mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-26 01:24:26 +00:00
8d915b52ce
* feat: add variables Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: implement evaluator Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: build Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: linter Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: unit tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
86 lines
1.7 KiB
Go
86 lines
1.7 KiB
Go
package match
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/kyverno/kyverno/api/policies.kyverno.io/v1alpha1"
|
|
"github.com/stretchr/testify/assert"
|
|
"k8s.io/apimachinery/pkg/util/validation/field"
|
|
)
|
|
|
|
func Test_Match(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
imageRules []v1alpha1.ImageRule
|
|
image string
|
|
wantResult bool
|
|
wantErr bool
|
|
}{
|
|
{
|
|
name: "standard pass",
|
|
imageRules: []v1alpha1.ImageRule{
|
|
{
|
|
Glob: "ghcr.io/*",
|
|
},
|
|
{
|
|
CELExpression: "ref == \"ghcr.io/kyverno/kyverno\"",
|
|
},
|
|
},
|
|
image: "ghcr.io/kyverno/kyverno",
|
|
wantResult: true,
|
|
wantErr: false,
|
|
},
|
|
{
|
|
name: "standard fail",
|
|
imageRules: []v1alpha1.ImageRule{
|
|
{
|
|
Glob: "ghcr.io/*",
|
|
},
|
|
{
|
|
CELExpression: "ref == \"ghcr.io/kyverno/kyverno\"",
|
|
},
|
|
},
|
|
image: "kyverno/kyverno",
|
|
wantResult: false,
|
|
wantErr: false,
|
|
},
|
|
{
|
|
name: "second rule matches",
|
|
imageRules: []v1alpha1.ImageRule{
|
|
{
|
|
Glob: "index.docker.io/*",
|
|
},
|
|
{
|
|
CELExpression: "ref == \"ghcr.io/kyverno/kyverno\"",
|
|
},
|
|
},
|
|
image: "ghcr.io/kyverno/kyverno",
|
|
wantResult: true,
|
|
wantErr: false,
|
|
},
|
|
{
|
|
name: "invalid cel expression",
|
|
imageRules: []v1alpha1.ImageRule{
|
|
{
|
|
CELExpression: "\"foo\"",
|
|
},
|
|
},
|
|
image: "ghcr.io/kyverno/kyverno",
|
|
wantResult: false,
|
|
wantErr: true,
|
|
},
|
|
}
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
c, errList := CompileMatches(field.NewPath("spec", "imageRules"), tt.imageRules)
|
|
assert.Nil(t, errList)
|
|
matched, err := Match(c, tt.image)
|
|
if tt.wantErr {
|
|
assert.Error(t, err)
|
|
} else {
|
|
assert.NoError(t, err)
|
|
assert.Equal(t, tt.wantResult, matched)
|
|
}
|
|
})
|
|
}
|
|
}
|