From 5e1c8d57c59db6ecece01ab2381527bc0c646c7e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Charles-Edouard=20Br=C3=A9t=C3=A9ch=C3=A9?= Date: Wed, 18 Sep 2024 21:54:18 +0200 Subject: [PATCH] fix: add options support in context binding (#484) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Charles-Edouard Brétéché --- pkg/binding/binding.go | 17 ----------------- pkg/engine/assert/binding.go | 4 ++-- pkg/json-engine/engine.go | 10 ++++++++-- 3 files changed, 10 insertions(+), 21 deletions(-) delete mode 100644 pkg/binding/binding.go diff --git a/pkg/binding/binding.go b/pkg/binding/binding.go deleted file mode 100644 index 0fd5cc97..00000000 --- a/pkg/binding/binding.go +++ /dev/null @@ -1,17 +0,0 @@ -package binding - -import ( - "github.com/jmespath-community/go-jmespath/pkg/binding" - "github.com/kyverno/kyverno-json/pkg/apis/policy/v1alpha1" - "github.com/kyverno/kyverno-json/pkg/engine/assert" - "k8s.io/apimachinery/pkg/util/validation/field" -) - -func NewContextBindings(bindings binding.Bindings, value any, entries ...v1alpha1.ContextEntry) binding.Bindings { - var path *field.Path - path = path.Child("context") - for i, entry := range entries { - bindings = bindings.Register("$"+entry.Name, assert.NewContextBinding(path.Index(i), bindings, value, entry.Variable.Value())) - } - return bindings -} diff --git a/pkg/engine/assert/binding.go b/pkg/engine/assert/binding.go index fef9570c..54034a75 100644 --- a/pkg/engine/assert/binding.go +++ b/pkg/engine/assert/binding.go @@ -8,7 +8,7 @@ import ( "k8s.io/apimachinery/pkg/util/validation/field" ) -func NewContextBinding(path *field.Path, bindings binding.Bindings, value any, entry any) binding.Binding { +func NewContextBinding(path *field.Path, bindings binding.Bindings, value any, entry any, opts ...template.Option) binding.Binding { return template.NewLazyBinding( func() (any, error) { expression := parseExpression(context.TODO(), entry) @@ -19,7 +19,7 @@ func NewContextBinding(path *field.Path, bindings binding.Bindings, value any, e if expression.binding != "" { return nil, field.Invalid(path.Child("variable"), entry, "binding is not supported in context") } - projected, err := template.Execute(context.Background(), expression.statement, value, bindings) + projected, err := template.Execute(context.TODO(), expression.statement, value, bindings, opts...) if err != nil { return nil, field.InternalError(path.Child("variable"), err) } diff --git a/pkg/json-engine/engine.go b/pkg/json-engine/engine.go index 08a1f7a6..9e8d1e2d 100644 --- a/pkg/json-engine/engine.go +++ b/pkg/json-engine/engine.go @@ -7,11 +7,12 @@ import ( jpbinding "github.com/jmespath-community/go-jmespath/pkg/binding" "github.com/kyverno/kyverno-json/pkg/apis/policy/v1alpha1" - "github.com/kyverno/kyverno-json/pkg/binding" "github.com/kyverno/kyverno-json/pkg/engine" + "github.com/kyverno/kyverno-json/pkg/engine/assert" "github.com/kyverno/kyverno-json/pkg/engine/builder" "github.com/kyverno/kyverno-json/pkg/engine/template" "github.com/kyverno/kyverno-json/pkg/matching" + "k8s.io/apimachinery/pkg/util/validation/field" ) type Request struct { @@ -69,7 +70,12 @@ func New() engine.Engine[Request, Response] { ruleEngine := builder. Function(func(ctx context.Context, r ruleRequest) []RuleResponse { bindings := r.bindings.Register("$rule", jpbinding.NewBinding(r.rule)) - bindings = binding.NewContextBindings(bindings, r.resource, r.rule.Context...) + // TODO: this doesn't seem to be the right path + var path *field.Path + path = path.Child("context") + for i, entry := range r.rule.Context { + bindings = bindings.Register("$"+entry.Name, assert.NewContextBinding(path.Index(i), bindings, r.resource, entry.Variable.Value())) + } identifier := "" if r.rule.Identifier != "" { result, err := template.Execute(context.Background(), r.rule.Identifier, r.resource, bindings)