[Bug] skipped payload elements are reported as a pass

[JimBugwadia]

Kyverno JSON Version

0.1.0

Description

The JSON engine does not differentiate between a pass and a skip:

See:

kyverno-json/pkg/json-engine/engine.go

Line 80 in 679aad8

Predicate(func(ctx context.Context, r request) bool {

Steps to reproduce

1. Run a sample policy:

➜ ./kyverno-json scan --policy ./test/commands/scan/tf-s3/policy.yaml --payload ./test/commands/scan/tf-s3/payload.json
Loading policies ...
Loading payload ...
Pre processing ...
Running ( evaluating 1 resource against 1 policy ) ...
- s3 / check-tags /  FAILED: all[0].check.planned_values.root_module.~.resources[0].values.(keys(tags_all)).(contains(@, 'Team')): Invalid value: false: Expected value: true
Done

2. Try the same with a match / exclude or a pre-process that does not match the payload:

./kyverno-json scan --policy ./test/commands/scan/tf-s3/policy.yaml --payload ./test/commands/scan/tf-s3/payload.json --pre-process "check.planned_values.root_module.resources[]"
Loading policies ...
Loading payload ...
Pre processing ...
Error: prepocessor resulted in `null` payload (check.planned_values.root_module.resources[])

Expected behavior

If the match / exclude or pre-process does not match, the result should report a skip.

Screenshots

No response

Logs

No response

Slack discussion

No response

Troubleshooting

• I have searched other issues in this repository and mine is not recorded.

[12rashic]

/assign

[bhorsujal]

/assign

[Ayushrao1970]

/assign