From 2dfbad031fdbedc83fb81defe5e40ae456ab9b63 Mon Sep 17 00:00:00 2001
From: Nikita Pivkin <nikita.pivkin@smartforce.io>
Date: Fri, 1 Nov 2024 17:37:15 +0600
Subject: [PATCH] fix: fix metadata retrieval from iac types

Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
---
 lib/cloud/metadata.rego      | 11 ++++++++++-
 lib/cloud/metadata_test.rego |  7 +++++++
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/lib/cloud/metadata.rego b/lib/cloud/metadata.rego
index 85f68821..15fc6e67 100644
--- a/lib/cloud/metadata.rego
+++ b/lib/cloud/metadata.rego
@@ -10,9 +10,18 @@ import rego.v1
 obj_by_path(obj, path) := res if {
 	occurrences := {obj_path: child_object |
 		walk(obj, [obj_path, child_object])
-		child_object.__defsec_metadata
+		has_metadata(child_object)
 		object.subset(path, obj_path)
 	}
 
 	res := occurrences[max(object.keys(occurrences))]
 } else := obj
+
+has_metadata(obj) if obj.__defsec_metadata
+
+has_metadata(obj) if {
+	obj.fskey
+	has_key(obj, "value")
+}
+
+has_key(x, k) if _ = x[k]
diff --git a/lib/cloud/metadata_test.rego b/lib/cloud/metadata_test.rego
index f62adc38..3a0db5e9 100644
--- a/lib/cloud/metadata_test.rego
+++ b/lib/cloud/metadata_test.rego
@@ -31,4 +31,11 @@ test_obj_by_path_skip_without_metadata if {
 	metadata.obj_by_path(obj, ["foo", "baz"]) == obj
 }
 
+test_obj_by_path_happy_iac_type if {
+	bar := {"value": 1, "fskey": "somekey"}
+	obj := with_meta({"foo": with_meta({"bar": bar})})
+
+	metadata.obj_by_path(obj, ["foo", "bar"]) == bar
+}
+
 with_meta(obj) := object.union(obj, {"__defsec_metadata": {}})