Skip to content

Commit

Permalink
Fix clippy warnings
Browse files Browse the repository at this point in the history
  • Loading branch information
@flavio
flavio committed Mar 20, 2021
1 parent 6dcdd90 commit 4f3f097
Show file tree
Hide file tree
Showing 4 changed files with 14 additions and 16 deletions.
8 changes: 3 additions & 5 deletions src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,12 +23,10 @@ pub extern "C" fn wapc_init() {
fn validate(payload: &[u8]) -> CallResult {
let validation_req = ValidationRequest::<Settings>::new(payload)?;

let val_res = validate_added_caps(&validation_req);
if val_res.is_err() {
return reject_request(Some(val_res.unwrap_err().to_string()), None);
match validate_added_caps(&validation_req) {
Ok(()) => accept_request(patch_object(&validation_req)?),
Err(val_res) => reject_request(Some(val_res.to_string()), None),
}

accept_request(patch_object(&validation_req)?)
}

#[cfg(test)]
Expand Down
11 changes: 5 additions & 6 deletions src/mutate.rs
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
use anyhow::{anyhow, Result};
use chimera_kube_policy_sdk::request::ValidationRequest;
use k8s_openapi::api::core::v1::{Capabilities, Pod, SecurityContext};
use std::{collections::HashSet, iter::FromIterator};
use std::collections::HashSet;

use crate::settings::Settings;

Expand Down Expand Up @@ -79,10 +79,10 @@ fn patch_container_security_context(
let mut capabilities = sc.capabilities.unwrap();

// Handle add capabilities
let mut cap_add = capabilities.add.unwrap_or(Vec::<String>::new());
let mut cap_add = capabilities.add.unwrap_or_default();
let cap_add_size_before = cap_add.len();

let current_add: HashSet<String> = HashSet::from_iter(cap_add.iter().map(|i| i.to_owned()));
let current_add: HashSet<String> = cap_add.iter().map(|i| i.to_owned()).collect();
for to_be_added in settings.default_add_capabilities.difference(&current_add) {
cap_add.push(String::from(to_be_added));
}
Expand All @@ -97,11 +97,10 @@ fn patch_container_security_context(
capabilities.add = Some(cap_add);

// Handle add capabilities
let mut cap_drop = capabilities.drop.unwrap_or(Vec::<String>::new());
let mut cap_drop = capabilities.drop.unwrap_or_default();
let cap_drop_size_before = cap_drop.len();

let current_drop: HashSet<String> =
HashSet::from_iter(cap_drop.iter().map(|i| String::from(i)));
let current_drop: HashSet<String> = cap_drop.iter().map(String::from).collect();
for to_be_droped in settings
.required_drop_capabilities
.difference(&current_drop)
Expand Down
6 changes: 3 additions & 3 deletions src/settings.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ impl chimera_kube_policy_sdk::settings::Validatable for Settings {
let denied: HashSet<String> = self
.allowed_capabilities
.intersection(&self.required_drop_capabilities)
.map(|v| v.clone())
.cloned()
.collect();
if !denied.is_empty() {
return Err(format!("These capabilities cannot be allowed because they are also required to be dropped: {:?}", denied));
Expand All @@ -33,7 +33,7 @@ impl chimera_kube_policy_sdk::settings::Validatable for Settings {
let denied: HashSet<String> = self
.default_add_capabilities
.intersection(&self.required_drop_capabilities)
.map(|v| v.clone())
.cloned()
.collect();
if !denied.is_empty() {
return Err(format!("These capabilities cannot be added by default because they are also required to be dropped: {:?}", denied));
Expand All @@ -42,7 +42,7 @@ impl chimera_kube_policy_sdk::settings::Validatable for Settings {
let denied: HashSet<String> = self
.default_add_capabilities
.difference(&self.allowed_capabilities)
.map(|v| v.clone())
.cloned()
.collect();
if !denied.is_empty() && !self.allow_all_capabilities_enabled() {
return Err(format!(
Expand Down
5 changes: 3 additions & 2 deletions src/validate.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ pub(crate) fn validate_added_caps(validation_req: &ValidationRequest<Settings>)
}

fn get_caps(
queries: &Vec<&str>,
queries: &[&str],
validation_req: &ValidationRequest<Settings>,
) -> Result<HashSet<String>> {
let mut selector = jsonpath::selector_as::<HashSet<String>>(&validation_req.request.object);
Expand All @@ -54,8 +54,9 @@ fn get_caps(

for q in queries.iter() {
let matches = selector(q)
.and_then(|mut m| Ok(m.pop().unwrap_or(HashSet::<String>::new())))
.map(|mut m| m.pop().unwrap_or_default())
.map_err(|e| anyhow!("error searching capabilities with query {}: {:?}", q, e))?;

caps = caps.union(&matches).map(|i| i.to_owned()).collect();
}

Expand Down

0 comments on commit 4f3f097

Please sign in to comment.