Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] skipped payload elements are reported as a pass #198

Open
1 task done
JimBugwadia opened this issue Nov 4, 2023 · 0 comments
Open
1 task done

[Bug] skipped payload elements are reported as a pass #198

JimBugwadia opened this issue Nov 4, 2023 · 0 comments
Labels
good first issue Good for newcomers triage Default label assigned to all new issues indicating label curation is needed to fully organize.
Milestone
Release v0.3.0

Comments

@JimBugwadia
Copy link
Member

Kyverno JSON Version

0.1.0

Description

The JSON engine does not differentiate between a pass and a skip:

See:

kyverno-json/pkg/json-engine/engine.go

Line 80 in 679aad8

Predicate(func(ctx context.Context, r request) bool {

Steps to reproduce

  1. Run a sample policy:
➜ ./kyverno-json scan --policy ./test/commands/scan/tf-s3/policy.yaml --payload ./test/commands/scan/tf-s3/payload.json
Loading policies ...
Loading payload ...
Pre processing ...
Running ( evaluating 1 resource against 1 policy ) ...
- s3 / check-tags /  FAILED: all[0].check.planned_values.root_module.~.resources[0].values.(keys(tags_all)).(contains(@, 'Team')): Invalid value: false: Expected value: true
Done
  1. Try the same with a match / exclude or a pre-process that does not match the payload:
./kyverno-json scan --policy ./test/commands/scan/tf-s3/policy.yaml --payload ./test/commands/scan/tf-s3/payload.json --pre-process "check.planned_values.root_module.resources[]"
Loading policies ...
Loading payload ...
Pre processing ...
Error: prepocessor resulted in `null` payload (check.planned_values.root_module.resources[])

Expected behavior

If the match / exclude or pre-process does not match, the result should report a skip.

Screenshots

No response

Logs

No response

Slack discussion

No response

Troubleshooting

  • I have searched other issues in this repository and mine is not recorded.
@JimBugwadia JimBugwadia added the triage Default label assigned to all new issues indicating label curation is needed to fully organize. label Nov 4, 2023
@JimBugwadia JimBugwadia added this to the Release v0.2.0 milestone Nov 4, 2023
@JimBugwadia JimBugwadia added the good first issue Good for newcomers label Jun 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
good first issue Good for newcomers triage Default label assigned to all new issues indicating label curation is needed to fully organize.
Projects
Good First Issues
Status: No status
Milestone
Release v0.3.0
Development

No branches or pull requests
1 participant
@JimBugwadia