Return directly if the profiles are too large to create or update the…

… ArmorProfile object

internal/policy/clusterpolicy_controller.go

@@ -234,7 +234,7 @@ func (c *ClusterPolicyController) ignoreAdd(vcp *varmor.VarmorClusterPolicy, log
 	if len(profileName) > 63 {
 		err := fmt.Errorf("the length of ArmorProfile name is exceed 63. name: %s, length: %d", profileName, len(profileName))
 		logger.Error(err, "update VarmorClusterPolicy/status with forbidden info")
-		msg := fmt.Sprintf("The length of VarmorClusterPolicy object name is too long, please limit it to %d bytes", 63-len(varmorprofile.ClusterProfileNameTemplate)+4-len(varmorconfig.Namespace))
+		msg := fmt.Sprintf("The length of VarmorClusterPolicy object name is too long, please limit it to %d bytes.", 63-len(varmorprofile.ClusterProfileNameTemplate)+4-len(varmorconfig.Namespace))
 		err = statusmanager.UpdateVarmorClusterPolicyStatus(c.varmorInterface, vcp, "", false, varmortypes.VarmorPolicyError, varmortypes.VarmorPolicyCreated, apicorev1.ConditionFalse,
 			"Forbidden",
 			msg)
@@ -289,6 +289,12 @@ func (c *ClusterPolicyController) handleAddVarmorClusterPolicy(vcp *varmor.Varmo
 	ap, err = c.varmorInterface.ArmorProfiles(varmorconfig.Namespace).Create(context.Background(), ap, metav1.CreateOptions{})
 	if err != nil {
 		logger.Error(err, "ArmorProfile().Create()")
+		if k8errors.IsRequestEntityTooLargeError(err) {
+			return statusmanager.UpdateVarmorClusterPolicyStatus(
+				c.varmorInterface, vcp, "", false, varmortypes.VarmorPolicyError, varmortypes.VarmorPolicyCreated, apicorev1.ConditionFalse,
+				"Error",
+				"The profiles are too large to create an ArmorProfile object.")
+		}
 		return err
 	}
 
@@ -478,6 +484,12 @@ func (c *ClusterPolicyController) handleUpdateVarmorClusterPolicy(newVp *varmor.
 		_, err = c.varmorInterface.ArmorProfiles(varmorconfig.Namespace).Update(context.Background(), oldAp, metav1.UpdateOptions{})
 		if err != nil {
 			logger.Error(err, "ArmorProfile().Update()")
+			if k8errors.IsRequestEntityTooLargeError(err) {
+				return statusmanager.UpdateVarmorClusterPolicyStatus(
+					c.varmorInterface, newVp, "", false, varmortypes.VarmorPolicyError, varmortypes.VarmorPolicyUpdated, apicorev1.ConditionFalse,
+					"Error",
+					"The profiles are too large to update the existing ArmorProfile object.")
+			}
 			return err
 		}
 	} else if len(oldAp.OwnerReferences) == 0 {
@@ -486,6 +498,12 @@ func (c *ClusterPolicyController) handleUpdateVarmorClusterPolicy(newVp *varmor.
 		_, err = c.varmorInterface.ArmorProfiles(varmorconfig.Namespace).Update(context.Background(), oldAp, metav1.UpdateOptions{})
 		if err != nil {
 			logger.Error(err, "ArmorProfile().Update()")
+			if k8errors.IsRequestEntityTooLargeError(err) {
+				return statusmanager.UpdateVarmorClusterPolicyStatus(
+					c.varmorInterface, newVp, "", false, varmortypes.VarmorPolicyError, varmortypes.VarmorPolicyUpdated, apicorev1.ConditionFalse,
+					"Error",
+					"The profiles are too large to update the existing ArmorProfile object.")
+			}
 			return err
 		}
 	} else {

internal/policy/policy_controller.go

@@ -239,7 +239,7 @@ func (c *PolicyController) ignoreAdd(vp *varmor.VarmorPolicy, logger logr.Logger
 	if len(profileName) > 63 {
 		err := fmt.Errorf("the length of ArmorProfile name is exceed 63. name: %s, length: %d", profileName, len(profileName))
 		logger.Error(err, "update VarmorPolicy/status with forbidden info")
-		msg := fmt.Sprintf("The length of VarmorProfile object name is too long, please limit it to %d bytes", 63-len(varmorprofile.ProfileNameTemplate)+4-len(vp.Namespace))
+		msg := fmt.Sprintf("The length of VarmorProfile object name is too long, please limit it to %d bytes.", 63-len(varmorprofile.ProfileNameTemplate)+4-len(vp.Namespace))
 		err = statusmanager.UpdateVarmorPolicyStatus(c.varmorInterface, vp, "", false, varmortypes.VarmorPolicyError, varmortypes.VarmorPolicyCreated, apicorev1.ConditionFalse,
 			"Forbidden",
 			msg)
@@ -294,6 +294,12 @@ func (c *PolicyController) handleAddVarmorPolicy(vp *varmor.VarmorPolicy) error
 	ap, err = c.varmorInterface.ArmorProfiles(vp.Namespace).Create(context.Background(), ap, metav1.CreateOptions{})
 	if err != nil {
 		logger.Error(err, "ArmorProfile().Create()")
+		if k8errors.IsRequestEntityTooLargeError(err) {
+			return statusmanager.UpdateVarmorPolicyStatus(
+				c.varmorInterface, vp, "", false, varmortypes.VarmorPolicyError, varmortypes.VarmorPolicyCreated, apicorev1.ConditionFalse,
+				"Error",
+				"The profiles are too large to create an ArmorProfile object.")
+		}
 		return err
 	}
 
@@ -483,6 +489,12 @@ func (c *PolicyController) handleUpdateVarmorPolicy(newVp *varmor.VarmorPolicy,
 		_, err = c.varmorInterface.ArmorProfiles(oldAp.Namespace).Update(context.Background(), oldAp, metav1.UpdateOptions{})
 		if err != nil {
 			logger.Error(err, "ArmorProfile().Update()")
+			if k8errors.IsRequestEntityTooLargeError(err) {
+				return statusmanager.UpdateVarmorPolicyStatus(
+					c.varmorInterface, newVp, "", false, varmortypes.VarmorPolicyError, varmortypes.VarmorPolicyUpdated, apicorev1.ConditionFalse,
+					"Error",
+					"The profiles are too large to update the existing ArmorProfile object.")
+			}
 			return err
 		}
 	} else if len(oldAp.OwnerReferences) == 0 {
@@ -491,6 +503,12 @@ func (c *PolicyController) handleUpdateVarmorPolicy(newVp *varmor.VarmorPolicy,
 		_, err = c.varmorInterface.ArmorProfiles(oldAp.Namespace).Update(context.Background(), oldAp, metav1.UpdateOptions{})
 		if err != nil {
 			logger.Error(err, "ArmorProfile().Update()")
+			if k8errors.IsRequestEntityTooLargeError(err) {
+				return statusmanager.UpdateVarmorPolicyStatus(
+					c.varmorInterface, newVp, "", false, varmortypes.VarmorPolicyError, varmortypes.VarmorPolicyUpdated, apicorev1.ConditionFalse,
+					"Error",
+					"The profiles are too large to update the existing ArmorProfile object.")
+			}
 			return err
 		}
 	} else {