rego 检查数组中是否存在某个字段
rego to check for existance of a field in an array
如何检查“speck.rules”下每个项目中“spec.rules.host”字段的存在,如果其中任何一个没有这样的条目,它会触发“拒绝”?
apiVersion: getambassador.io/v3alpha1
kind: FilterPolicy
metadata:
name: multi-domain-policy
spec:
rules:
- host: foo.bar.com
path: "*"
filters:
- name: foo-keycloak
- host: example.com
path: "*"
filters:
- name: example-auth0
出于某种原因我无法理解,这不起作用:
violation[{"msg": msg}] {
hostExists := input.review.object.spec.rules[_].host
not hostExists
msg := sprintf("This is the value: %v", [hostExists])
}
您可以使用 array comprehension 来收集缺少主机属性的规则,然后简单地计算这些规则以查看是否有:
violation[{"msg": msg}] {
rules_without_host := [rule | rule := input.review.object.spec.rules[_]; not rule.host]
count(rules_without_host) > 0
msg := sprintf("Rules missing host: %v", [rules_without_host])
}
如何检查“speck.rules”下每个项目中“spec.rules.host”字段的存在,如果其中任何一个没有这样的条目,它会触发“拒绝”?
apiVersion: getambassador.io/v3alpha1
kind: FilterPolicy
metadata:
name: multi-domain-policy
spec:
rules:
- host: foo.bar.com
path: "*"
filters:
- name: foo-keycloak
- host: example.com
path: "*"
filters:
- name: example-auth0
出于某种原因我无法理解,这不起作用:
violation[{"msg": msg}] {
hostExists := input.review.object.spec.rules[_].host
not hostExists
msg := sprintf("This is the value: %v", [hostExists])
}
您可以使用 array comprehension 来收集缺少主机属性的规则,然后简单地计算这些规则以查看是否有:
violation[{"msg": msg}] {
rules_without_host := [rule | rule := input.review.object.spec.rules[_]; not rule.host]
count(rules_without_host) > 0
msg := sprintf("Rules missing host: %v", [rules_without_host])
}