mirror of
https://github.com/kyverno/kyverno.git
synced 2024-12-14 11:57:48 +00:00
163 lines
4.9 KiB
Go
163 lines
4.9 KiB
Go
package operator
|
|
|
|
import (
|
|
"fmt"
|
|
"math"
|
|
"strconv"
|
|
|
|
"github.com/go-logr/logr"
|
|
"github.com/kyverno/kyverno/pkg/engine/context"
|
|
datautils "github.com/kyverno/kyverno/pkg/utils/data"
|
|
wildcard "github.com/kyverno/kyverno/pkg/utils/wildcard"
|
|
"k8s.io/apimachinery/pkg/api/resource"
|
|
)
|
|
|
|
// NewEqualHandler returns handler to manage Equal operations
|
|
func NewEqualHandler(log logr.Logger, ctx context.EvalInterface) OperatorHandler {
|
|
return EqualHandler{
|
|
ctx: ctx,
|
|
log: log,
|
|
}
|
|
}
|
|
|
|
// EqualHandler provides implementation to handle NotEqual Operator
|
|
type EqualHandler struct {
|
|
ctx context.EvalInterface
|
|
log logr.Logger
|
|
}
|
|
|
|
// Evaluate evaluates expression with Equal Operator
|
|
func (eh EqualHandler) Evaluate(key, value interface{}) bool {
|
|
// key and value need to be of same type
|
|
switch typedKey := key.(type) {
|
|
case bool:
|
|
return eh.validateValueWithBoolPattern(typedKey, value)
|
|
case int:
|
|
return eh.validateValueWithIntPattern(int64(typedKey), value)
|
|
case int64:
|
|
return eh.validateValueWithIntPattern(typedKey, value)
|
|
case float64:
|
|
return eh.validateValueWithFloatPattern(typedKey, value)
|
|
case string:
|
|
return eh.validateValueWithStringPattern(typedKey, value)
|
|
case map[string]interface{}:
|
|
return eh.validateValueWithMapPattern(typedKey, value)
|
|
case []interface{}:
|
|
return eh.validateValueWithSlicePattern(typedKey, value)
|
|
default:
|
|
eh.log.V(2).Info("Unsupported type", "value", typedKey, "type", fmt.Sprintf("%T", typedKey))
|
|
return false
|
|
}
|
|
}
|
|
|
|
func (eh EqualHandler) validateValueWithSlicePattern(key []interface{}, value interface{}) bool {
|
|
if val, ok := value.([]interface{}); ok {
|
|
return datautils.DeepEqual(key, val)
|
|
}
|
|
eh.log.V(2).Info("Expected type []interface{}", "value", value, "type", fmt.Sprintf("%T", value))
|
|
return false
|
|
}
|
|
|
|
func (eh EqualHandler) validateValueWithMapPattern(key map[string]interface{}, value interface{}) bool {
|
|
if val, ok := value.(map[string]interface{}); ok {
|
|
return datautils.DeepEqual(key, val)
|
|
}
|
|
eh.log.V(2).Info("Expected type map[string]interface{}", "value", value, "type", fmt.Sprintf("%T", value))
|
|
return false
|
|
}
|
|
|
|
func (eh EqualHandler) validateValueWithStringPattern(key string, value interface{}) bool {
|
|
// We need to check duration first as it's the only type that can be compared to a different type.
|
|
durationKey, durationValue, err := parseDuration(key, value)
|
|
if err == nil {
|
|
return durationKey.Seconds() == durationValue.Seconds()
|
|
}
|
|
|
|
// Attempt to extract resource quantity from string.
|
|
resourceKey, err := resource.ParseQuantity(key)
|
|
if err == nil {
|
|
switch typedValue := value.(type) {
|
|
case string:
|
|
resourceValue, err := resource.ParseQuantity(typedValue)
|
|
if err != nil {
|
|
eh.log.Error(fmt.Errorf("parse error: "), "Failed to parse value type doesn't match key type")
|
|
return false
|
|
}
|
|
return resourceKey.Equal(resourceValue)
|
|
}
|
|
}
|
|
|
|
if val, ok := value.(string); ok {
|
|
return wildcard.Match(val, key)
|
|
}
|
|
|
|
eh.log.V(2).Info("Expected type string", "value", value, "type", fmt.Sprintf("%T", value))
|
|
return false
|
|
}
|
|
|
|
func (eh EqualHandler) validateValueWithFloatPattern(key float64, value interface{}) bool {
|
|
switch typedValue := value.(type) {
|
|
case int:
|
|
// check that float has not fraction
|
|
if key == math.Trunc(key) {
|
|
return int(key) == typedValue
|
|
}
|
|
eh.log.V(2).Info("Expected type float, found int", "typedValue", typedValue)
|
|
case int64:
|
|
// check that float has not fraction
|
|
if key == math.Trunc(key) {
|
|
return int64(key) == typedValue
|
|
}
|
|
eh.log.V(2).Info("Expected type float, found int", "typedValue", typedValue)
|
|
case float64:
|
|
return typedValue == key
|
|
case string:
|
|
// extract float from string
|
|
float64Num, err := strconv.ParseFloat(typedValue, 64)
|
|
if err != nil {
|
|
eh.log.Error(err, "Failed to parse float64 from string")
|
|
return false
|
|
}
|
|
return float64Num == key
|
|
default:
|
|
eh.log.V(2).Info("Expected type float", "value", value, "type", fmt.Sprintf("%T", value))
|
|
return false
|
|
}
|
|
return false
|
|
}
|
|
|
|
func (eh EqualHandler) validateValueWithBoolPattern(key bool, value interface{}) bool {
|
|
typedValue, ok := value.(bool)
|
|
if !ok {
|
|
eh.log.V(2).Info("Expected type bool", "value", value, "type", fmt.Sprintf("%T", value))
|
|
return false
|
|
}
|
|
return key == typedValue
|
|
}
|
|
|
|
func (eh EqualHandler) validateValueWithIntPattern(key int64, value interface{}) bool {
|
|
switch typedValue := value.(type) {
|
|
case int:
|
|
return int64(typedValue) == key
|
|
case int64:
|
|
return typedValue == key
|
|
case float64:
|
|
// check that float has no fraction
|
|
if typedValue == math.Trunc(typedValue) {
|
|
return int64(typedValue) == key
|
|
}
|
|
eh.log.V(2).Info("Expected type int, found float", "value", typedValue, "type", fmt.Sprintf("%T", typedValue))
|
|
return false
|
|
case string:
|
|
// extract in64 from string
|
|
int64Num, err := strconv.ParseInt(typedValue, 10, 64)
|
|
if err != nil {
|
|
eh.log.Error(err, "Failed to parse int64 from string")
|
|
return false
|
|
}
|
|
return int64Num == key
|
|
default:
|
|
eh.log.V(2).Info("Expected type int", "value", value, "type", fmt.Sprintf("%T", value))
|
|
return false
|
|
}
|
|
}
|