41,9 +43,9 @@ func (m *MetadataReconciler) Reconcile(ctx context.Context, request ctrl.Request

 	tenant, err := m.getTenant(ctx, request.NamespacedName, m.Client)
 	if err != nil {
-		noTenantObjError := &NonTenantObjectError{}
+		noTenantObjError := &caperrors.NonTenantObjectError{}

-		noPodMetaError := &NoPodMetadataError{}
+		noPodMetaError := &caperrors.NoPodMetadataError{}
 		if errors.As(err, &noTenantObjError) || errors.As(err, &noPodMetaError) {
 			return reconcile.Result{}, nil
 		}
@@ -82,7 +84,7 @@ func (m *MetadataReconciler) getTenant(ctx context.Context, namespacedName types

 	capsuleLabel, _ := utils.GetTypeLabel(&capsulev1beta2.Tenant{})
 	if _, ok := ns.GetLabels()[capsuleLabel]; !ok {
-		return nil, NewNonTenantObject(namespacedName.Name)
+		return nil, caperrors.NewNonTenantObject(namespacedName.Name)
 	}

 	if err := client.Get(ctx, types.NamespacedName{Name: ns.Labels[capsuleLabel]}, tenant); err != nil {
@@ -90,7 +92,7 @@ func (m *MetadataReconciler) getTenant(ctx context.Context, namespacedName types
 	}

 	if tenant.Spec.PodOptions == nil || tenant.Spec.PodOptions.AdditionalMetadata == nil {
-		return nil, NewNoPodMetadata(namespacedName.Name)
+		return nil, caperrors.NewNoPodMetadata(namespacedName.Name)
 	}

 	return tenant, nil