fix(k8spsphostnetworkingports): CEL fixes for hostNetwork variable and message #589
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
julianKatz
force-pushed
the
k8spsphostnetworkingports-exemptImages
branch
2 times, most recently
from
bbaf6c3
to
8b43806
Compare
JaydipGabani
requested changes
Aug 29, 2024
julianKatz
force-pushed
the
k8spsphostnetworkingports-exemptImages
branch
3 times, most recently
from
1acb967
to
7266367
Compare
message
My updates to the suite.yaml file yielded an expected failure due to an
incorrect CEL expression:
```
unexpected number of violations: got 1 violations but want none: got messages [failed expression: (has(request.operation) && request.operation == "UPDATE") ||
(!has(variables.params.hostNetwork) || !variables.params.hostNetwork ? (has(variables.anyObject.spec.hostNetwork) && !variables.anyObject.spec.hostNetwork) : true)]
```
By contrast, a run of `gator verify -v .
--enable-k8s-native-validation=false` yielded a fully passing
suite.yaml.
This expression was actually failing due to its `messageExpression`, as
non-primitive types cannot be combined with strings as in some
interpreted languages (like rego). Unfortunately the compiler does not
indicate that the messageExpression is the source of the problem.
Once the message was fixed, I resolved the incorrect violation
expression to fix the bug in the handling of params.hostNetwork.
Signed-off-by: juliankatz <[email protected]>
julianKatz
force-pushed
the
k8spsphostnetworkingports-exemptImages
branch
from
7266367
to
fc386d9
Compare
JaydipGabani
approved these changes
Aug 30, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
My updates to the suite.yaml file yielded an unexpected failure due to an incorrect CEL expression:
By contrast, a run of
gator verify -v . --enable-k8s-native-validation=falseyielded a fully passing suite.yaml.This failed expression was actually failing due to its
messageExpression, as non-primitive types cannot be combined with strings as in some interpreted languages (like rego). Unfortunately the compiler does not indicate that the messageExpression is the source of the problem.Once the message was fixed, I resolved the incorrect violation expression to fix the bug in the handling of params.hostNetwork.