Fix ExtraDependencies for ConfigPolicy manifests

When a `ConfigurationPolicy` manifest was provided directly,
`extraDependencies` was being set at the `objectDefinition` level
rather than the `policy-templates` level.

ref: https://issues.redhat.com/browse/ACM-7353
Signed-off-by: Dale Haiducek <[email protected]>

Author: dhaiducek

internal/ordering_test.go

@@ -543,6 +543,7 @@ func TestExtraDependencies(t *testing.T) {
 	t.Parallel()
 	tmpDir := t.TempDir()
 	createConfigMap(t, tmpDir, "configmap.yaml")
+	createConfigPolicyManifest(t, tmpDir, "configpolicy.yaml")
 
 	tests := map[string]genOutTest{
 		"policyDefaults.extraDependencies are propagated to all manifests": {
@@ -641,6 +642,30 @@ policies:
 			wantFile: "testdata/ordering/manifest-extradeps.yaml",
 			wantErr:  "",
 		},
+		"manifest extraDependencies are handled with ConfigurationPolicy manifests": {
+			tmpDir: tmpDir,
+			generator: `
+apiVersion: policy.open-cluster-management.io/v1
+kind: PolicyGenerator
+metadata:
+  name: test
+policyDefaults:
+  consolidateManifests: false
+  namespace: my-policies
+policies:
+- name: one
+  manifests:
+  - path: {{printf "%v/%v" .Dir "configpolicy.yaml"}}
+    extraDependencies:
+    - name: manifestextra
+  - path: {{printf "%v/%v" .Dir "configmap.yaml"}}
+- name: two
+  manifests:
+  - path: {{printf "%v/%v" .Dir "configmap.yaml"}}
+`,
+			wantFile: "testdata/ordering/manifest-extradeps-configpolicy.yaml",
+			wantErr:  "",
+		},
 		"extraDependencies defaults can be overwritten": {
 			tmpDir: tmpDir,
 			generator: `

internal/plugin_config_test.go

@@ -30,6 +30,35 @@ data:
 	}
 }
 
+func createConfigPolicyManifest(t *testing.T, tmpDir, filename string) {
+	t.Helper()
+
+	manifestsPath := path.Join(tmpDir, filename)
+	yamlContent := `
+apiVersion: policy.open-cluster-management.io/v1
+kind: ConfigurationPolicy
+metadata:
+  name: configpolicy-my-configmap
+spec:
+  object-templates:
+    - complianceType: musthave
+      objectDefinition:
+        apiVersion: v1
+        data:
+          game.properties: enemies=potato
+        kind: ConfigMap
+        metadata:
+          name: my-configmap
+  remediationAction: inform
+  severity: low
+`
+
+	err := os.WriteFile(manifestsPath, []byte(yamlContent), 0o666)
+	if err != nil {
+		t.Fatalf("Failed to write %s", manifestsPath)
+	}
+}
+
 func createIamPolicyManifest(t *testing.T, tmpDir, filename string) {
 	t.Helper()
 

internal/testdata/ordering/manifest-extradeps-configpolicy.yaml

@@ -0,0 +1,131 @@
+---
+apiVersion: policy.open-cluster-management.io/v1
+kind: Policy
+metadata:
+  annotations:
+    policy.open-cluster-management.io/categories: CM Configuration Management
+    policy.open-cluster-management.io/controls: CM-2 Baseline Configuration
+    policy.open-cluster-management.io/standards: NIST SP 800-53
+  name: one
+  namespace: my-policies
+spec:
+  disabled: false
+  policy-templates:
+    - extraDependencies:
+      - apiVersion: policy.open-cluster-management.io/v1
+        compliance: Compliant
+        kind: Policy
+        name: manifestextra
+        namespace: my-policies
+      objectDefinition:
+        apiVersion: policy.open-cluster-management.io/v1
+        kind: ConfigurationPolicy
+        metadata:
+          name: configpolicy-my-configmap
+        spec:
+          object-templates:
+            - complianceType: musthave
+              objectDefinition:
+                apiVersion: v1
+                data:
+                  game.properties: enemies=potato
+                kind: ConfigMap
+                metadata:
+                  name: my-configmap
+          remediationAction: inform
+          severity: low
+    - objectDefinition:
+        apiVersion: policy.open-cluster-management.io/v1
+        kind: ConfigurationPolicy
+        metadata:
+          name: one2
+        spec:
+          object-templates:
+            - complianceType: musthave
+              objectDefinition:
+                apiVersion: v1
+                data:
+                  game.properties: enemies=potato
+                kind: ConfigMap
+                metadata:
+                  name: my-configmap
+          remediationAction: inform
+          severity: low
+  remediationAction: inform
+---
+apiVersion: policy.open-cluster-management.io/v1
+kind: Policy
+metadata:
+  annotations:
+    policy.open-cluster-management.io/categories: CM Configuration Management
+    policy.open-cluster-management.io/controls: CM-2 Baseline Configuration
+    policy.open-cluster-management.io/standards: NIST SP 800-53
+  name: two
+  namespace: my-policies
+spec:
+  disabled: false
+  policy-templates:
+    - objectDefinition:
+        apiVersion: policy.open-cluster-management.io/v1
+        kind: ConfigurationPolicy
+        metadata:
+          name: two
+        spec:
+          object-templates:
+            - complianceType: musthave
+              objectDefinition:
+                apiVersion: v1
+                data:
+                  game.properties: enemies=potato
+                kind: ConfigMap
+                metadata:
+                  name: my-configmap
+          remediationAction: inform
+          severity: low
+  remediationAction: inform
+---
+apiVersion: apps.open-cluster-management.io/v1
+kind: PlacementRule
+metadata:
+  name: placement-one
+  namespace: my-policies
+spec:
+  clusterSelector:
+    matchExpressions: []
+---
+apiVersion: apps.open-cluster-management.io/v1
+kind: PlacementRule
+metadata:
+  name: placement-two
+  namespace: my-policies
+spec:
+  clusterSelector:
+    matchExpressions: []
+---
+apiVersion: policy.open-cluster-management.io/v1
+kind: PlacementBinding
+metadata:
+  name: binding-one
+  namespace: my-policies
+placementRef:
+  apiGroup: apps.open-cluster-management.io
+  kind: PlacementRule
+  name: placement-one
+subjects:
+  - apiGroup: policy.open-cluster-management.io
+    kind: Policy
+    name: one
+---
+apiVersion: policy.open-cluster-management.io/v1
+kind: PlacementBinding
+metadata:
+  name: binding-two
+  namespace: my-policies
+placementRef:
+  apiGroup: apps.open-cluster-management.io
+  kind: PlacementRule
+  name: placement-two
+subjects:
+  - apiGroup: policy.open-cluster-management.io
+    kind: Policy
+    name: two

internal/utils.go

@@ -189,7 +189,7 @@ func getPolicyTemplates(policyConf *types.PolicyConfig) ([]map[string]interface{
 
 				// Only set dependency options if it's an OCM policy
 				if isOcmPolicy {
-					setTemplateOptions(manifest, ignorePending, extraDeps)
+					setTemplateOptions(policyTemplate, ignorePending, extraDeps)
 				}
 
 				policyTemplates = append(policyTemplates, policyTemplate)