Add the 'rules' property to the PolicyReport result (#365)

Ref: https://issues.redhat.com/browse/ACM-15958 Signed-off-by: yiraeChristineKim <[email protected]>
stolostron · Dec 20, 2024 · b03c044 · b03c044
1 parent 20a2db4
commit b03c044
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 8 deletions.
diff --git a/pkg/transforms/policyreport.go b/pkg/transforms/policyreport.go
@@ -26,6 +26,7 @@ type PolicyReport struct {
 // ReportResults rule violation results
 type ReportResults struct {
 	Policy     string           `json:"policy"`
+	Rule       string           `json:"rule,omitempty"`
 	Message    string           `json:"message"`
 	Category   string           `json:"category"`
 	Result     string           `json:"result"`
@@ -78,6 +79,7 @@ func PolicyReportResourceBuilder(pr *PolicyReport) *PolicyReportResource {
 	// Extract the properties specific to this type
 	categoryMap := make(map[string]struct{})
 	policies := sets.Set[string]{}
+	rules := sets.Set[string]{}
 	critical := 0
 	important := 0
 	moderate := 0
@@ -89,7 +91,12 @@ func PolicyReportResourceBuilder(pr *PolicyReport) *PolicyReportResource {
 		for _, category := range strings.Split(result.Category, ",") {
 			categoryMap[category] = struct{}{}
 		}
+
 		policies.Insert(result.Policy)
+		if result.Rule != "" {
+			rules.Insert(result.Rule)
+		}
+
 		switch result.Properties.TotalRisk {
 		case "4":
 			critical++
@@ -117,8 +124,11 @@ func PolicyReportResourceBuilder(pr *PolicyReport) *PolicyReportResource {
 	policyList := policies.UnsortedList()
 	sort.Strings(policyList)
 
-	// "rules" is incorrect since there is a "rule" field in the results, but this is kept for backwards compatibility
-	node.Properties["rules"] = policyList
+	ruleList := rules.UnsortedList()
+	sort.Strings(ruleList)
+
+	node.Properties["rules"] = ruleList
+	node.Properties["policies"] = policyList
 	node.Properties["category"] = categories
 	node.Properties["critical"] = critical
 	node.Properties["important"] = important
@@ -144,8 +154,8 @@ func (pr PolicyReportResource) BuildEdges(ns NodeStore) []Edge {
 		return edges
 	}
 
-	// "rules" represents the policies
-	for _, policy := range pr.node.Properties["rules"].([]string) {
+	// "policies" represents the policies
+	for _, policy := range pr.node.Properties["policies"].([]string) {
 		var kind, namespace, name string
 
 		splitPolicy := strings.SplitN(policy, "/", 2)

diff --git a/pkg/transforms/policyreport_test.go b/pkg/transforms/policyreport_test.go
@@ -17,7 +17,8 @@ func TestTransformPolicyReport(t *testing.T) {
 
 	// Test unique fields that exist in policy report and are shown in UI - the common test will test the other bits
 	AssertDeepEqual("category Length", len(node.Properties["category"].([]string)), 5, t)
-	AssertDeepEqual("rules", node.Properties["rules"], []string{"policyreport testing risk 1 policy", "policyreport testing risk 2 policy"}, t)
+	AssertDeepEqual("policies", node.Properties["policies"], []string{"policyreport testing risk 1 policy", "policyreport testing risk 2 policy"}, t)
+	AssertDeepEqual("rules", len(node.Properties["rules"].([]string)), 0, t)
 	AssertDeepEqual("numRuleViolations", node.Properties["numRuleViolations"], 2, t)
 	AssertDeepEqual("critical", node.Properties["critical"], 0, t)
 	AssertDeepEqual("important", node.Properties["important"], 0, t)
@@ -37,8 +38,10 @@ func TestTransformKyvernoClusterPolicyReport(t *testing.T) {
 	UnmarshalFile("kyverno-clusterpolicyreport.json", &pr, t)
 	node := PolicyReportResourceBuilder(&pr).BuildNode()
 
+	AssertDeepEqual("apiversion", node.Properties["apiversion"].(string), "v1alpha2", t)
 	AssertDeepEqual("category", node.Properties["category"].([]string), []string{"Kubecost"}, t)
-	AssertDeepEqual("rules", node.Properties["rules"], []string{"no-label-of-monkey", "require-kubecost-labels"}, t)
+	AssertDeepEqual("policies", node.Properties["policies"], []string{"no-label-of-monkey", "require-kubecost-labels"}, t)
+	AssertDeepEqual("rules", node.Properties["rules"], []string{"no-monkey", "require-labels"}, t)
 	// 1 failure and 1 error
 	AssertDeepEqual("numRuleViolations", node.Properties["numRuleViolations"], 2, t)
 	expected := map[string]int{"require-kubecost-labels": 2, "no-label-of-monkey": 0}
@@ -51,12 +54,14 @@ func TestTransformKyvernoPolicyReport(t *testing.T) {
 	node := PolicyReportResourceBuilder(&pr).BuildNode()
 
 	AssertDeepEqual("category", node.Properties["category"].([]string), []string{"Kubecost"}, t)
+	AssertDeepEqual("apiversion", node.Properties["apiversion"].(string), "v1beta1", t)
 	AssertDeepEqual(
-		"rules",
-		node.Properties["rules"],
+		"policies",
+		node.Properties["policies"],
 		[]string{"open-cluster-management-agent-addon/require-kubecost-labels", "require-kubecost-labels"},
 		t,
 	)
+	AssertDeepEqual("rules", node.Properties["rules"], []string{"require-labels"}, t)
 	AssertDeepEqual("numRuleViolations", node.Properties["numRuleViolations"], 2, t)
 	expected := map[string]int{
 		"require-kubecost-labels":                                     1,