mirror of
https://github.com/kyverno/kyverno.git
synced 2024-12-14 11:57:48 +00:00
Remove regexp, add wildcard checks instead
This commit is contained in:
parent
d0e832b424
commit
4862d03c3c
2 changed files with 2 additions and 23 deletions
|
@ -3,7 +3,6 @@ package v1alpha1
|
|||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"regexp"
|
||||
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
)
|
||||
|
@ -66,13 +65,6 @@ func (pr *PolicyResource) Validate() error {
|
|||
}
|
||||
}
|
||||
|
||||
if pr.Name != nil {
|
||||
// make non-regexp a regexp to match exactly to the given name
|
||||
if _, err := regexp.Compile(*pr.Name); err != nil {
|
||||
return fmt.Errorf("invalied regex, err: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
|
@ -1,8 +1,7 @@
|
|||
package webhooks
|
||||
|
||||
import (
|
||||
"regexp"
|
||||
|
||||
"github.com/minio/minio/pkg/wildcard"
|
||||
types "github.com/nirmata/kube-policy/pkg/apis/policy/v1alpha1"
|
||||
"k8s.io/api/admission/v1beta1"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
|
@ -62,21 +61,9 @@ func IsRuleApplicableToResource(kind string, resourceRaw []byte, policyResource
|
|||
|
||||
if policyResource.Name != nil {
|
||||
|
||||
policyResourceName, isRegex := parseRegexPolicyResourceName(*policyResource.Name)
|
||||
|
||||
// if no regex used, check if names are matched, return directly
|
||||
if !isRegex && policyResourceName != name {
|
||||
if !wildcard.Match(*policyResource.Name, name) {
|
||||
return false, nil
|
||||
}
|
||||
|
||||
// validation of regex is peformed when validating the policyResource
|
||||
// refer to policyResource.Validate()
|
||||
if isRegex {
|
||||
match, _ := regexp.MatchString(policyResourceName, name)
|
||||
if !match {
|
||||
return false, nil
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if policyResource.Selector != nil {
|
||||
|
|
Loading…
Reference in a new issue