refactor: make json engine request about a single resource (#273)

* fix: remove deps from engine to api Signed-off-by: Charles-Edouard Brétéché <[email protected]> * binding Signed-off-by: Charles-Edouard Brétéché <[email protected]> * refactor: make json engine request about a single resource Signed-off-by: Charles-Edouard Brétéché <[email protected]> --------- Signed-off-by: Charles-Edouard Brétéché <[email protected]>
kyverno · Jan 9, 2024 · f1cfec6 · f1cfec6
1 parent 9e6f30b
commit f1cfec6
Show file tree

Hide file tree

Showing 5 changed files with 37 additions and 30 deletions.
diff --git a/pkg/commands/scan/options.go b/pkg/commands/scan/options.go
@@ -75,10 +75,13 @@ func (c *options) run(cmd *cobra.Command, _ []string) error {
 	}
 	out.println("Running", "(", "evaluating", len(resources), pluralize.Pluralize(len(resources), "resource", "resources"), "against", len(policies), pluralize.Pluralize(len(policies), "policy", "policies"), ")", "...")
 	e := jsonengine.New()
-	responses := e.Run(context.Background(), jsonengine.Request{
-		Resources: resources,
-		Policies:  policies,
-	})
+	var responses []jsonengine.RuleResponse
+	for _, resource := range resources {
+		responses = append(responses, e.Run(context.Background(), jsonengine.Request{
+			Resource: resource,
+			Policies: policies,
+		})...)
+	}
 	for _, response := range responses {
 		if response.Result == jsonengine.StatusFail {
 			out.println("-", response.PolicyName, "/", response.RuleName, "/", response.Identifier, "FAILED:", response.Message)

diff --git a/pkg/json-engine/engine.go b/pkg/json-engine/engine.go
@@ -16,8 +16,8 @@ import (
 )
 
 type Request struct {
-	Resources []interface{}
-	Policies  []*v1alpha1.ValidatingPolicy
+	Resource interface{}
+	Policies []*v1alpha1.ValidatingPolicy
 }
 
 type Response struct {
@@ -54,20 +54,18 @@ func New() engine.Engine[Request, RuleResponse] {
 	looper := func(r Request) []request {
 		var requests []request
 		bindings := jpbinding.NewBindings()
-		for _, resource := range r.Resources {
-			bindings = bindings.Register("$payload", jpbinding.NewBinding(resource))
-			for _, policy := range r.Policies {
-				bindings = bindings.Register("$policy", jpbinding.NewBinding(policy))
-				for _, rule := range policy.Spec.Rules {
-					bindings = bindings.Register("$rule", jpbinding.NewBinding(rule))
-					bindings = binding.NewContextBindings(bindings, resource, rule.Context...)
-					requests = append(requests, request{
-						policy:   policy,
-						rule:     rule,
-						value:    resource,
-						bindings: bindings,
-					})
-				}
+		bindings = bindings.Register("$payload", jpbinding.NewBinding(r.Resource))
+		for _, policy := range r.Policies {
+			bindings = bindings.Register("$policy", jpbinding.NewBinding(policy))
+			for _, rule := range policy.Spec.Rules {
+				bindings = bindings.Register("$rule", jpbinding.NewBinding(rule))
+				bindings = binding.NewContextBindings(bindings, r.Resource, rule.Context...)
+				requests = append(requests, request{
+					policy:   policy,
+					rule:     rule,
+					value:    r.Resource,
+					bindings: bindings,
+				})
 			}
 		}
 		return requests

diff --git a/pkg/server/playground/handler.go b/pkg/server/playground/handler.go
@@ -56,10 +56,13 @@ func newHandler() (gin.HandlerFunc, error) {
 		}
 		// run engine
 		e := jsonengine.New()
-		results := e.Run(context.Background(), jsonengine.Request{
-			Resources: resources,
-			Policies:  []*v1alpha1.ValidatingPolicy{&policy},
-		})
+		var results []jsonengine.RuleResponse
+		for _, resource := range resources {
+			results = append(results, e.Run(context.Background(), jsonengine.Request{
+				Resource: resource,
+				Policies: []*v1alpha1.ValidatingPolicy{&policy},
+			})...)
+		}
 		return &jsonengine.Response{Results: results}, nil
 	}, http.StatusOK), nil
 }
diff --git a/pkg/server/scan/handler.go b/pkg/server/scan/handler.go
@@ -52,10 +52,13 @@ func newHandler(policyProvider PolicyProvider) (gin.HandlerFunc, error) {
 		}
 		// run engine
 		e := jsonengine.New()
-		results := e.Run(context.Background(), jsonengine.Request{
-			Resources: resources,
-			Policies:  pols,
-		})
+		var results []jsonengine.RuleResponse
+		for _, resource := range resources {
+			results = append(results, e.Run(context.Background(), jsonengine.Request{
+				Resource: resource,
+				Policies: pols,
+			})...)
+		}
 		// TODO: return HTTP 403 for policy failure and HTTP 406 for policy errors
 		return &jsonengine.Response{Results: results}, nil
 	}, http.StatusOK), nil

diff --git a/test/api/go/main/main.go b/test/api/go/main/main.go
@@ -51,8 +51,8 @@ func main() {
 
 	// create a Request
 	request := jsonengine.Request{
-		Resources: []interface{}{payload},
-		Policies:  policies,
+		Resource: payload,
+		Policies: policies,
 	}
 
 	// create an engine