mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-05 15:37:19 +00:00
48d9ebba2c
* uses regular expressions Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * adds regex capture Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * creates anchor instance Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * remove IsAnchor Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * added interface Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * remove static funcs Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * adapt Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * value receiver Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * simplify Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * error Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * renames Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * nit Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * ficx Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * error Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * unit tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * unit tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>
44 lines
1.4 KiB
Go
44 lines
1.4 KiB
Go
package anchor
|
|
|
|
// AnchorMap - contains map of anchors
|
|
type AnchorMap struct {
|
|
// anchorMap - for each anchor key in the patterns it will maintain information if the key exists in the resource
|
|
// if anchor key of the pattern exists in the resource then (key)=true else (key)=false
|
|
anchorMap map[string]bool
|
|
// AnchorError - used in validate to break execution of the recursion when if condition fails
|
|
AnchorError validateAnchorError
|
|
}
|
|
|
|
// NewAnchorMap -initialize anchorMap
|
|
func NewAnchorMap() *AnchorMap {
|
|
return &AnchorMap{anchorMap: map[string]bool{}}
|
|
}
|
|
|
|
// KeysAreMissing - if any of the anchor key doesn't exists in the resource then it will return true
|
|
// if any of (key)=false then return KeysAreMissing() as true
|
|
// if all the keys exists in the pattern exists in resource then return KeysAreMissing() as false
|
|
func (ac *AnchorMap) KeysAreMissing() bool {
|
|
for _, v := range ac.anchorMap {
|
|
if !v {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|
|
|
|
// CheckAnchorInResource checks if condition anchor key has values
|
|
func (ac *AnchorMap) CheckAnchorInResource(pattern map[string]interface{}, resource interface{}) {
|
|
for key := range pattern {
|
|
if a := Parse(key); IsCondition(a) || IsExistence(a) || IsNegation(a) {
|
|
val, ok := ac.anchorMap[key]
|
|
if !ok {
|
|
ac.anchorMap[key] = false
|
|
} else if ok && val {
|
|
continue
|
|
}
|
|
if resourceHasValueForKey(resource, a.Key()) {
|
|
ac.anchorMap[key] = true
|
|
}
|
|
}
|
|
}
|
|
}
|