(ctx context.Context, k8sClient Client, fetcher catalog.Fetcher, policy *catalog.Policy, bundleName string, opts *InstallOptions, result *InstallResult)
| 144 | } |
| 145 | |
| 146 | func installPolicy(ctx context.Context, k8sClient Client, fetcher catalog.Fetcher, policy *catalog.Policy, bundleName string, opts *InstallOptions, result *InstallResult) (skipped bool, err error) { |
| 147 | // Fetch template YAML |
| 148 | templateData, err := fetcher.FetchContent(ctx, policy.TemplatePath) |
| 149 | if err != nil { |
| 150 | return false, fmt.Errorf("fetching template: %w", err) |
| 151 | } |
| 152 | |
| 153 | // Parse template |
| 154 | template := &unstructured.Unstructured{} |
| 155 | if err := yaml.Unmarshal(templateData, &template.Object); err != nil { |
| 156 | return false, fmt.Errorf("parsing template YAML: %w", err) |
| 157 | } |
| 158 | |
| 159 | // Check for existing template |
| 160 | templateAlreadyInstalled := false |
| 161 | if !opts.DryRun { |
| 162 | existing, err := k8sClient.GetTemplate(ctx, template.GetName()) |
| 163 | if err == nil { |
| 164 | // Template exists - check if managed by gator |
| 165 | if !labels.IsManagedByGator(existing) { |
| 166 | return false, &ConflictError{ |
| 167 | ResourceKind: "ConstraintTemplate", |
| 168 | ResourceName: template.GetName(), |
| 169 | } |
| 170 | } |
| 171 | // Check if same version |
| 172 | existingVersion := labels.GetPolicyVersion(existing) |
| 173 | if existingVersion == policy.Version { |
| 174 | templateAlreadyInstalled = true |
| 175 | } |
| 176 | } else if !apierrors.IsNotFound(err) { |
| 177 | return false, fmt.Errorf("checking existing template: %w", err) |
| 178 | } |
| 179 | } |
| 180 | |
| 181 | // Add labels and annotations |
| 182 | labels.AddManagedLabels(template, policy.Version, bundleName, catalog.DefaultRepository) |
| 183 | |
| 184 | // Install or update template if not already at same version |
| 185 | if !opts.DryRun && !templateAlreadyInstalled { |
| 186 | if err := k8sClient.InstallTemplate(ctx, template); err != nil { |
| 187 | return false, fmt.Errorf("installing template: %w", err) |
| 188 | } |
| 189 | } |
| 190 | |
| 191 | // Install constraint if bundle has a constraint path defined |
| 192 | constraintPath := policy.BundleConstraints[bundleName] |
| 193 | if bundleName != "" && constraintPath != "" { |
| 194 | if err := installConstraint(ctx, k8sClient, fetcher, policy, constraintPath, bundleName, opts, result, template); err != nil { |
| 195 | return false, err |
| 196 | } |
| 197 | } |
| 198 | |
| 199 | // Return whether this policy was skipped (already at same version) |
| 200 | if templateAlreadyInstalled && (bundleName == "" || constraintPath == "") { |
| 201 | return true, nil |
| 202 | } |
| 203 |
no test coverage detected
searching dependent graphs…