From 6b9798f76f717195dbd4bf2299de8467a40f6fec Mon Sep 17 00:00:00 2001 From: Sambhav Kothari Date: Mon, 10 Jan 2022 21:42:02 +0000 Subject: [PATCH] Add parse_json function the decode json strings (#2941) Signed-off-by: Sambhav Kothari --- pkg/engine/jmespath/functions.go | 21 ++++++- pkg/engine/jmespath/functions_test.go | 62 +++++++++++++++++++ test/cli/test/custom-functions/policy.yaml | 21 +++++++ test/cli/test/custom-functions/resources.yaml | 16 +++++ test/cli/test/custom-functions/test.yaml | 10 +++ 5 files changed, 129 insertions(+), 1 deletion(-) diff --git a/pkg/engine/jmespath/functions.go b/pkg/engine/jmespath/functions.go index 8488f48eb7..07ba8459b8 100644 --- a/pkg/engine/jmespath/functions.go +++ b/pkg/engine/jmespath/functions.go @@ -2,6 +2,7 @@ package jmespath import ( "encoding/base64" + "encoding/json" "errors" "fmt" "path/filepath" @@ -57,6 +58,7 @@ var ( pathCanonicalize = "path_canonicalize" truncate = "truncate" semverCompare = "semver_compare" + parseJson = "parse_json" ) const errorPrefix = "JMESPath function '%s': " @@ -262,6 +264,13 @@ func getFunctions() []*gojmespath.FunctionEntry { }, Handler: jpSemverCompare, }, + { + Name: parseJson, + Arguments: []ArgSpec{ + {Types: []JpType{JpString}}, + }, + Handler: jpParseJson, + }, } } @@ -665,6 +674,16 @@ func jpSemverCompare(arguments []interface{}) (interface{}, error) { return false, nil } +func jpParseJson(arguments []interface{}) (interface{}, error) { + input, err := validateArg(parseJson, arguments, 0, reflect.String) + if err != nil { + return nil, err + } + var output interface{} + err = json.Unmarshal([]byte(input.String()), &output) + return output, err +} + // InterfaceToString casts an interface to a string type func ifaceToString(iface interface{}) (string, error) { switch i := iface.(type) { @@ -686,7 +705,7 @@ func ifaceToString(iface interface{}) (string, error) { func validateArg(f string, arguments []interface{}, index int, expectedType reflect.Kind) (reflect.Value, error) { arg := reflect.ValueOf(arguments[index]) if arg.Type().Kind() != expectedType { - return reflect.Value{}, fmt.Errorf(invalidArgumentTypeError, equalFold, index+1, expectedType.String()) + return reflect.Value{}, fmt.Errorf(invalidArgumentTypeError, f, index+1, expectedType.String()) } return arg, nil diff --git a/pkg/engine/jmespath/functions_test.go b/pkg/engine/jmespath/functions_test.go index 8dbbbaa9c1..6a8a74dc5f 100644 --- a/pkg/engine/jmespath/functions_test.go +++ b/pkg/engine/jmespath/functions_test.go @@ -43,6 +43,68 @@ func Test_Compare(t *testing.T) { } } +func Test_ParseJsonSerde(t *testing.T) { + testCases := []string{ + `{"a":"b"}`, + `true`, + `[1,2,3,{"a":"b"}]`, + `null`, + `[]`, + `{}`, + `0`, + `1.2`, + `[1.2,true,{"a":{"a":"b"}}]`, + } + + for _, tc := range testCases { + t.Run(tc, func(t *testing.T) { + jp, err := New(fmt.Sprintf(`to_string(parse_json('%s'))`, tc)) + fmt.Println(err) + assert.NilError(t, err) + + result, err := jp.Search("") + fmt.Println(err) + assert.NilError(t, err) + + assert.Equal(t, result, tc) + }) + } +} + +func Test_ParseJsonComplex(t *testing.T) { + testCases := []struct { + input string + expectedResult interface{} + }{ + { + input: `parse_json('{"a": "b"}').a`, + expectedResult: "b", + }, + { + input: `parse_json('{"a": [1, 2, 3, 4]}').a[0]`, + expectedResult: 1.0, + }, + { + input: `parse_json('[1, 2, {"a": {"b": {"c": [1, 2]}}}]')[2].a.b.c[1]`, + expectedResult: 2.0, + }, + } + + for _, tc := range testCases { + t.Run(tc.input, func(t *testing.T) { + jp, err := New(tc.input) + fmt.Println(err) + assert.NilError(t, err) + + result, err := jp.Search("") + fmt.Println(err) + assert.NilError(t, err) + + assert.Equal(t, result, tc.expectedResult) + }) + } +} + func Test_EqualFold(t *testing.T) { testCases := []struct { jmesPath string diff --git a/test/cli/test/custom-functions/policy.yaml b/test/cli/test/custom-functions/policy.yaml index 6097e2d669..2b5288894a 100644 --- a/test/cli/test/custom-functions/policy.yaml +++ b/test/cli/test/custom-functions/policy.yaml @@ -74,3 +74,24 @@ spec: - key: "{{ path_canonicalize(element.hostPath.path) }}" operator: Equals value: "\\var\\run\\containerd\\containerd.sock" +--- +apiVersion: kyverno.io/v1 +kind: ClusterPolicy +metadata: + name: test-parse-json +spec: + validationFailureAction: enforce + background: false + rules: + - name: test-json-parsing-jmespath + match: + resources: + kinds: + - ConfigMap + validate: + message: "Test JMESPath" + deny: + conditions: + - key: "{{request.object.metadata.annotations.test | parse_json(@).a }}" + operator: NotEquals + value: b \ No newline at end of file diff --git a/test/cli/test/custom-functions/resources.yaml b/test/cli/test/custom-functions/resources.yaml index be1f53fdae..fb25b7f7bf 100644 --- a/test/cli/test/custom-functions/resources.yaml +++ b/test/cli/test/custom-functions/resources.yaml @@ -51,3 +51,19 @@ spec: mountPath: /sock - name: test mountPath: /test +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: valid-test + annotations: + test: | + {"a": "b"} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: invalid-test + annotations: + test: | + {"a": "not-b"} \ No newline at end of file diff --git a/test/cli/test/custom-functions/test.yaml b/test/cli/test/custom-functions/test.yaml index 193758ad07..53a4c4af68 100644 --- a/test/cli/test/custom-functions/test.yaml +++ b/test/cli/test/custom-functions/test.yaml @@ -29,3 +29,13 @@ results: resource: mount-containerd-sock kind: Pod status: fail + - policy: test-parse-json + rule: test-json-parsing-jmespath + resource: valid-test + kind: ConfigMap + result: pass + - policy: test-parse-json + rule: test-json-parsing-jmespath + resource: invalid-test + kind: ConfigMap + result: fail \ No newline at end of file