mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00
Code Activity

feat: add CEL variables support (#11913)

Browse source 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
This commit is contained in:
Charles-Edouard Brétéché 2025-01-14 10:41:18 +01:00 committed by GitHub
parent 34bc3994a3
commit 9177c57b21
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 10 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
pkg/cel/policy/compiler.go
View file

@ -13,9 +13,12 @@ import (
)
const (
ContextKey = "context"
ObjectKey = "object"
VariablesKey = "variables"
ContextKey = "context"
NamespaceObjectKey = "namespaceObject"
ObjectKey = "object"
OldObjectKey = "oldObject"
RequestKey = "request"
VariablesKey = "variables"
)
type Compiler interface {
@ -37,8 +40,12 @@ func (c *compiler) Compile(policy *kyvernov2alpha1.ValidatingPolicy) (*CompiledP
provider := NewVariablesProvider(base.CELTypeProvider())
env, err := base.Extend(
cel.Variable(ContextKey, context.ContextType),
cel.Variable(NamespaceObjectKey, cel.DynType),
cel.Variable(ObjectKey, cel.DynType),
cel.Variable(OldObjectKey, cel.DynType),
cel.Variable(RequestKey, cel.DynType),
cel.Variable(VariablesKey, VariablesType),
// TODO: params, authorizer, authorizer.requestResource ?
cel.CustomTypeProvider(provider),
)
if err != nil {