From e5b9af44e7cb928ddb9c9faf01d68ee8c9226d86 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Charles-Edouard=20Br=C3=A9t=C3=A9ch=C3=A9?=
 <charled.breteche@gmail.com>
Date: Thu, 20 Oct 2022 13:36:46 +0200
Subject: [PATCH] fix: make reponse order predictable (#5079)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

make response order predictable
---
 pkg/engine/validate/utils.go    | 11 ++++++++++-
 pkg/engine/validate/validate.go | 10 +++++++++-
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/pkg/engine/validate/utils.go b/pkg/engine/validate/utils.go
index ecdeb051f5..ee369bf1b6 100644
--- a/pkg/engine/validate/utils.go
+++ b/pkg/engine/validate/utils.go
@@ -2,6 +2,7 @@ package validate
 
 import (
 	"container/list"
+	"sort"
 
 	commonAnchors "github.com/kyverno/kyverno/pkg/engine/anchor"
 )
@@ -34,7 +35,15 @@ func hasNestedAnchors(pattern interface{}) bool {
 // getSortedNestedAnchorResource - sorts anchors key
 func getSortedNestedAnchorResource(resources map[string]interface{}) *list.List {
 	sortedResourceKeys := list.New()
-	for k, v := range resources {
+
+	keys := make([]string, 0, len(resources))
+	for k := range resources {
+		keys = append(keys, k)
+	}
+	sort.Strings(keys)
+
+	for _, k := range keys {
+		v := resources[k]
 		if commonAnchors.IsGlobalAnchor(k) {
 			sortedResourceKeys.PushFront(k)
 			continue
diff --git a/pkg/engine/validate/validate.go b/pkg/engine/validate/validate.go
index f9a10e6ce2..823bf4b0db 100644
--- a/pkg/engine/validate/validate.go
+++ b/pkg/engine/validate/validate.go
@@ -2,6 +2,7 @@ package validate
 
 import (
 	"fmt"
+	"sort"
 	"strconv"
 
 	"github.com/go-logr/logr"
@@ -121,8 +122,15 @@ func validateMap(log logr.Logger, resourceMap, patternMap map[string]interface{}
 	// Phase 2 : Evaluate non-anchors
 	anchors, resources := anchor.GetAnchorsResourcesFromMap(patternMap)
 
+	keys := make([]string, 0, len(anchors))
+	for k := range anchors {
+		keys = append(keys, k)
+	}
+	sort.Strings(keys)
+
 	// Evaluate anchors
-	for key, patternElement := range anchors {
+	for _, key := range keys {
+		patternElement := anchors[key]
 		// get handler for each pattern in the pattern
 		// - Conditional
 		// - Existence