Skip to content

Commit

Permalink
fix: fix metadata retrieval from iac types
Browse files Browse the repository at this point in the history
Signed-off-by: Nikita Pivkin <[email protected]>
  • Loading branch information
nikpivkin authored and simar7 committed Nov 2, 2024
1 parent 954b982 commit 2dfbad0
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 1 deletion.
11 changes: 10 additions & 1 deletion lib/cloud/metadata.rego
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,18 @@ import rego.v1
obj_by_path(obj, path) := res if {
occurrences := {obj_path: child_object |
walk(obj, [obj_path, child_object])
child_object.__defsec_metadata
has_metadata(child_object)
object.subset(path, obj_path)
}

res := occurrences[max(object.keys(occurrences))]
} else := obj

has_metadata(obj) if obj.__defsec_metadata

has_metadata(obj) if {
obj.fskey
has_key(obj, "value")
}

has_key(x, k) if _ = x[k]
7 changes: 7 additions & 0 deletions lib/cloud/metadata_test.rego
Original file line number Diff line number Diff line change
Expand Up @@ -31,4 +31,11 @@ test_obj_by_path_skip_without_metadata if {
metadata.obj_by_path(obj, ["foo", "baz"]) == obj
}

test_obj_by_path_happy_iac_type if {
bar := {"value": 1, "fskey": "somekey"}
obj := with_meta({"foo": with_meta({"bar": bar})})

metadata.obj_by_path(obj, ["foo", "bar"]) == bar
}

with_meta(obj) := object.union(obj, {"__defsec_metadata": {}})

0 comments on commit 2dfbad0

Please sign in to comment.