From 05234d94e29ba5627352a82717c9d6c0620f9db7 Mon Sep 17 00:00:00 2001
From: NoSkillGirl <singhpooja240393@gmail.com>
Date: Mon, 2 Aug 2021 16:38:43 +0530
Subject: [PATCH 1/2] adding variable in context

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
---
 pkg/kyverno/apply/apply_command.go | 41 ++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)

diff --git a/pkg/kyverno/apply/apply_command.go b/pkg/kyverno/apply/apply_command.go
index 18c5197483..bcc4646f83 100644
--- a/pkg/kyverno/apply/apply_command.go
+++ b/pkg/kyverno/apply/apply_command.go
@@ -138,6 +138,7 @@ func Command() *cobra.Command {
 	cmd.Flags().StringArrayVarP(&resourcePaths, "resource", "r", []string{}, "Path to resource files")
 	cmd.Flags().BoolVarP(&cluster, "cluster", "c", false, "Checks if policies should be applied to cluster in the current context")
 	cmd.Flags().StringVarP(&mutateLogPath, "output", "o", "", "Prints the mutated resources in provided file/directory")
+	// currently `set` flag supports variable for single policy applied on single resource
 	cmd.Flags().StringVarP(&variablesString, "set", "s", "", "Variables that are required")
 	cmd.Flags().StringVarP(&valuesFile, "values-file", "f", "", "File containing values for policy variables")
 	cmd.Flags().BoolVarP(&policyReport, "policy-report", "", false, "Generates policy report when passed (default policyviolation r")
@@ -234,6 +235,14 @@ func applyCommandHelper(resourcePaths []string, cluster bool, policyReport bool,
 		os.Exit(1)
 	}
 
+	if (len(resources) > 1 || len(mutatedPolicies) > 1) && variablesString != "" {
+		return validateEngineResponses, rc, resources, skippedPolicies, sanitizederror.NewWithError("currently `set` flag supports variable for single policy applied on single resource ", nil)
+	}
+
+	if variablesString != "" {
+		setInStoreContext(mutatedPolicies, variables)
+	}
+
 	msgPolicies := "1 policy"
 	if len(mutatedPolicies) > 1 {
 		msgPolicies = fmt.Sprintf("%d policies", len(policies))
@@ -411,3 +420,35 @@ func createFileOrFolder(mutateLogPath string, mutateLogPathIsDir bool) error {
 
 	return nil
 }
+
+func setInStoreContext(mutatedPolicies []*v1.ClusterPolicy, variables map[string]string) {
+	storePolices := make([]store.Policy, 0)
+	for _, policy := range mutatedPolicies {
+		storeRules := make([]store.Rule, 0)
+		for _, rule := range policy.Spec.Rules {
+			contextVal := make(map[string]string)
+			if len(rule.Context) != 0 {
+				for _, contextVar := range rule.Context {
+					for k, v := range variables {
+						if strings.HasPrefix(k, contextVar.Name) {
+							contextVal[k] = v
+						}
+					}
+				}
+				storeRules = append(storeRules, store.Rule{
+					Name:   rule.Name,
+					Values: contextVal,
+				})
+
+			}
+		}
+		storePolices = append(storePolices, store.Policy{
+			Name:  policy.Name,
+			Rules: storeRules,
+		})
+	}
+
+	store.SetContext(store.Context{
+		Policies: storePolices,
+	})
+}

From 15a63c109df2ddbe406157d0b4d2fcc369856d73 Mon Sep 17 00:00:00 2001
From: NoSkillGirl <singhpooja240393@gmail.com>
Date: Mon, 2 Aug 2021 16:45:54 +0530
Subject: [PATCH 2/2] removing context variables from variablesString

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
---
 pkg/kyverno/apply/apply_command.go | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/pkg/kyverno/apply/apply_command.go b/pkg/kyverno/apply/apply_command.go
index bcc4646f83..c0b6762a42 100644
--- a/pkg/kyverno/apply/apply_command.go
+++ b/pkg/kyverno/apply/apply_command.go
@@ -240,7 +240,7 @@ func applyCommandHelper(resourcePaths []string, cluster bool, policyReport bool,
 	}
 
 	if variablesString != "" {
-		setInStoreContext(mutatedPolicies, variables)
+		variables = setInStoreContext(mutatedPolicies, variables)
 	}
 
 	msgPolicies := "1 policy"
@@ -421,7 +421,7 @@ func createFileOrFolder(mutateLogPath string, mutateLogPathIsDir bool) error {
 	return nil
 }
 
-func setInStoreContext(mutatedPolicies []*v1.ClusterPolicy, variables map[string]string) {
+func setInStoreContext(mutatedPolicies []*v1.ClusterPolicy, variables map[string]string) map[string]string {
 	storePolices := make([]store.Policy, 0)
 	for _, policy := range mutatedPolicies {
 		storeRules := make([]store.Rule, 0)
@@ -432,6 +432,7 @@ func setInStoreContext(mutatedPolicies []*v1.ClusterPolicy, variables map[string
 					for k, v := range variables {
 						if strings.HasPrefix(k, contextVar.Name) {
 							contextVal[k] = v
+							delete(variables, k)
 						}
 					}
 				}
@@ -439,7 +440,6 @@ func setInStoreContext(mutatedPolicies []*v1.ClusterPolicy, variables map[string
 					Name:   rule.Name,
 					Values: contextVal,
 				})
-
 			}
 		}
 		storePolices = append(storePolices, store.Policy{
@@ -451,4 +451,6 @@ func setInStoreContext(mutatedPolicies []*v1.ClusterPolicy, variables map[string
 	store.SetContext(store.Context{
 		Policies: storePolices,
 	})
+
+	return variables
 }