improve scalar assertion match

Signed-off-by: Charles-Edouard Brétéché <[email protected]>
kyverno · Oct 2, 2023 · cc9a897 · cc9a897
1 parent 0bde529
commit cc9a897
Showing 1 changed file with 16 additions and 16 deletions.
diff --git a/pkg/engine/assert/scalar.go b/pkg/engine/assert/scalar.go
@@ -3,8 +3,8 @@ package assert
 import (
 	"fmt"
 
+	"github.com/eddycharly/json-kyverno/pkg/engine/match"
 	"github.com/eddycharly/json-kyverno/pkg/engine/template"
-	reflectutils "github.com/eddycharly/json-kyverno/pkg/utils/reflect"
 	"github.com/jmespath-community/go-jmespath/pkg/binding"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 )
@@ -19,24 +19,24 @@ type scalarNode struct {
 func (n *scalarNode) assert(path *field.Path, value interface{}, bindings binding.Bindings) (field.ErrorList, error) {
 	rhs := n.rhs
 	expression := parseExpression(rhs)
-	if expression != nil {
-		// we only project if the expression uses the engine syntax
-		// this is to avoid the case where the value is a map and the RHS is a string
-		// TODO: we need a way to escape projection
-		if expression.engine != "" {
-			if expression.foreach {
-				return nil, field.Invalid(path, rhs, "foreach is not supported on the RHS")
-			}
-			// TODO: something is wrong here, we should jump into a more standard matching at this point
-			projected, err := template.Execute(expression.statement, value, bindings)
-			if err != nil {
-				return nil, field.InternalError(path, err)
-			}
-			rhs = projected
+	// we only project if the expression uses the engine syntax
+	// this is to avoid the case where the value is a map and the RHS is a string
+	// TODO: we need a way to escape the projection
+	if expression != nil && expression.engine != "" {
+		if expression.foreach {
+			return nil, field.Invalid(path, rhs, "foreach is not supported on the RHS")
 		}
+		if expression.binding != "" {
+			return nil, field.Invalid(path, rhs, "binding is not supported on the RHS")
+		}
+		projected, err := template.Execute(expression.statement, value, bindings)
+		if err != nil {
+			return nil, field.InternalError(path, err)
+		}
+		rhs = projected
 	}
 	var errs field.ErrorList
-	if match, err := reflectutils.MatchScalar(rhs, value); err != nil {
+	if match, err := match.Match(rhs, value); err != nil {
 		return nil, field.InternalError(path, err)
 	} else if !match {
 		errs = append(errs, field.Invalid(path, value, fmt.Sprint("Expected value:", rhs)))