From d1d64d151a6748a0de662aef858a422833c1ac90 Mon Sep 17 00:00:00 2001 From: Nikita Pivkin Date: Thu, 18 Jul 2024 17:03:05 +0700 Subject: [PATCH 1/3] feat: add function to retrieve object by path Signed-off-by: Nikita Pivkin --- lib/cloud/metadata.rego | 18 ++++++++++++++++++ lib/cloud/metadata_test.rego | 34 ++++++++++++++++++++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 lib/cloud/metadata.rego create mode 100644 lib/cloud/metadata_test.rego diff --git a/lib/cloud/metadata.rego b/lib/cloud/metadata.rego new file mode 100644 index 00000000..93a670b1 --- /dev/null +++ b/lib/cloud/metadata.rego @@ -0,0 +1,18 @@ +# METADATA +# custom: +# library: true +package lib.cloud.metadata + +import rego.v1 + +# Returns the object found by the given path +# if child object is not found, returns the last found object +obj_by_path(obj, path) := res if { + occurrenses := {obj_path: child_object | + walk(obj, [obj_path, child_object]) + child_object.__defsec_metadata + object.subset(path, obj_path) + } + + res := occurrenses[max(object.keys(occurrenses))] +} else := obj diff --git a/lib/cloud/metadata_test.rego b/lib/cloud/metadata_test.rego new file mode 100644 index 00000000..f62adc38 --- /dev/null +++ b/lib/cloud/metadata_test.rego @@ -0,0 +1,34 @@ +package lib.cloud.metadata_test + +import rego.v1 + +import data.lib.cloud.metadata + +test_obj_by_path_happy if { + bar := with_meta({"value": 1}) + obj := with_meta({"foo": with_meta({"bar": bar})}) + + metadata.obj_by_path(obj, ["foo", "bar"]) == bar +} + +test_obj_by_path_when_target_not_found_then_return_last_found if { + foo := with_meta({"bar": with_meta({"value": 1})}) + obj := with_meta({"foo": foo}) + + metadata.obj_by_path(obj, ["foo", "baz"]) == foo +} + +test_obj_by_path_when_target_not_found_then_return_obj if { + foo := with_meta({"bar": with_meta({"value": 1})}) + obj := with_meta({"foo": foo}) + + metadata.obj_by_path(obj, "baz") == obj +} + +test_obj_by_path_skip_without_metadata if { + obj := with_meta({"foo": {"bar": with_meta({"value": 1})}}) + + metadata.obj_by_path(obj, ["foo", "baz"]) == obj +} + +with_meta(obj) := object.union(obj, {"__defsec_metadata": {}}) From 97b36d09d67bd99d4b3a2b3ad753748204cc805c Mon Sep 17 00:00:00 2001 From: simar7 <1254783+simar7@users.noreply.github.com> Date: Tue, 24 Sep 2024 15:11:52 -0600 Subject: [PATCH 2/3] Update lib/cloud/metadata.rego --- lib/cloud/metadata.rego | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/cloud/metadata.rego b/lib/cloud/metadata.rego index 93a670b1..8f639ea2 100644 --- a/lib/cloud/metadata.rego +++ b/lib/cloud/metadata.rego @@ -8,7 +8,7 @@ import rego.v1 # Returns the object found by the given path # if child object is not found, returns the last found object obj_by_path(obj, path) := res if { - occurrenses := {obj_path: child_object | + occurrences := {obj_path: child_object | walk(obj, [obj_path, child_object]) child_object.__defsec_metadata object.subset(path, obj_path) From a8dc33de031d155544a7140950147bc22173b676 Mon Sep 17 00:00:00 2001 From: simar7 <1254783+simar7@users.noreply.github.com> Date: Tue, 24 Sep 2024 15:12:25 -0600 Subject: [PATCH 3/3] Update lib/cloud/metadata.rego --- lib/cloud/metadata.rego | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/cloud/metadata.rego b/lib/cloud/metadata.rego index 8f639ea2..85f68821 100644 --- a/lib/cloud/metadata.rego +++ b/lib/cloud/metadata.rego @@ -14,5 +14,5 @@ obj_by_path(obj, path) := res if { object.subset(path, obj_path) } - res := occurrenses[max(object.keys(occurrenses))] + res := occurrences[max(object.keys(occurrences))] } else := obj