code review

functions/go/gatekeeper-validate/main.go

@@ -54,28 +54,23 @@ func main() {
 			objects = append(objects, obj)
 		}
 
-		err := Validate(objects)
-		if err == nil {
-			return nil
-		}
-
-		if result, ok := err.(*framework.Result); ok {
-			resourceList.Result = result
-			if resultContainsError(result) {
-				return result
+		result, err := Validate(objects)
+		// When err is not nil, result should be nil.
+		if err != nil {
+			result = &framework.Result{
+				Items: []framework.Item{
+					{
+						Message:  err.Error(),
+						Severity: framework.Error,
+					},
+				},
 			}
-			return nil
 		}
-
-		resourceList.Result = &framework.Result{
-			Items: []framework.Item{
-				{
-					Message:  err.Error(),
-					Severity: framework.Error,
-				},
-			},
+		resourceList.Result = result
+		if resultContainsError(result) {
+			return result
 		}
-		return resourceList.Result
+		return nil
 	})
 	cmd.Short = generated.PolicyControllerValidateShort
 	cmd.Long = generated.PolicyControllerValidateLong
@@ -86,6 +81,9 @@ func main() {
 }
 
 func resultContainsError(result *framework.Result) bool {
+	if result == nil {
+		return false
+	}
 	for _, item := range result.Items {
 		if item.Severity == framework.Error {
 			return true

functions/go/gatekeeper-validate/validate.go

@@ -80,58 +80,57 @@ func gatherConstraints(objects []runtime.Object) ([]*unstructured.Unstructured,
 
 // Validate makes sure the configs passed to it comply with any Constraints and
 // Constraint Templates present in the list of configs
-func Validate(objects []runtime.Object) error {
+func Validate(objects []runtime.Object) (*framework.Result, error) {
 	client, err := createClient()
 	if err != nil {
-		return err
+		return nil, err
 	}
 	tmpls, err := gatherTemplates(objects)
 	if err != nil {
-		return err
+		return nil, err
 	}
 	ctx := context.Background()
 	for _, t := range tmpls {
 		if _, err = client.AddTemplate(ctx, t); err != nil {
-			return err
+			return nil, err
 		}
 	}
 	cstrs, err := gatherConstraints(objects)
 	if err != nil {
-		return err
+		return nil, err
 	}
 	for _, c := range cstrs {
 		if _, err = client.AddConstraint(ctx, c); err != nil {
-			return err
+			return nil, err
 		}
 	}
 
 	for _, obj := range objects {
 		if _, err = client.AddData(ctx, obj); err != nil {
-			return err
+			return nil, err
 		}
 	}
 
 	resps, err := client.Audit(ctx)
 	if err != nil {
-		return err
+		return nil, err
 	}
 	results := resps.Results()
 	if len(results) > 0 {
 		return parseResults(results)
 	}
-	return nil
+	return nil, nil
 }
 
-func parseResults(results []*opatypes.Result) error {
+func parseResults(results []*opatypes.Result) (*framework.Result, error) {
 	out := &framework.Result{
 		Items: []framework.Item{},
 	}
 
-	foundError := false
 	for _, r := range results {
 		u, ok := r.Resource.(*unstructured.Unstructured)
 		if !ok {
-			return fmt.Errorf("could not cast to unstructured: %+v", r.Resource)
+			return nil, fmt.Errorf("could not cast to unstructured: %+v", r.Resource)
 		}
 
 		item := framework.Item{
@@ -159,7 +158,6 @@ func parseResults(results []*opatypes.Result) error {
 			item.Severity = framework.Warning
 		default:
 			item.Severity = framework.Error
-			foundError = true
 		}
 
 		path, foundPath := u.GetAnnotations()[kioutil.PathAnnotation]
@@ -171,18 +169,13 @@ func parseResults(results []*opatypes.Result) error {
 			if foundIndex {
 				idx, err := strconv.Atoi(index)
 				if err != nil {
-					return err
+					return nil, err
 				}
 				item.File.Index = idx
 			}
 		}
 
 		out.Items = append(out.Items, item)
 	}
-
-	if foundError {
-		return out
-	} else {
-		return nil
-	}
+	return out, nil
 }