fix: Auto-gen rules can not get variables from test input values (#8337)

* chore: improve cli version command and add tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: Auto-gen rules can not get variables from test input values Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2025-03-28 18:38:40 +00:00 · 2023-09-12 15:38:57 +02:00 · 2023-09-12 15:38:57 +02:00 · 2ea68ccc7a
commit 2ea68ccc7a
parent a1d06b41df
5 changed files with 67 additions and 1 deletions
--- a/cmd/cli/kubectl-kyverno/store/store.go
+++ b/cmd/cli/kubectl-kyverno/store/store.go
@ -80,7 +80,8 @@ func GetPolicyRule(policyName string, ruleName string) *Rule {
 	for _, policy := range policies {
 		if policy.Name == policyName {
 			for _, rule := range policy.Rules {
-				if rule.Name == ruleName {
+				switch ruleName {
+				case rule.Name, "autogen-" + rule.Name, "autogen-cronjob-" + rule.Name:
 					return &rule
 				}
 			}
--- a/test/cli/test/autogen-values/kyverno-test.yaml
+++ b/test/cli/test/autogen-values/kyverno-test.yaml
@ -0,0 +1,19 @@
+name: test
+policies:
+  - policy.yaml
+variables: values.yaml
+resources:
+  - resource.yaml
+results:
+  - policy: test-policy
+    rule: test-rule
+    resources:
+    - pod
+    kind: Pod
+    result: pass
+  - policy: test-policy
+    rule: test-rule
+    resources:
+    - deployment
+    kind: Deployment
+    result: pass
--- a/test/cli/test/autogen-values/policy.yaml
+++ b/test/cli/test/autogen-values/policy.yaml
@ -0,0 +1,27 @@
+apiVersion: kyverno.io/v1
+kind: ClusterPolicy
+metadata:
+  name: test-policy
+spec:
+  validationFailureAction: audit
+  background: true
+  rules:
+  - name: test-rule
+    context:
+    - name: excludedPolicies
+      apiCall:
+        urlPath: "/api/v1/namespaces/{{request.namespace}}"
+        jmesPath: "metadata.annotations.\"overwrite.kyverno.io/excluded-policies\" || '[]' | parse_json(@)"
+    preconditions:
+      all:
+      - key: "key-name"
+        operator: AllNotIn
+        value: "{{ excludedPolicies }}"
+    match:
+      any:
+      - resources:
+          kinds:
+          - Pod
+    validate:
+      message: "Do nothing!"
+      pattern: {}
--- a/test/cli/test/autogen-values/resource.yaml
+++ b/test/cli/test/autogen-values/resource.yaml
@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: pod
+spec: {}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: deployment
+spec:
+  template:
+    metadata: {}
--- a/test/cli/test/autogen-values/values.yaml
+++ b/test/cli/test/autogen-values/values.yaml
@ -0,0 +1,6 @@
+policies:
+  - name: test-policy
+    rules:
+      - name: test-rule
+        values:
+          excludedPolicies: []