From 7502e5da98c19a4b85864b32d4299336bfa72ecd Mon Sep 17 00:00:00 2001
From: Shuting Zhao <shutting06@gmail.com>
Date: Thu, 18 Mar 2021 13:40:14 -0700
Subject: [PATCH] fix variable substitution in NumericOperatorHandler

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
---
 pkg/api/kyverno/v1/utils.go              | 9 +++++++--
 pkg/engine/variables/operator/numeric.go | 7 ++++---
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/pkg/api/kyverno/v1/utils.go b/pkg/api/kyverno/v1/utils.go
index a84f5a20eb..d8ebdb224b 100755
--- a/pkg/api/kyverno/v1/utils.go
+++ b/pkg/api/kyverno/v1/utils.go
@@ -3,13 +3,18 @@ package v1
 import (
 	"encoding/json"
 	"reflect"
+	"strings"
 )
 
 // HasAutoGenAnnotation checks if a policy has auto-gen annotation
 func (p *ClusterPolicy) HasAutoGenAnnotation() bool {
 	annotations := p.GetAnnotations()
-	_, ok := annotations["pod-policies.kyverno.io/autogen-controllers"]
-	return ok
+	val, ok := annotations["pod-policies.kyverno.io/autogen-controllers"]
+	if ok && strings.ToLower(val) != "none" {
+		return true
+	}
+
+	return false
 }
 
 //HasMutateOrValidateOrGenerate checks for rule types
diff --git a/pkg/engine/variables/operator/numeric.go b/pkg/engine/variables/operator/numeric.go
index 687cb01466..b2f32e5dbe 100644
--- a/pkg/engine/variables/operator/numeric.go
+++ b/pkg/engine/variables/operator/numeric.go
@@ -45,12 +45,13 @@ func compareByCondition(key float64, value float64, op kyverno.ConditionOperator
 }
 
 func (noh NumericOperatorHandler) Evaluate(key, value interface{}) bool {
-	if key, err := noh.subHandler(noh.log, noh.ctx, key); err != nil {
+	var err error
+	if key, err = noh.subHandler(noh.log, noh.ctx, key); err != nil {
 		// Failed to resolve the variable
 		noh.log.Error(err, "Failed to resolve variable", "variable", key)
 		return false
 	}
-	if value, err := noh.subHandler(noh.log, noh.ctx, value); err != nil {
+	if value, err = noh.subHandler(noh.log, noh.ctx, value); err != nil {
 		// Failed to resolve the variable
 		noh.log.Error(err, "Failed to resolve variable", "variable", value)
 		return false
@@ -133,7 +134,7 @@ func (noh NumericOperatorHandler) validateValueWithStringPattern(key string, val
 	if err == nil {
 		return noh.validateValueWithIntPattern(int64key, value)
 	}
-	noh.log.Error(fmt.Errorf("Parse Error: "), "Failed to parse both float64 and int64 from the string keyt")
+	noh.log.Error(err, "Failed to parse both float64 and int64 from the string keyt")
 	return false
 }