feat: make evaluation path live in payload world

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
kyverno · Sep 26, 2024 · 79c0558 · 79c0558
1 parent 58174c5
commit 79c0558
Show file tree

Hide file tree

Showing 5 changed files with 29 additions and 15 deletions.
diff --git a/pkg/commands/scan/options.go b/pkg/commands/scan/options.go
@@ -105,15 +105,26 @@ func (c *options) run(cmd *cobra.Command, _ []string) error {
 	for _, response := range responses {
 		for _, policy := range response.Policies {
 			for _, rule := range policy.Rules {
+				status := "PASSED"
 				if rule.Error != nil {
-					out.println("-", policy.Policy.Name, "/", rule.Rule.Name, "/", rule.Identifier, "ERROR:", rule.Error.Error())
+					status = fmt.Sprintf("ERROR: %s", rule.Error.Error())
 				} else if len(rule.Violations) != 0 {
-					out.println("-", policy.Policy.Name, "/", rule.Rule.Name, "/", rule.Identifier, "FAILED")
-					out.println(rule.Violations.Error())
-				} else {
-					// TODO: handle skip, warn
-					out.println("-", policy.Policy.Name, "/", rule.Rule.Name, "/", rule.Identifier, "PASSED")
+					status = "FAILED"
 				}
+				out.println(fmt.Sprintf("- %s (POLICY=%s, RULE=%s, ID=%s)", status, policy.Policy.Name, rule.Rule.Name, rule.Identifier))
+				if len(rule.Violations) != 0 {
+					out.println(rule.Violations.Error(" "))
+				}
+
+				// if rule.Error != nil {
+				// 	out.println("-", policy.Policy.Name, "/", rule.Rule.Name, "/", rule.Identifier, "ERROR:", rule.Error.Error())
+				// } else if len(rule.Violations) != 0 {
+				// 	out.println("-", policy.Policy.Name, "/", rule.Rule.Name, "/", rule.Identifier, "FAILED")
+				// 	out.println(rule.Violations.Error())
+				// } else {
+				// 	// TODO: handle skip, warn
+				// 	out.println("-", policy.Policy.Name, "/", rule.Rule.Name, "/", rule.Identifier, "PASSED")
+				// }
 			}
 		}
 	}

diff --git a/pkg/json-engine/compiler.go b/pkg/json-engine/compiler.go
@@ -194,9 +194,11 @@ func (c *compiler) compileAssertion(
 		errs, err := check(resource, bindings)
 		if len(errs) != 0 {
 			result.ErrorList = errs
+			message := fmt.Sprintf("(CHECK=%s)", path.String())
 			if in.Message != nil {
-				result.Message = in.Message.Format(resource, bindings, compilers.Jp.Options()...)
+				message = fmt.Sprintf("%s %s", in.Message.Format(resource, bindings, compilers.Jp.Options()...), message)
 			}
+			result.Message = message
 		}
 		return result, err
 	}, nil
@@ -228,7 +230,7 @@ func (c *compiler) compileAssertionTree(
 		return nil, err
 	}
 	return func(resource any, bindings binding.Bindings) (field.ErrorList, error) {
-		return check.Assert(path, resource, bindings)
+		return check.Assert(nil, resource, bindings)
 	}, nil
 }
 

diff --git a/pkg/json-engine/model.go b/pkg/json-engine/model.go
@@ -1,6 +1,7 @@
 package jsonengine
 
 import (
+	"fmt"
 	"strings"
 	"time"
 
@@ -39,24 +40,24 @@ type Result struct {
 	Message string
 }
 
-func (r Result) Error() string {
+func (r Result) Error(prefix string) string {
 	var lines []string
 	if r.Message != "" {
-		lines = append(lines, "-> "+r.Message)
+		lines = append(lines, prefix+"-> "+r.Message)
 	}
 	for _, err := range r.ErrorList {
-		lines = append(lines, " -> "+err.Error())
+		lines = append(lines, prefix+fmt.Sprintf(" -> %s (PATH=%s)", err.ErrorBody(), err.Field))
 	}
 	return strings.Join(lines, "\n")
 }
 
 //nolint:errname
 type Results []Result
 
-func (r Results) Error() string {
+func (r Results) Error(prefix string) string {
 	var lines []string
 	for _, err := range r {
-		lines = append(lines, err.Error())
+		lines = append(lines, err.Error(prefix))
 	}
 	return strings.Join(lines, "\n")
 }

diff --git a/pkg/server/model/response.go b/pkg/server/model/response.go
@@ -50,7 +50,7 @@ func makeMessage(rule jsonengine.RuleResponse) string {
 		return rule.Error.Error()
 	}
 	if len(rule.Violations) != 0 {
-		return rule.Violations.Error()
+		return rule.Violations.Error("")
 	}
 	return ""
 }
diff --git a/test/api/go/main/main.go b/test/api/go/main/main.go
@@ -69,7 +69,7 @@ func main() {
 			if rule.Error != nil {
 				logger.Printf("error: %s/%s -> %s: %s", policy.Policy.Name, rule.Rule.Name, rule.Identifier, rule.Error)
 			} else if len(rule.Violations) != 0 {
-				logger.Printf("fail: %s/%s -> %s\n%s", policy.Policy.Name, rule.Rule.Name, rule.Identifier, rule.Violations.Error())
+				logger.Printf("fail: %s/%s -> %s\n%s", policy.Policy.Name, rule.Rule.Name, rule.Identifier, rule.Violations.Error(""))
 			} else {
 				logger.Printf("pass: %s/%s -> %s", policy.Policy.Name, rule.Rule.Name, rule.Identifier)
 			}