From 1a7c5812200cf9933218c170818e9774763c5917 Mon Sep 17 00:00:00 2001
From: Frank Jogeleit <frank.jogeleit@web.de>
Date: Tue, 11 Mar 2025 16:00:20 +0100
Subject: [PATCH] fix: providing the http provider in the compiler (#12379)

Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>
---
 pkg/cel/libs/http/http.go  | 8 ++++++++
 pkg/cel/policy/compiler.go | 2 +-
 pkg/cel/policy/policy.go   | 2 ++
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/pkg/cel/libs/http/http.go b/pkg/cel/libs/http/http.go
index 6708e5bc12..14033cc6e8 100644
--- a/pkg/cel/libs/http/http.go
+++ b/pkg/cel/libs/http/http.go
@@ -109,3 +109,11 @@ func buildRequestData(data map[string]any) (io.Reader, error) {
 
 	return buffer, nil
 }
+
+func NewHTTP() HTTP {
+	return HTTP{
+		HttpInterface: &HttpProvider{
+			client: http.DefaultClient,
+		},
+	}
+}
diff --git a/pkg/cel/policy/compiler.go b/pkg/cel/policy/compiler.go
index e447acb8bb..73fff63b66 100644
--- a/pkg/cel/policy/compiler.go
+++ b/pkg/cel/policy/compiler.go
@@ -53,7 +53,7 @@ func (c *compiler) compileForJSON(policy *policiesv1alpha1.ValidatingPolicy, exc
 	}
 
 	options = append(options, declOptions...)
-	options = append(options, context.Lib())
+	options = append(options, context.Lib(), http.Lib())
 	env, err := base.Extend(options...)
 	if err != nil {
 		return nil, append(allErrs, field.InternalError(nil, err))
diff --git a/pkg/cel/policy/policy.go b/pkg/cel/policy/policy.go
index 98efb956ce..1136ea5c20 100644
--- a/pkg/cel/policy/policy.go
+++ b/pkg/cel/policy/policy.go
@@ -10,6 +10,7 @@ import (
 	"github.com/google/cel-go/common/types/ref"
 	policiesv1alpha1 "github.com/kyverno/kyverno/api/policies.kyverno.io/v1alpha1"
 	contextlib "github.com/kyverno/kyverno/pkg/cel/libs/context"
+	"github.com/kyverno/kyverno/pkg/cel/libs/http"
 	"github.com/kyverno/kyverno/pkg/cel/utils"
 	"go.uber.org/multierr"
 	admissionv1 "k8s.io/api/admission/v1"
@@ -162,6 +163,7 @@ func (p *compiledPolicy) evaluateWithData(
 	vars := lazy.NewMapValue(VariablesType)
 	dataNew := map[string]any{
 		ContextKey:         contextlib.Context{ContextInterface: data.Context},
+		HttpKey:            http.NewHTTP(),
 		NamespaceObjectKey: data.Namespace,
 		ObjectKey:          data.Object,
 		OldObjectKey:       data.OldObject,