mirror of
https://github.com/kyverno/kyverno.git
synced 2024-12-14 11:57:48 +00:00
2a656f6de0
* feat: mutate existing, replace GR by UR in webhook server (#3601) * add attributes for post mutation Signed-off-by: ShutingZhao <shuting@nirmata.com> * add UR informer to webhook server Signed-off-by: ShutingZhao <shuting@nirmata.com> * - replace gr with ur in the webhook server; - create ur for mutateExsiting policies Signed-off-by: ShutingZhao <shuting@nirmata.com> * replace gr by ur across entire packages Signed-off-by: ShutingZhao <shuting@nirmata.com> * add YAMLs Signed-off-by: ShutingZhao <shuting@nirmata.com> * update api docs & fix unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * add UR deletion handler Signed-off-by: ShutingZhao <shuting@nirmata.com> * add api docs for v1beta1 Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix clientset method Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix v1beta1 client registration Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: mutate existing - generates UR for admission requests (#3623) Signed-off-by: ShutingZhao <shuting@nirmata.com> * replace with UR in policy controller generate rules (#3635) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * - enable mutate engine to process mutateExisting rules; - add unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * implemented ur background reconciliation for mutateExisting policies Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix webhook update error Signed-off-by: ShutingZhao <shuting@nirmata.com> * temporary comment out new unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: mutate existing, replace GR by UR in webhook server (#3601) * add attributes for post mutation Signed-off-by: ShutingZhao <shuting@nirmata.com> * add UR informer to webhook server Signed-off-by: ShutingZhao <shuting@nirmata.com> * - replace gr with ur in the webhook server; - create ur for mutateExsiting policies Signed-off-by: ShutingZhao <shuting@nirmata.com> * replace gr by ur across entire packages Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix missing policy.kyverno.io/policy-name label (#3599) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * refactor cli code from pkg to cmd (#3591) * refactor cli code from pkg to cmd Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com> * fixes in imports Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com> * fixes tests Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com> * fixed conflicts Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com> * moved non-commands to utils Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> * add YAMLs Signed-off-by: ShutingZhao <shuting@nirmata.com> * update api docs & fix unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * add UR deletion handler Signed-off-by: ShutingZhao <shuting@nirmata.com> * add api docs for v1beta1 Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix clientset method Signed-off-by: ShutingZhao <shuting@nirmata.com> * add-kms-libraries for cosign (#3603) * add-kms-libraries Signed-off-by: anushkamittal20 <anumittal4641@gmail.com> * Shifted providers to cosign package Signed-off-by: anushkamittal20 <anumittal4641@gmail.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> * Add support for custom image extractors (#3596) Signed-off-by: Sambhav Kothari <skothari44@bloomberg.net> * Update vulnerable dependencies (#3577) Signed-off-by: Shubham Gupta <shubham.gupta2956@gmail.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix v1beta1 client registration Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: mutate existing - generates UR for admission requests (#3623) Signed-off-by: ShutingZhao <shuting@nirmata.com> * updating version in Chart.yaml (#3618) * updatimg version in Chart.yaml Signed-off-by: Prateeknandle <prateeknandle@gmail.com> * changes from, make gen-helm Signed-off-by: Prateeknandle <prateeknandle@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> * Allow kyverno-policies to have preconditions defined (#3606) * Allow kyverno-policies to have preconditions defined Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Fix docs Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> Signed-off-by: ShutingZhao <shuting@nirmata.com> * replace with UR in policy controller generate rules (#3635) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> * - enable mutate engine to process mutateExisting rules; - add unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * implemented ur background reconciliation for mutateExisting policies Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix webhook update error Signed-off-by: ShutingZhao <shuting@nirmata.com> * temporary comment out new unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * Image verify attestors (#3614) * fix logs Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix logs Signed-off-by: Jim Bugwadia <jim@nirmata.com> * support multiple attestors Signed-off-by: Jim Bugwadia <jim@nirmata.com> * rm CLI tests (not currently supported) Signed-off-by: Jim Bugwadia <jim@nirmata.com> * apply attestor repo Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix entryError assignment Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * format Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add intermediary certs Signed-off-by: Jim Bugwadia <jim@nirmata.com> * Allow defining imagePullSecrets (#3633) * Allow defining imagePullSecrets Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Use dict for imagePullSecrets Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Simplify how imagePullSecrets is defined Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> Signed-off-by: ShutingZhao <shuting@nirmata.com> * Fix race condition in pCache (#3632) * fix race condition in pCache Signed-off-by: ShutingZhao <shuting@nirmata.com> * refact: remove unused Run function from generate (#3638) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * Remove helm mode setting (#3628) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> * refactor: image utils (#3630) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> * -resolve lift comments; -fix informer sync issue Signed-off-by: ShutingZhao <shuting@nirmata.com> * refact the update request cleanup controller Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * - fix delete request for mutateExisting; - fix context variable substitution; - improve logging Signed-off-by: ShutingZhao <shuting@nirmata.com> * - enable events; - add last applied annotation Signed-off-by: ShutingZhao <shuting@nirmata.com> * enable mutate existing on policy creation Signed-off-by: ShutingZhao <shuting@nirmata.com> * update autogen code Signed-off-by: ShutingZhao <shuting@nirmata.com> * merge main Signed-off-by: ShutingZhao <shuting@nirmata.com> * add unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * address list comments Signed-off-by: ShutingZhao <shuting@nirmata.com> * update api docs Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix "Implicit memory aliasing in for loop" Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove unused definitions Signed-off-by: ShutingZhao <shuting@nirmata.com> * update api docs Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com> Co-authored-by: Mritunjay Kumar Sharma <mritunjaysharma394@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Co-authored-by: Anushka Mittal <55237170+anushkamittal20@users.noreply.github.com> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com> Co-authored-by: Shubham Gupta <shubham.gupta2956@gmail.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Prateek Nandle <56027872+Prateeknandle@users.noreply.github.com> Co-authored-by: treydock <tdockendorf@osc.edu> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
652 lines
12 KiB
Go
652 lines
12 KiB
Go
package variables
|
|
|
|
import (
|
|
"encoding/json"
|
|
"reflect"
|
|
"testing"
|
|
|
|
urkyverno "github.com/kyverno/kyverno/api/kyverno/v1beta1"
|
|
"github.com/kyverno/kyverno/pkg/engine/context"
|
|
"gotest.tools/assert"
|
|
authenticationv1 "k8s.io/api/authentication/v1"
|
|
"sigs.k8s.io/controller-runtime/pkg/log"
|
|
)
|
|
|
|
func Test_variablesub1(t *testing.T) {
|
|
patternMap := []byte(`
|
|
{
|
|
"kind": "ClusterRole",
|
|
"name": "ns-owner-{{request.userInfo.username}}",
|
|
"data": {
|
|
"rules": [
|
|
{
|
|
"apiGroups": [
|
|
""
|
|
],
|
|
"resources": [
|
|
"namespaces"
|
|
],
|
|
"verbs": [
|
|
"*"
|
|
],
|
|
"resourceNames": [
|
|
"{{request.object.metadata.name}}"
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|
|
`)
|
|
|
|
resourceRaw := []byte(`
|
|
{
|
|
"metadata": {
|
|
"name": "temp",
|
|
"namespace": "n1"
|
|
},
|
|
"spec": {
|
|
"namespace": "n1",
|
|
"name": "temp1"
|
|
}
|
|
}
|
|
`)
|
|
// userInfo
|
|
userReqInfo := urkyverno.RequestInfo{
|
|
AdmissionUserInfo: authenticationv1.UserInfo{
|
|
Username: "user1",
|
|
},
|
|
}
|
|
|
|
resultMap := []byte(`{"data":{"rules":[{"apiGroups":[""],"resourceNames":["temp"],"resources":["namespaces"],"verbs":["*"]}]},"kind":"ClusterRole","name":"ns-owner-user1"}`)
|
|
|
|
var pattern, patternCopy, resource interface{}
|
|
var err error
|
|
err = json.Unmarshal(patternMap, &pattern)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
err = json.Unmarshal(patternMap, &patternCopy)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
err = json.Unmarshal(resourceRaw, &resource)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
// context
|
|
ctx := context.NewContext()
|
|
err = context.AddResource(ctx, resourceRaw)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
err = ctx.AddUserInfo(userReqInfo)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
if patternCopy, err = SubstituteAll(log.Log, ctx, patternCopy); err != nil {
|
|
t.Error(err)
|
|
}
|
|
resultRaw, err := json.Marshal(patternCopy)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
if !reflect.DeepEqual(resultRaw, resultMap) {
|
|
t.Log(string(resultMap))
|
|
t.Log(string(resultRaw))
|
|
t.Error("result does not match")
|
|
}
|
|
}
|
|
|
|
func Test_variablesub_multiple(t *testing.T) {
|
|
patternMap := []byte(`
|
|
{
|
|
"kind": "ClusterRole",
|
|
"name": "ns-owner-{{request.object.metadata.namespace}}-{{request.userInfo.username}}-bindings",
|
|
"data": {
|
|
"rules": [
|
|
{
|
|
"apiGroups": [
|
|
""
|
|
],
|
|
"resources": [
|
|
"namespaces"
|
|
],
|
|
"verbs": [
|
|
"*"
|
|
],
|
|
"resourceNames": [
|
|
"{{request.object.metadata.name}}"
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|
|
`)
|
|
|
|
resourceRaw := []byte(`
|
|
{
|
|
"metadata": {
|
|
"name": "temp",
|
|
"namespace": "n1"
|
|
},
|
|
"spec": {
|
|
"namespace": "n1",
|
|
"name": "temp1"
|
|
}
|
|
}
|
|
`)
|
|
// userInfo
|
|
userReqInfo := urkyverno.RequestInfo{
|
|
AdmissionUserInfo: authenticationv1.UserInfo{
|
|
Username: "user1",
|
|
},
|
|
}
|
|
|
|
resultMap := []byte(`{"data":{"rules":[{"apiGroups":[""],"resourceNames":["temp"],"resources":["namespaces"],"verbs":["*"]}]},"kind":"ClusterRole","name":"ns-owner-n1-user1-bindings"}`)
|
|
|
|
var pattern, patternCopy, resource interface{}
|
|
var err error
|
|
err = json.Unmarshal(patternMap, &pattern)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
err = json.Unmarshal(patternMap, &patternCopy)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
err = json.Unmarshal(resourceRaw, &resource)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
// context
|
|
ctx := context.NewContext()
|
|
err = context.AddResource(ctx, resourceRaw)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
err = ctx.AddUserInfo(userReqInfo)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
if patternCopy, err = SubstituteAll(log.Log, ctx, patternCopy); err != nil {
|
|
t.Error(err)
|
|
}
|
|
resultRaw, err := json.Marshal(patternCopy)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
if !reflect.DeepEqual(resultMap, resultRaw) {
|
|
t.Log(string(resultMap))
|
|
t.Log(string(resultRaw))
|
|
t.Error("result does not match")
|
|
}
|
|
}
|
|
func Test_variablesubstitution(t *testing.T) {
|
|
patternMap := []byte(`
|
|
{
|
|
"name": "ns-owner-{{request.userInfo.username}}",
|
|
"data": {
|
|
"rules": [
|
|
{
|
|
"apiGroups": [
|
|
""
|
|
],
|
|
"resources": [
|
|
"namespaces"
|
|
],
|
|
"verbs": [
|
|
"*"
|
|
],
|
|
"resourceNames": [
|
|
"{{request.object.metadata.name}}"
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|
|
`)
|
|
|
|
resourceRaw := []byte(`
|
|
{
|
|
"metadata": {
|
|
"name": "temp",
|
|
"namespace": "n1"
|
|
},
|
|
"spec": {
|
|
"namespace": "n1",
|
|
"name": "temp1"
|
|
}
|
|
}
|
|
`)
|
|
|
|
resultMap := []byte(`{"data":{"rules":[{"apiGroups":[""],"resourceNames":["temp"],"resources":["namespaces"],"verbs":["*"]}]},"name":"ns-owner-user1"}`)
|
|
// userInfo
|
|
userReqInfo := urkyverno.RequestInfo{
|
|
AdmissionUserInfo: authenticationv1.UserInfo{
|
|
Username: "user1",
|
|
},
|
|
}
|
|
var pattern, patternCopy, resource interface{}
|
|
var err error
|
|
err = json.Unmarshal(patternMap, &pattern)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
err = json.Unmarshal(patternMap, &patternCopy)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
err = json.Unmarshal(resourceRaw, &resource)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
// context
|
|
ctx := context.NewContext()
|
|
err = context.AddResource(ctx, resourceRaw)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
err = ctx.AddUserInfo(userReqInfo)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
if patternCopy, err = SubstituteAll(log.Log, ctx, patternCopy); err != nil {
|
|
t.Error(err)
|
|
}
|
|
resultRaw, err := json.Marshal(patternCopy)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
if !reflect.DeepEqual(resultMap, resultRaw) {
|
|
t.Log(string(resultMap))
|
|
t.Log(string(resultRaw))
|
|
t.Error("result does not match")
|
|
}
|
|
}
|
|
|
|
func Test_variableSubstitutionValue(t *testing.T) {
|
|
|
|
resourceRaw := []byte(`
|
|
{
|
|
"metadata": {
|
|
"name": "temp",
|
|
"namespace": "n1"
|
|
},
|
|
"spec": {
|
|
"namespace": "n1",
|
|
"name": "temp1"
|
|
}
|
|
}
|
|
`)
|
|
patternMap := []byte(`
|
|
{
|
|
"spec": {
|
|
"name": "{{request.object.metadata.name}}"
|
|
}
|
|
}
|
|
`)
|
|
|
|
resultMap := []byte(`{"spec":{"name":"temp"}}`)
|
|
|
|
var pattern, patternCopy, resource interface{}
|
|
var err error
|
|
err = json.Unmarshal(patternMap, &pattern)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
err = json.Unmarshal(patternMap, &patternCopy)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
err = json.Unmarshal(resourceRaw, &resource)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
// context
|
|
ctx := context.NewContext()
|
|
err = context.AddResource(ctx, resourceRaw)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
if patternCopy, err = SubstituteAll(log.Log, ctx, patternCopy); err != nil {
|
|
t.Error(err)
|
|
}
|
|
resultRaw, err := json.Marshal(patternCopy)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
if !reflect.DeepEqual(resultMap, resultRaw) {
|
|
t.Error("result does not match")
|
|
}
|
|
}
|
|
|
|
func Test_variableSubstitutionValueOperatorNotEqual(t *testing.T) {
|
|
|
|
resourceRaw := []byte(`
|
|
{
|
|
"metadata": {
|
|
"name": "temp",
|
|
"namespace": "n1"
|
|
},
|
|
"spec": {
|
|
"namespace": "n1",
|
|
"name": "temp1"
|
|
}
|
|
}
|
|
`)
|
|
patternMap := []byte(`
|
|
{
|
|
"spec": {
|
|
"name": "!{{request.object.metadata.name}}"
|
|
}
|
|
}
|
|
`)
|
|
resultMap := []byte(`{"spec":{"name":"!temp"}}`)
|
|
|
|
var pattern, patternCopy, resource interface{}
|
|
var err error
|
|
err = json.Unmarshal(patternMap, &pattern)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
err = json.Unmarshal(patternMap, &patternCopy)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
err = json.Unmarshal(resourceRaw, &resource)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
// context
|
|
ctx := context.NewContext()
|
|
err = context.AddResource(ctx, resourceRaw)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
if patternCopy, err = SubstituteAll(log.Log, ctx, patternCopy); err != nil {
|
|
t.Error(err)
|
|
}
|
|
resultRaw, err := json.Marshal(patternCopy)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
if !reflect.DeepEqual(resultMap, resultRaw) {
|
|
t.Log(string(resultRaw))
|
|
t.Log(string(resultMap))
|
|
t.Error("result does not match")
|
|
}
|
|
}
|
|
|
|
func Test_variableSubstitutionValueFail(t *testing.T) {
|
|
|
|
resourceRaw := []byte(`
|
|
{
|
|
"metadata": {
|
|
"name": "temp",
|
|
"namespace": "n1"
|
|
},
|
|
"spec": {
|
|
"namespace": "n1",
|
|
"name": "temp1"
|
|
}
|
|
}
|
|
`)
|
|
patternMap := []byte(`
|
|
{
|
|
"spec": {
|
|
"name": "{{request.object.metadata.name1}}"
|
|
}
|
|
}
|
|
`)
|
|
|
|
var pattern, patternCopy, resource interface{}
|
|
var err error
|
|
err = json.Unmarshal(patternMap, &pattern)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
err = json.Unmarshal(patternMap, &patternCopy)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
err = json.Unmarshal(resourceRaw, &resource)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
// context
|
|
ctx := context.NewContext()
|
|
err = context.AddResource(ctx, resourceRaw)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
if patternCopy, err = SubstituteAll(log.Log, ctx, patternCopy); err == nil {
|
|
t.Log("expected to fails")
|
|
t.Fail()
|
|
}
|
|
|
|
}
|
|
|
|
func Test_variableSubstitutionObject(t *testing.T) {
|
|
resourceRaw := []byte(`
|
|
{
|
|
"metadata": {
|
|
"name": "temp",
|
|
"namespace": "n1"
|
|
},
|
|
"spec": {
|
|
"namespace": "n1",
|
|
"variable": {
|
|
"var1": "temp1",
|
|
"var2": "temp2",
|
|
"varNested": {
|
|
"var1": "temp1"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
`)
|
|
patternMap := []byte(`
|
|
{
|
|
"spec": {
|
|
"variable": "{{request.object.spec.variable}}"
|
|
}
|
|
}
|
|
`)
|
|
resultMap := []byte(`{"spec":{"variable":{"var1":"temp1","var2":"temp2","varNested":{"var1":"temp1"}}}}`)
|
|
|
|
var pattern, patternCopy, resource interface{}
|
|
var err error
|
|
err = json.Unmarshal(patternMap, &pattern)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
err = json.Unmarshal(patternMap, &patternCopy)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
err = json.Unmarshal(resourceRaw, &resource)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
// context
|
|
ctx := context.NewContext()
|
|
err = context.AddResource(ctx, resourceRaw)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
if patternCopy, err = SubstituteAll(log.Log, ctx, patternCopy); err != nil {
|
|
t.Error(err)
|
|
}
|
|
resultRaw, err := json.Marshal(patternCopy)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
if !reflect.DeepEqual(resultMap, resultRaw) {
|
|
t.Log(string(resultRaw))
|
|
t.Log(string(resultMap))
|
|
t.Error("result does not match")
|
|
}
|
|
}
|
|
|
|
func Test_variableSubstitutionObjectOperatorNotEqualFail(t *testing.T) {
|
|
resourceRaw := []byte(`
|
|
{
|
|
"metadata": {
|
|
"name": "temp",
|
|
"namespace": "n1"
|
|
},
|
|
"spec": {
|
|
"namespace": "n1",
|
|
"variable": {
|
|
"var1": "temp1",
|
|
"var2": "temp2",
|
|
"varNested": {
|
|
"var1": "temp1"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
`)
|
|
patternMap := []byte(`
|
|
{
|
|
"spec": {
|
|
"variable": "!{{request.object.spec.variable}}"
|
|
}
|
|
}
|
|
`)
|
|
|
|
var pattern, patternCopy, resource interface{}
|
|
var err error
|
|
err = json.Unmarshal(patternMap, &pattern)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
err = json.Unmarshal(patternMap, &patternCopy)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
err = json.Unmarshal(resourceRaw, &resource)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
// context
|
|
ctx := context.NewContext()
|
|
err = context.AddResource(ctx, resourceRaw)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
patternCopy, err = SubstituteAll(log.Log, ctx, patternCopy)
|
|
assert.NilError(t, err)
|
|
|
|
patternMapCopy, ok := patternCopy.(map[string]interface{})
|
|
assert.Assert(t, ok)
|
|
|
|
specInterface, ok := patternMapCopy["spec"]
|
|
assert.Assert(t, ok)
|
|
|
|
specMap, ok := specInterface.(map[string]interface{})
|
|
assert.Assert(t, ok)
|
|
|
|
variableInterface, ok := specMap["variable"]
|
|
assert.Assert(t, ok)
|
|
|
|
variableString, ok := variableInterface.(string)
|
|
assert.Assert(t, ok)
|
|
|
|
expected := `!{"var1":"temp1","var2":"temp2","varNested":{"var1":"temp1"}}`
|
|
assert.Equal(t, expected, variableString)
|
|
}
|
|
|
|
func Test_variableSubstitutionMultipleObject(t *testing.T) {
|
|
resourceRaw := []byte(`
|
|
{
|
|
"metadata": {
|
|
"name": "temp",
|
|
"namespace": "n1"
|
|
},
|
|
"spec": {
|
|
"namespace": "n1",
|
|
"variable": {
|
|
"var1": "temp1",
|
|
"var2": "temp2",
|
|
"varNested": {
|
|
"var1": "temp1"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
`)
|
|
patternMap := []byte(`
|
|
{
|
|
"spec": {
|
|
"var": "{{request.object.spec.variable.varNested.var1}}",
|
|
"variable": "{{request.object.spec.variable}}"
|
|
}
|
|
}
|
|
`)
|
|
|
|
resultMap := []byte(`{"spec":{"var":"temp1","variable":{"var1":"temp1","var2":"temp2","varNested":{"var1":"temp1"}}}}`)
|
|
|
|
var pattern, patternCopy, resource interface{}
|
|
var err error
|
|
err = json.Unmarshal(patternMap, &pattern)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
err = json.Unmarshal(patternMap, &patternCopy)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
err = json.Unmarshal(resourceRaw, &resource)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
// context
|
|
ctx := context.NewContext()
|
|
err = context.AddResource(ctx, resourceRaw)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
if patternCopy, err = SubstituteAll(log.Log, ctx, patternCopy); err != nil {
|
|
t.Error(err)
|
|
}
|
|
resultRaw, err := json.Marshal(patternCopy)
|
|
if err != nil {
|
|
t.Error(err)
|
|
}
|
|
if !reflect.DeepEqual(resultMap, resultRaw) {
|
|
t.Log(string(resultRaw))
|
|
t.Log(string(resultMap))
|
|
t.Error("result does not match")
|
|
}
|
|
}
|