2021-02-01 12:59:13 -08:00
|
|
|
package engine
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"encoding/json"
|
|
|
|
|
"fmt"
|
2022-05-03 10:45:08 +02:00
|
|
|
|
2021-02-01 12:59:13 -08:00
|
|
|
"github.com/go-logr/logr"
|
2022-05-17 13:12:43 +02:00
|
|
|
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
2022-04-14 17:50:18 +05:30
|
|
|
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/store"
|
2021-04-17 02:17:00 +03:00
|
|
|
jmespath "github.com/kyverno/kyverno/pkg/engine/jmespath"
|
2021-02-01 23:22:19 -08:00
|
|
|
"github.com/kyverno/kyverno/pkg/engine/variables"
|
2022-01-17 04:06:44 +00:00
|
|
|
"github.com/kyverno/kyverno/pkg/registryclient"
|
2021-02-01 12:59:13 -08:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// LoadContext - Fetches and adds external data to the Context.
|
2022-05-17 13:12:43 +02:00
|
|
|
func LoadContext(logger logr.Logger, contextEntries []kyvernov1.ContextEntry, ctx *PolicyContext, ruleName string) error {
|
2021-02-01 12:59:13 -08:00
|
|
|
if len(contextEntries) == 0 {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-03-30 15:04:30 +02:00
|
|
|
policyName := ctx.Policy.GetName()
|
2021-04-29 22:39:44 +05:30
|
|
|
if store.GetMock() {
|
2022-08-09 11:18:57 +05:30
|
|
|
rule := store.GetPolicyRuleFromContext(policyName, ruleName)
|
|
|
|
|
if rule != nil && len(rule.Values) > 0 {
|
|
|
|
|
variables := rule.Values
|
|
|
|
|
for key, value := range variables {
|
|
|
|
|
if err := ctx.JSONContext.AddVariable(key, value); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-25 12:06:07 +01:00
|
|
|
hasRegistryAccess := store.GetRegistryAccess()
|
2022-08-09 11:18:57 +05:30
|
|
|
|
|
|
|
|
// Context Variable should be loaded after the values loaded from values file
|
2022-04-25 12:06:07 +01:00
|
|
|
for _, entry := range contextEntries {
|
|
|
|
|
if entry.ImageRegistry != nil && hasRegistryAccess {
|
|
|
|
|
if err := loadImageData(logger, entry, ctx); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
} else if entry.Variable != nil {
|
|
|
|
|
if err := loadVariable(logger, entry, ctx); err != nil {
|
|
|
|
|
return err
|
2022-03-16 09:56:47 +05:30
|
|
|
}
|
2022-10-19 22:09:15 +05:30
|
|
|
} else if entry.APICall != nil && store.IsAllowApiCall() {
|
|
|
|
|
if err := loadAPIData(logger, entry, ctx); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2021-09-13 16:33:30 +05:30
|
|
|
}
|
2022-03-16 09:56:47 +05:30
|
|
|
}
|
2022-04-25 22:06:31 +05:30
|
|
|
|
|
|
|
|
if rule != nil && len(rule.ForeachValues) > 0 {
|
|
|
|
|
for key, value := range rule.ForeachValues {
|
|
|
|
|
if err := ctx.JSONContext.AddVariable(key, value[store.ForeachElement]); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-04-29 22:39:44 +05:30
|
|
|
} else {
|
|
|
|
|
for _, entry := range contextEntries {
|
|
|
|
|
if entry.ConfigMap != nil {
|
2022-01-18 20:59:35 +08:00
|
|
|
if err := loadConfigMap(logger, entry, ctx); err != nil {
|
2021-04-29 22:39:44 +05:30
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
} else if entry.APICall != nil {
|
|
|
|
|
if err := loadAPIData(logger, entry, ctx); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2022-01-17 04:06:44 +00:00
|
|
|
} else if entry.ImageRegistry != nil {
|
|
|
|
|
if err := loadImageData(logger, entry, ctx); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2022-04-25 12:06:07 +01:00
|
|
|
} else if entry.Variable != nil {
|
|
|
|
|
if err := loadVariable(logger, entry, ctx); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2021-02-01 12:59:13 -08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-17 13:12:43 +02:00
|
|
|
func loadVariable(logger logr.Logger, entry kyvernov1.ContextEntry, ctx *PolicyContext) (err error) {
|
2022-04-25 12:06:07 +01:00
|
|
|
path := ""
|
|
|
|
|
if entry.Variable.JMESPath != "" {
|
|
|
|
|
jp, err := variables.SubstituteAll(logger, ctx.JSONContext, entry.Variable.JMESPath)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("failed to substitute variables in context entry %s %s: %v", entry.Name, entry.Variable.JMESPath, err)
|
|
|
|
|
}
|
|
|
|
|
path = jp.(string)
|
2022-05-07 12:32:48 +01:00
|
|
|
logger.V(4).Info("evaluated jmespath", "variable name", entry.Name, "jmespath", path)
|
2022-04-25 12:06:07 +01:00
|
|
|
}
|
|
|
|
|
var defaultValue interface{} = nil
|
|
|
|
|
if entry.Variable.Default != nil {
|
|
|
|
|
value, err := variables.DocumentToUntyped(entry.Variable.Default)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("invalid default for variable %s", entry.Name)
|
|
|
|
|
}
|
|
|
|
|
defaultValue, err = variables.SubstituteAll(logger, ctx.JSONContext, value)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("failed to substitute variables in context entry %s %s: %v", entry.Name, entry.Variable.Default, err)
|
|
|
|
|
}
|
2022-05-07 12:32:48 +01:00
|
|
|
logger.V(4).Info("evaluated default value", "variable name", entry.Name, "jmespath", defaultValue)
|
2022-04-25 12:06:07 +01:00
|
|
|
}
|
|
|
|
|
var output interface{} = defaultValue
|
|
|
|
|
if entry.Variable.Value != nil {
|
|
|
|
|
value, _ := variables.DocumentToUntyped(entry.Variable.Value)
|
|
|
|
|
variable, err := variables.SubstituteAll(logger, ctx.JSONContext, value)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("failed to substitute variables in context entry %s %s: %v", entry.Name, entry.Variable.Value, err)
|
|
|
|
|
}
|
|
|
|
|
if path != "" {
|
|
|
|
|
variable, err := applyJMESPath(path, variable)
|
|
|
|
|
if err == nil {
|
|
|
|
|
output = variable
|
2022-05-07 12:32:48 +01:00
|
|
|
} else if defaultValue == nil {
|
|
|
|
|
return fmt.Errorf("failed to apply jmespath %s to variable %s: %v", path, entry.Variable.Value, err)
|
2022-04-25 12:06:07 +01:00
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
output = variable
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if path != "" {
|
|
|
|
|
if variable, err := ctx.JSONContext.Query(path); err == nil {
|
|
|
|
|
output = variable
|
2022-05-07 12:32:48 +01:00
|
|
|
} else if defaultValue == nil {
|
|
|
|
|
return fmt.Errorf("failed to apply jmespath %s to variable %v", path, err)
|
2022-04-25 12:06:07 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-05-07 12:32:48 +01:00
|
|
|
logger.V(4).Info("evaluated output", "variable name", entry.Name, "output", output)
|
2022-04-25 12:06:07 +01:00
|
|
|
if output == nil {
|
|
|
|
|
return fmt.Errorf("unable to add context entry for variable %s since it evaluated to nil", entry.Name)
|
|
|
|
|
}
|
|
|
|
|
if outputBytes, err := json.Marshal(output); err == nil {
|
|
|
|
|
return ctx.JSONContext.ReplaceContextEntry(entry.Name, outputBytes)
|
|
|
|
|
} else {
|
|
|
|
|
return fmt.Errorf("unable to add context entry for variable %s: %w", entry.Name, err)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-17 13:12:43 +02:00
|
|
|
func loadImageData(logger logr.Logger, entry kyvernov1.ContextEntry, ctx *PolicyContext) error {
|
2022-05-25 11:03:36 +02:00
|
|
|
if err := registryclient.DefaultClient.RefreshKeychainPullSecrets(); err != nil {
|
|
|
|
|
return fmt.Errorf("unable to load image registry credentials, %w", err)
|
|
|
|
|
}
|
2022-01-17 04:06:44 +00:00
|
|
|
imageData, err := fetchImageData(logger, entry, ctx)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2022-04-09 13:52:50 +02:00
|
|
|
jsonBytes, err := json.Marshal(imageData)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := ctx.JSONContext.AddContextEntry(entry.Name, jsonBytes); err != nil {
|
2022-01-17 04:06:44 +00:00
|
|
|
return fmt.Errorf("failed to add resource data to context: contextEntry: %v, error: %v", entry, err)
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-17 13:12:43 +02:00
|
|
|
func fetchImageData(logger logr.Logger, entry kyvernov1.ContextEntry, ctx *PolicyContext) (interface{}, error) {
|
2022-01-17 04:06:44 +00:00
|
|
|
ref, err := variables.SubstituteAll(logger, ctx.JSONContext, entry.ImageRegistry.Reference)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("ailed to substitute variables in context entry %s %s: %v", entry.Name, entry.ImageRegistry.Reference, err)
|
|
|
|
|
}
|
|
|
|
|
refString, ok := ref.(string)
|
|
|
|
|
if !ok {
|
|
|
|
|
return nil, fmt.Errorf("invalid image reference %s, image reference must be a string", ref)
|
|
|
|
|
}
|
|
|
|
|
path, err := variables.SubstituteAll(logger, ctx.JSONContext, entry.ImageRegistry.JMESPath)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("failed to substitute variables in context entry %s %s: %v", entry.Name, entry.ImageRegistry.JMESPath, err)
|
|
|
|
|
}
|
|
|
|
|
imageData, err := fetchImageDataMap(refString)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
if path != "" {
|
|
|
|
|
imageData, err = applyJMESPath(path.(string), imageData)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("failed to apply JMESPath (%s) results to context entry %s, error: %v", entry.ImageRegistry.JMESPath, entry.Name, err)
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-04-09 13:52:50 +02:00
|
|
|
return imageData, nil
|
2022-01-17 04:06:44 +00:00
|
|
|
}
|
|
|
|
|
|
2022-04-22 13:38:49 +05:30
|
|
|
// FetchImageDataMap fetches image information from the remote registry.
|
2022-01-17 04:06:44 +00:00
|
|
|
func fetchImageDataMap(ref string) (interface{}, error) {
|
2022-05-25 11:03:36 +02:00
|
|
|
desc, err := registryclient.DefaultClient.FetchImageDescriptor(ref)
|
2022-01-17 04:06:44 +00:00
|
|
|
if err != nil {
|
2022-05-23 15:15:25 +02:00
|
|
|
return nil, err
|
2022-01-17 04:06:44 +00:00
|
|
|
}
|
|
|
|
|
image, err := desc.Image()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("failed to resolve image reference: %s, error: %v", ref, err)
|
|
|
|
|
}
|
2022-05-04 18:38:56 +01:00
|
|
|
// We need to use the raw config and manifest to avoid dropping unknown keys
|
|
|
|
|
// which are not defined in GGCR structs.
|
|
|
|
|
rawManifest, err := image.RawManifest()
|
2022-01-17 04:06:44 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("failed to fetch manifest for image reference: %s, error: %v", ref, err)
|
|
|
|
|
}
|
2022-05-04 18:38:56 +01:00
|
|
|
var manifest interface{}
|
|
|
|
|
if err := json.Unmarshal(rawManifest, &manifest); err != nil {
|
|
|
|
|
return nil, fmt.Errorf("failed to decode manifest for image reference: %s, error: %v", ref, err)
|
|
|
|
|
}
|
|
|
|
|
rawConfig, err := image.RawConfigFile()
|
2022-01-17 04:06:44 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("failed to fetch config for image reference: %s, error: %v", ref, err)
|
|
|
|
|
}
|
2022-05-04 18:38:56 +01:00
|
|
|
var configData interface{}
|
|
|
|
|
if err := json.Unmarshal(rawConfig, &configData); err != nil {
|
|
|
|
|
return nil, fmt.Errorf("failed to decode config for image reference: %s, error: %v", ref, err)
|
|
|
|
|
}
|
2022-05-25 11:03:36 +02:00
|
|
|
|
2022-01-17 04:06:44 +00:00
|
|
|
data := map[string]interface{}{
|
|
|
|
|
"image": ref,
|
2022-05-25 11:03:36 +02:00
|
|
|
"resolvedImage": fmt.Sprintf("%s@%s", desc.Ref.Context().Name(), desc.Digest.String()),
|
|
|
|
|
"registry": desc.Ref.Context().RegistryStr(),
|
|
|
|
|
"repository": desc.Ref.Context().RepositoryStr(),
|
|
|
|
|
"identifier": desc.Ref.Identifier(),
|
2022-01-17 04:06:44 +00:00
|
|
|
"manifest": manifest,
|
2022-05-04 18:38:56 +01:00
|
|
|
"configData": configData,
|
2022-01-17 04:06:44 +00:00
|
|
|
}
|
|
|
|
|
// we need to do the conversion from struct types to an interface type so that jmespath
|
|
|
|
|
// evaluation works correctly. go-jmespath cannot handle function calls like max/sum
|
|
|
|
|
// for types like integers for eg. the conversion to untyped allows the stdlib json
|
|
|
|
|
// to convert all the types to types that are compatible with jmespath.
|
|
|
|
|
jsonDoc, err := json.Marshal(data)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var untyped interface{}
|
|
|
|
|
err = json.Unmarshal(jsonDoc, &untyped)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
return untyped, nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-17 13:12:43 +02:00
|
|
|
func loadAPIData(logger logr.Logger, entry kyvernov1.ContextEntry, ctx *PolicyContext) error {
|
2021-02-01 23:22:19 -08:00
|
|
|
jsonData, err := fetchAPIData(logger, entry, ctx)
|
2021-02-01 12:59:13 -08:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if entry.APICall.JMESPath == "" {
|
2022-04-09 13:52:50 +02:00
|
|
|
err = ctx.JSONContext.AddContextEntry(entry.Name, jsonData)
|
2021-02-01 12:59:13 -08:00
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("failed to add resource data to context: contextEntry: %v, error: %v", entry, err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2021-03-25 16:43:12 -07:00
|
|
|
path, err := variables.SubstituteAll(logger, ctx.JSONContext, entry.APICall.JMESPath)
|
2021-03-22 12:15:29 -07:00
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("failed to substitute variables in context entry %s %s: %v", entry.Name, entry.APICall.JMESPath, err)
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-17 04:06:44 +00:00
|
|
|
results, err := applyJMESPathJSON(path.(string), jsonData)
|
2021-02-01 12:59:13 -08:00
|
|
|
if err != nil {
|
2021-07-15 00:50:28 +03:00
|
|
|
return err
|
2021-02-01 12:59:13 -08:00
|
|
|
}
|
|
|
|
|
|
2022-04-09 13:52:50 +02:00
|
|
|
contextData, err := json.Marshal(results)
|
2021-02-01 12:59:13 -08:00
|
|
|
if err != nil {
|
2022-04-09 13:52:50 +02:00
|
|
|
return fmt.Errorf("failed to marshall data %v for context entry %v: %v", contextData, entry, err)
|
2021-02-01 12:59:13 -08:00
|
|
|
}
|
|
|
|
|
|
2022-04-09 13:52:50 +02:00
|
|
|
err = ctx.JSONContext.AddContextEntry(entry.Name, contextData)
|
2021-02-01 12:59:13 -08:00
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("failed to add JMESPath (%s) results to context, error: %v", entry.APICall.JMESPath, err)
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-09 18:50:50 -07:00
|
|
|
logger.V(4).Info("added APICall context entry", "len", len(contextData))
|
2021-02-01 12:59:13 -08:00
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-17 04:06:44 +00:00
|
|
|
func applyJMESPath(jmesPath string, data interface{}) (interface{}, error) {
|
2021-04-17 02:17:00 +03:00
|
|
|
jp, err := jmespath.New(jmesPath)
|
2021-02-01 12:59:13 -08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("failed to compile JMESPath: %s, error: %v", jmesPath, err)
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-17 04:06:44 +00:00
|
|
|
return jp.Search(data)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func applyJMESPathJSON(jmesPath string, jsonData []byte) (interface{}, error) {
|
2021-02-01 12:59:13 -08:00
|
|
|
var data interface{}
|
2022-01-17 04:06:44 +00:00
|
|
|
err := json.Unmarshal(jsonData, &data)
|
2021-02-01 12:59:13 -08:00
|
|
|
if err != nil {
|
2021-02-22 16:27:20 -08:00
|
|
|
return nil, fmt.Errorf("failed to unmarshal JSON: %s, error: %v", string(jsonData), err)
|
2021-02-01 12:59:13 -08:00
|
|
|
}
|
2022-01-17 04:06:44 +00:00
|
|
|
return applyJMESPath(jmesPath, data)
|
2021-02-01 12:59:13 -08:00
|
|
|
}
|
|
|
|
|
|
2022-05-17 13:12:43 +02:00
|
|
|
func fetchAPIData(log logr.Logger, entry kyvernov1.ContextEntry, ctx *PolicyContext) ([]byte, error) {
|
2021-02-01 12:59:13 -08:00
|
|
|
if entry.APICall == nil {
|
2021-02-01 23:22:19 -08:00
|
|
|
return nil, fmt.Errorf("missing APICall in context entry %s %v", entry.Name, entry.APICall)
|
2021-02-01 12:59:13 -08:00
|
|
|
}
|
|
|
|
|
|
2021-03-11 22:06:04 +02:00
|
|
|
path, err := variables.SubstituteAll(log, ctx.JSONContext, entry.APICall.URLPath)
|
2021-02-01 12:59:13 -08:00
|
|
|
if err != nil {
|
2021-02-01 23:22:19 -08:00
|
|
|
return nil, fmt.Errorf("failed to substitute variables in context entry %s %s: %v", entry.Name, entry.APICall.URLPath, err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pathStr := path.(string)
|
2021-02-01 12:59:13 -08:00
|
|
|
|
2022-09-01 10:30:04 +02:00
|
|
|
jsonData, err := getResource(ctx, pathStr)
|
2021-02-01 12:59:13 -08:00
|
|
|
if err != nil {
|
2022-09-01 10:30:04 +02:00
|
|
|
return nil, fmt.Errorf("failed to get resource with raw url\n: %s: %v", pathStr, err)
|
2021-02-01 12:59:13 -08:00
|
|
|
}
|
|
|
|
|
|
2022-09-01 10:30:04 +02:00
|
|
|
return jsonData, nil
|
2021-02-01 12:59:13 -08:00
|
|
|
}
|
|
|
|
|
|
2022-09-01 10:30:04 +02:00
|
|
|
func getResource(ctx *PolicyContext, p string) ([]byte, error) {
|
|
|
|
|
return ctx.Client.RawAbsPath(p)
|
2022-08-23 18:52:54 +02:00
|
|
|
}
|
|
|
|
|
|
2022-05-17 13:12:43 +02:00
|
|
|
func loadConfigMap(logger logr.Logger, entry kyvernov1.ContextEntry, ctx *PolicyContext) error {
|
2022-01-18 20:59:35 +08:00
|
|
|
data, err := fetchConfigMap(logger, entry, ctx)
|
2021-02-01 12:59:13 -08:00
|
|
|
if err != nil {
|
2021-02-22 16:27:20 -08:00
|
|
|
return fmt.Errorf("failed to retrieve config map for context entry %s: %v", entry.Name, err)
|
2021-02-01 12:59:13 -08:00
|
|
|
}
|
|
|
|
|
|
2022-04-09 13:52:50 +02:00
|
|
|
err = ctx.JSONContext.AddContextEntry(entry.Name, data)
|
2021-02-01 12:59:13 -08:00
|
|
|
if err != nil {
|
2021-02-22 16:27:20 -08:00
|
|
|
return fmt.Errorf("failed to add config map for context entry %s: %v", entry.Name, err)
|
2021-02-01 12:59:13 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-17 13:12:43 +02:00
|
|
|
func fetchConfigMap(logger logr.Logger, entry kyvernov1.ContextEntry, ctx *PolicyContext) ([]byte, error) {
|
2021-02-01 12:59:13 -08:00
|
|
|
contextData := make(map[string]interface{})
|
2021-02-22 16:27:20 -08:00
|
|
|
|
2022-01-18 20:59:35 +08:00
|
|
|
name, err := variables.SubstituteAll(logger, ctx.JSONContext, entry.ConfigMap.Name)
|
2021-02-22 16:27:20 -08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("failed to substitute variables in context %s configMap.name %s: %v", entry.Name, entry.ConfigMap.Name, err)
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-18 20:59:35 +08:00
|
|
|
namespace, err := variables.SubstituteAll(logger, ctx.JSONContext, entry.ConfigMap.Namespace)
|
2021-02-22 16:27:20 -08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("failed to substitute variables in context %s configMap.namespace %s: %v", entry.Name, entry.ConfigMap.Namespace, err)
|
|
|
|
|
}
|
|
|
|
|
|
2021-02-01 12:59:13 -08:00
|
|
|
if namespace == "" {
|
|
|
|
|
namespace = "default"
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-18 20:59:35 +08:00
|
|
|
obj, err := ctx.Client.GetResource("v1", "ConfigMap", namespace.(string), name.(string))
|
2021-02-01 12:59:13 -08:00
|
|
|
if err != nil {
|
2022-01-18 20:59:35 +08:00
|
|
|
return nil, fmt.Errorf("failed to get configmap %s/%s : %v", namespace, name, err)
|
2021-02-01 12:59:13 -08:00
|
|
|
}
|
|
|
|
|
|
2021-03-31 15:22:25 -07:00
|
|
|
unstructuredObj := obj.DeepCopy().Object
|
2021-02-01 12:59:13 -08:00
|
|
|
|
|
|
|
|
// extract configmap data
|
|
|
|
|
contextData["data"] = unstructuredObj["data"]
|
|
|
|
|
contextData["metadata"] = unstructuredObj["metadata"]
|
2022-04-09 13:52:50 +02:00
|
|
|
data, err := json.Marshal(contextData)
|
2021-02-01 12:59:13 -08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("failed to unmarshal configmap %s/%s: %v", namespace, name, err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return data, nil
|
|
|
|
|
}
|
