From 7a0399bb9955cab144be47339ddb7957b04cc8c3 Mon Sep 17 00:00:00 2001 From: Vishal Choudhary Date: Fri, 23 Feb 2024 22:16:02 +0530 Subject: [PATCH] fix: violation not visible in json output (#314) Signed-off-by: Vishal Choudhary --- pkg/commands/scan/options.go | 3 +-- pkg/json-engine/engine.go | 2 +- pkg/matching/match.go | 15 +++++++-------- pkg/server/model/response.go | 5 +++-- test/api/go/main/main.go | 4 ++-- 5 files changed, 14 insertions(+), 15 deletions(-) diff --git a/pkg/commands/scan/options.go b/pkg/commands/scan/options.go index 027d1258..c0fd2ca0 100644 --- a/pkg/commands/scan/options.go +++ b/pkg/commands/scan/options.go @@ -13,7 +13,6 @@ import ( "github.com/kyverno/kyverno-json/pkg/policy" "github.com/kyverno/kyverno/ext/output/pluralize" "github.com/spf13/cobra" - "go.uber.org/multierr" "k8s.io/apimachinery/pkg/labels" ) @@ -89,7 +88,7 @@ func (c *options) run(cmd *cobra.Command, _ []string) error { if rule.Error != nil { out.println("-", policy.Policy.Name, "/", rule.Rule.Name, "/", rule.Identifier, "ERROR:", rule.Error.Error()) } else if len(rule.Violations) != 0 { - out.println("-", policy.Policy.Name, "/", rule.Rule.Name, "/", rule.Identifier, "FAILED:", multierr.Combine(rule.Violations...).Error()) + out.println("-", policy.Policy.Name, "/", rule.Rule.Name, "/", rule.Identifier, "FAILED:", strings.Join(rule.Violations, "; ")) } else { // TODO: handle skip, warn out.println("-", policy.Policy.Name, "/", rule.Rule.Name, "/", rule.Identifier, "PASSED") diff --git a/pkg/json-engine/engine.go b/pkg/json-engine/engine.go index f5c70c0e..0ededfec 100644 --- a/pkg/json-engine/engine.go +++ b/pkg/json-engine/engine.go @@ -32,7 +32,7 @@ type RuleResponse struct { Rule v1alpha1.ValidatingRule Identifier string Error error - Violations []error + Violations []string } // PolicyResult specifies state of a policy result diff --git a/pkg/matching/match.go b/pkg/matching/match.go index de499cc3..1123ddb2 100644 --- a/pkg/matching/match.go +++ b/pkg/matching/match.go @@ -2,7 +2,6 @@ package matching import ( "context" - "errors" "github.com/jmespath-community/go-jmespath/pkg/binding" "github.com/kyverno/kyverno-json/pkg/apis/policy/v1alpha1" @@ -11,12 +10,12 @@ import ( "k8s.io/apimachinery/pkg/util/validation/field" ) -func MatchAssert(ctx context.Context, path *field.Path, match *v1alpha1.Assert, actual any, bindings binding.Bindings, opts ...template.Option) ([]error, error) { +func MatchAssert(ctx context.Context, path *field.Path, match *v1alpha1.Assert, actual any, bindings binding.Bindings, opts ...template.Option) ([]string, error) { if match == nil || (len(match.Any) == 0 && len(match.All) == 0) { return nil, field.Invalid(path, match, "an empty assert is not valid") } else { if len(match.Any) != 0 { - var fails []error + var fails []string path := path.Child("any") for i, assertion := range match.Any { checkFails, err := assert.Assert(ctx, path.Index(i).Child("check"), assert.Parse(ctx, assertion.Check.Value), actual, bindings, opts...) @@ -30,9 +29,9 @@ func MatchAssert(ctx context.Context, path *field.Path, match *v1alpha1.Assert, if assertion.Message != "" { msg := template.String(ctx, assertion.Message, actual, bindings, opts...) msg += ": " + checkFails.ToAggregate().Error() - fails = append(fails, errors.New(msg)) + fails = append(fails, msg) } else { - fails = append(fails, checkFails.ToAggregate()) + fails = append(fails, checkFails.ToAggregate().Error()) } } if fails != nil { @@ -40,7 +39,7 @@ func MatchAssert(ctx context.Context, path *field.Path, match *v1alpha1.Assert, } } if len(match.All) != 0 { - var fails []error + var fails []string path := path.Child("all") for i, assertion := range match.All { checkFails, err := assert.Assert(ctx, path.Index(i).Child("check"), assert.Parse(ctx, assertion.Check.Value), actual, bindings, opts...) @@ -51,9 +50,9 @@ func MatchAssert(ctx context.Context, path *field.Path, match *v1alpha1.Assert, if assertion.Message != "" { msg := template.String(ctx, assertion.Message, actual, bindings, opts...) msg += ": " + checkFails.ToAggregate().Error() - fails = append(fails, errors.New(msg)) + fails = append(fails, msg) } else { - fails = append(fails, checkFails.ToAggregate()) + fails = append(fails, checkFails.ToAggregate().Error()) } } } diff --git a/pkg/server/model/response.go b/pkg/server/model/response.go index 66a6c465..416c18b1 100644 --- a/pkg/server/model/response.go +++ b/pkg/server/model/response.go @@ -1,8 +1,9 @@ package model import ( + "strings" + jsonengine "github.com/kyverno/kyverno-json/pkg/json-engine" - "go.uber.org/multierr" ) type Response struct { @@ -51,7 +52,7 @@ func makeMessage(rule jsonengine.RuleResponse) string { return rule.Error.Error() } if len(rule.Violations) != 0 { - return multierr.Combine(rule.Violations...).Error() + return strings.Join(rule.Violations, "; ") } return "" } diff --git a/test/api/go/main/main.go b/test/api/go/main/main.go index 7a277a89..b8b640da 100644 --- a/test/api/go/main/main.go +++ b/test/api/go/main/main.go @@ -4,10 +4,10 @@ import ( "context" "encoding/json" "log" + "strings" jsonengine "github.com/kyverno/kyverno-json/pkg/json-engine" "github.com/kyverno/kyverno-json/pkg/policy" - "go.uber.org/multierr" ) const policyYAML = ` @@ -70,7 +70,7 @@ func main() { if rule.Error != nil { logger.Printf("error: %s/%s -> %s: %s", policy.Policy.Name, rule.Rule.Name, rule.Identifier, rule.Error) } else if len(rule.Violations) != 0 { - logger.Printf("fail: %s/%s -> %s: %s", policy.Policy.Name, rule.Rule.Name, rule.Identifier, multierr.Combine(rule.Violations...)) + logger.Printf("fail: %s/%s -> %s: %s", policy.Policy.Name, rule.Rule.Name, rule.Identifier, strings.Join(rule.Violations, "; ")) } else { logger.Printf("pass: %s/%s -> %s", policy.Policy.Name, rule.Rule.Name, rule.Identifier) }