🐛 Update Policy Evaluation Controller to add compute policies correctly

[dilyar85]

What does this PR do, and why is it needed?

This PR updates the policy evaluation controller to apply compute polices as follows:

• Automatically apply mandatory polices if matched (optional polices are added explicitly)
• For explicit polices defined in PolicyEvaluation.Spec.Policies (populated from VM.Spec.Polices), add them only if matched (regardless of mandatory or optional mode)

Also, this PR renames the existing reconcileMatchingPolicies function to reconcileMandatoryPolicies so it aligns better the purpose and the other reconcileExplicitPolicies function called together by the Reconciler.

While here, adding the missing patch and update controller RBAC permission for policyevaluations/status.

Which issue(s) is/are addressed by this PR?

Fixes N/A.

Are there any special notes for your reviewer:

None.

Please add a release note if necessary:

Update Policy Evaluation Controller to add compute policies correctly.

[lubronzhan]

Since you are updating it, would you mind adding missing update to

// +kubebuilder:rbac:groups=vsphere.policy.vmware.com,resources=policyevaluations/status

Thanks!

[dilyar85]

Since you are updating it, would you mind adding missing update to

// +kubebuilder:rbac:groups=vsphere.policy.vmware.com,resources=policyevaluations/status

Thanks!

Good catch! Added both update and patch there, thanks @lubronzhan!

[github-actions]

Package	Line Rate	Health
github.com/vmware-tanzu/vm-operator/controllers/contentlibrary/clustercontentlibraryitem	67%	❌
github.com/vmware-tanzu/vm-operator/controllers/contentlibrary/contentlibraryitem	67%	❌
github.com/vmware-tanzu/vm-operator/controllers/contentlibrary/utils	46%	❌
github.com/vmware-tanzu/vm-operator/controllers/infra/capability/configmap	92%	✔
github.com/vmware-tanzu/vm-operator/controllers/infra/capability/crd	100%	✔
github.com/vmware-tanzu/vm-operator/controllers/infra/configmap	75%	❌
github.com/vmware-tanzu/vm-operator/controllers/infra/node	77%	❌
github.com/vmware-tanzu/vm-operator/controllers/infra/secret	76%	❌
github.com/vmware-tanzu/vm-operator/controllers/infra/validatingwebhookconfiguration	87%	➖
github.com/vmware-tanzu/vm-operator/controllers/infra/zone	73%	❌
github.com/vmware-tanzu/vm-operator/controllers/storageclass	95%	✔
github.com/vmware-tanzu/vm-operator/controllers/storagepolicyquota	98%	✔
github.com/vmware-tanzu/vm-operator/controllers/util/encoding	73%	❌
github.com/vmware-tanzu/vm-operator/controllers/virtualmachine/storagepolicyusage	96%	✔
github.com/vmware-tanzu/vm-operator/controllers/virtualmachine/virtualmachine	69%	❌
github.com/vmware-tanzu/vm-operator/controllers/virtualmachine/volume	87%	➖
github.com/vmware-tanzu/vm-operator/controllers/virtualmachine/volumebatch	81%	➖
github.com/vmware-tanzu/vm-operator/controllers/virtualmachineclass	73%	❌
github.com/vmware-tanzu/vm-operator/controllers/virtualmachinegroup	89%	✔
github.com/vmware-tanzu/vm-operator/controllers/virtualmachinegrouppublishrequest	88%	➖
github.com/vmware-tanzu/vm-operator/controllers/virtualmachineimagecache	88%	➖
github.com/vmware-tanzu/vm-operator/controllers/virtualmachinepublishrequest	82%	➖
github.com/vmware-tanzu/vm-operator/controllers/virtualmachinereplicaset	68%	❌
github.com/vmware-tanzu/vm-operator/controllers/virtualmachineservice	83%	➖
github.com/vmware-tanzu/vm-operator/controllers/virtualmachineservice/providers	92%	✔
github.com/vmware-tanzu/vm-operator/controllers/virtualmachinesetresourcepolicy	81%	➖
github.com/vmware-tanzu/vm-operator/controllers/virtualmachinesnapshot	92%	✔
github.com/vmware-tanzu/vm-operator/controllers/virtualmachinewebconsolerequest	72%	❌
github.com/vmware-tanzu/vm-operator/controllers/virtualmachinewebconsolerequest/v1alpha1	72%	❌
github.com/vmware-tanzu/vm-operator/controllers/virtualmachinewebconsolerequest/v1alpha1/conditions	88%	➖
github.com/vmware-tanzu/vm-operator/controllers/virtualmachinewebconsolerequest/v1alpha1/patch	78%	❌
github.com/vmware-tanzu/vm-operator/controllers/vspherepolicy/policyevaluation	93%	✔
github.com/vmware-tanzu/vm-operator/pkg/bitmask	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/builder	94%	✔
github.com/vmware-tanzu/vm-operator/pkg/conditions	90%	✔
github.com/vmware-tanzu/vm-operator/pkg/config	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/config/capabilities	98%	✔
github.com/vmware-tanzu/vm-operator/pkg/config/env	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/context	25%	❌
github.com/vmware-tanzu/vm-operator/pkg/context/generic	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/context/operation	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/crd	75%	❌
github.com/vmware-tanzu/vm-operator/pkg/errors	75%	❌
github.com/vmware-tanzu/vm-operator/pkg/exit	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/log	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/mem	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/patch	78%	❌
github.com/vmware-tanzu/vm-operator/pkg/prober	89%	➖
github.com/vmware-tanzu/vm-operator/pkg/prober/probe	90%	✔
github.com/vmware-tanzu/vm-operator/pkg/prober/worker	77%	❌
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere	74%	❌
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/clustermodules	73%	❌
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/config	88%	➖
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/contentlibrary	75%	❌
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/credentials	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/network	81%	➖
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/placement	74%	❌
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/session	51%	❌
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/storage	44%	❌
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/upgrade/virtualmachine	95%	✔
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/vcenter	85%	➖
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/virtualmachine	87%	➖
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/vmlifecycle	71%	❌
github.com/vmware-tanzu/vm-operator/pkg/record	87%	➖
github.com/vmware-tanzu/vm-operator/pkg/topology	91%	✔
github.com/vmware-tanzu/vm-operator/pkg/util	78%	❌
github.com/vmware-tanzu/vm-operator/pkg/util/cloudinit	89%	✔
github.com/vmware-tanzu/vm-operator/pkg/util/cloudinit/validate	91%	✔
github.com/vmware-tanzu/vm-operator/pkg/util/image	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/util/kube	95%	✔
github.com/vmware-tanzu/vm-operator/pkg/util/kube/cource	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/util/kube/internal	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/util/kube/proxyaddr	73%	❌
github.com/vmware-tanzu/vm-operator/pkg/util/kube/spq	99%	✔
github.com/vmware-tanzu/vm-operator/pkg/util/linuxprep	97%	✔
github.com/vmware-tanzu/vm-operator/pkg/util/netplan	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/util/nil	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/util/ovfcache	75%	❌
github.com/vmware-tanzu/vm-operator/pkg/util/ovfcache/internal	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/util/paused	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/util/ptr	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/util/resize	98%	✔
github.com/vmware-tanzu/vm-operator/pkg/util/sysprep	98%	✔
github.com/vmware-tanzu/vm-operator/pkg/util/vmopv1	88%	➖
github.com/vmware-tanzu/vm-operator/pkg/util/vsphere/client	66%	❌
github.com/vmware-tanzu/vm-operator/pkg/util/vsphere/library	96%	✔
github.com/vmware-tanzu/vm-operator/pkg/util/vsphere/vm	79%	❌
github.com/vmware-tanzu/vm-operator/pkg/util/vsphere/watcher	85%	➖
github.com/vmware-tanzu/vm-operator/pkg/vmconfig	95%	✔
github.com/vmware-tanzu/vm-operator/pkg/vmconfig/anno2extraconfig	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/vmconfig/bootoptions	88%	➖
github.com/vmware-tanzu/vm-operator/pkg/vmconfig/crypto	91%	✔
github.com/vmware-tanzu/vm-operator/pkg/vmconfig/diskpromo	100%	✔
github.com/vmware-tanzu/vm-operator/pkg/vmconfig/policy	96%	✔
github.com/vmware-tanzu/vm-operator/pkg/vmconfig/virtualcontroller	85%	➖
github.com/vmware-tanzu/vm-operator/pkg/webconsolevalidation	100%	✔
github.com/vmware-tanzu/vm-operator/services/vm-watcher	85%	➖
github.com/vmware-tanzu/vm-operator/webhooks/common	98%	✔
github.com/vmware-tanzu/vm-operator/webhooks/persistentvolumeclaim/validation	95%	✔
github.com/vmware-tanzu/vm-operator/webhooks/unifiedstoragequota/validation	88%	➖
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachine/mutation	84%	➖
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachine/validation	95%	✔
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachineclass/mutation	62%	❌
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachineclass/validation	89%	➖
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachinegroup/mutation	87%	➖
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachinegroup/validation	92%	✔
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachinegrouppublishrequest/mutation	86%	➖
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachinegrouppublishrequest/validation	88%	➖
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachinepublishrequest/validation	93%	✔
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachinereplicaset/validation	90%	✔
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachineservice/mutation	67%	❌
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachineservice/validation	92%	✔
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachinesetresourcepolicy/validation	89%	✔
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachinesnapshot/mutation	83%	➖
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachinesnapshot/validation	89%	➖
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachinewebconsolerequest/v1alpha1/validation	92%	✔
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachinewebconsolerequest/validation	92%	✔
Summary	82% (16555 / 20137)	➖

Minimum allowed line rate is 79%