feat: add compiler to the namespace template api (#2035) (#2036)

Signed-off-by: Charles-Edouard Brétéché <[email protected]>
Co-authored-by: Charles-Edouard Brétéché <[email protected]>

Author: gcp-cherry-pick-bot[bot]

.crds/chainsaw.kyverno.io_configurations.yaml

@@ -860,6 +860,13 @@ spec:
                 description: NamespaceTemplate defines a template to create the test
                   namespace.
                 x-kubernetes-preserve-unknown-fields: true
+              namespaceTemplateCompiler:
+                description: NamespaceTemplateCompiler defines the default compiler
+                  to use when evaluating expressions.
+                enum:
+                - jp
+                - cel
+                type: string
               parallel:
                 description: The maximum number of tests to run at once.
                 format: int
@@ -1833,6 +1840,13 @@ spec:
                 description: Namespace contains properties for the namespace to use
                   for tests.
                 properties:
+                  compiler:
+                    description: Compiler defines the default compiler to use when
+                      evaluating expressions.
+                    enum:
+                    - jp
+                    - cel
+                    type: string
                   name:
                     description: |-
                       Name defines the namespace to use for tests.

.crds/chainsaw.kyverno.io_tests.yaml

@@ -881,6 +881,13 @@ spec:
                 description: NamespaceTemplate defines a template to create the test
                   namespace.
                 x-kubernetes-preserve-unknown-fields: true
+              namespaceTemplateCompiler:
+                description: NamespaceTemplateCompiler defines the default compiler
+                  to use when evaluating expressions.
+                enum:
+                - jp
+                - cel
+                type: string
               scenarios:
                 description: Scenarios defines test scenarios.
                 items:

.schemas/json/configuration-chainsaw-v1alpha1.json

@@ -1698,6 +1698,17 @@
           "description": "NamespaceTemplate defines a template to create the test namespace.",
           "x-kubernetes-preserve-unknown-fields": true
         },
+        "namespaceTemplateCompiler": {
+          "description": "NamespaceTemplateCompiler defines the default compiler to use when evaluating expressions.",
+          "type": [
+            "string",
+            "null"
+          ],
+          "enum": [
+            "jp",
+            "cel"
+          ]
+        },
         "parallel": {
           "description": "The maximum number of tests to run at once.",
           "type": [

.schemas/json/configuration-chainsaw-v1alpha2.json

@@ -1783,6 +1783,17 @@
           ],
           "default": {},
           "properties": {
+            "compiler": {
+              "description": "Compiler defines the default compiler to use when evaluating expressions.",
+              "type": [
+                "string",
+                "null"
+              ],
+              "enum": [
+                "jp",
+                "cel"
+              ]
+            },
             "name": {
               "description": "Name defines the namespace to use for tests.\nIf not specified, every test will execute in a random ephemeral namespace\nunless the namespace is overridden in a the test spec.",
               "type": [

.schemas/json/test-chainsaw-v1alpha1.json

@@ -1741,6 +1741,17 @@
           "description": "NamespaceTemplate defines a template to create the test namespace.",
           "x-kubernetes-preserve-unknown-fields": true
         },
+        "namespaceTemplateCompiler": {
+          "description": "NamespaceTemplateCompiler defines the default compiler to use when evaluating expressions.",
+          "type": [
+            "string",
+            "null"
+          ],
+          "enum": [
+            "jp",
+            "cel"
+          ]
+        },
         "scenarios": {
           "description": "Scenarios defines test scenarios.",
           "type": [

pkg/apis/conversion/configuration.go

@@ -22,6 +22,7 @@ func Convert_v1alpha2_ConfigurationSpec_To_v1alpha1_ConfigurationSpec(in *v1alph
 	out.ForceTerminationGracePeriod = in.Execution.ForceTerminationGracePeriod
 	out.Namespace = in.Namespace.Name
 	out.NamespaceTemplate = in.Namespace.Template
+	out.NamespaceTemplateCompiler = in.Namespace.Compiler
 	if in := in.Report; in != nil {
 		out.ReportFormat = v1alpha1.ReportFormatType(in.Format)
 		out.ReportPath = in.Path
@@ -58,6 +59,7 @@ func Convert_v1alpha1_ConfigurationSpec_To_v1alpha2_ConfigurationSpec(in *v1alph
 	}
 	out.Namespace = v1alpha2.NamespaceOptions{
 		Name:     in.Namespace,
+		Compiler: in.NamespaceTemplateCompiler,
 		Template: in.NamespaceTemplate,
 	}
 	out.Report = &v1alpha2.ReportOptions{

pkg/apis/v1alpha1/configuration.go

@@ -75,6 +75,10 @@ type ConfigurationSpec struct {
 	// +optional
 	Namespace string `json:"namespace,omitempty"`
 
+	// NamespaceTemplateCompiler defines the default compiler to use when evaluating expressions.
+	// +optional
+	NamespaceTemplateCompiler *Compiler `json:"namespaceTemplateCompiler,omitempty"`
+
 	// NamespaceTemplate defines a template to create the test namespace.
 	// +optional
 	NamespaceTemplate *Projection `json:"namespaceTemplate,omitempty"`

pkg/apis/v1alpha1/test.go

@@ -68,6 +68,10 @@ type TestSpec struct {
 	// +optional
 	NamespaceTemplate *Projection `json:"namespaceTemplate,omitempty"`
 
+	// NamespaceTemplateCompiler defines the default compiler to use when evaluating expressions.
+	// +optional
+	NamespaceTemplateCompiler *Compiler `json:"namespaceTemplateCompiler,omitempty"`
+
 	// Scenarios defines test scenarios.
 	// +optional
 	Scenarios []Scenario `json:"scenarios,omitempty"`

pkg/apis/v1alpha1/types.go

@@ -20,6 +20,8 @@ var (
 	NewMatch   = v1alpha1.NewAssertionTree
 )
 
+type Compiler = v1alpha1.Compiler
+
 // Binding represents a key/value set as a binding in an executing test.
 type Binding struct {
 	// Name the name of the binding.
@@ -29,7 +31,7 @@ type Binding struct {
 
 	// Compiler defines the default compiler to use when evaluating expressions.
 	// +optional
-	Compiler *v1alpha1.Compiler `json:"compiler,omitempty"`
+	Compiler *Compiler `json:"compiler,omitempty"`
 
 	// Value value of the binding.
 	Value Projection `json:"value"`

pkg/apis/v1alpha1/zz_generated.deepcopy.go

@@ -2,7 +2,7 @@ package v1alpha2
 
 import (
 	"github.com/kyverno/chainsaw/pkg/apis/v1alpha1"
-	_ "github.com/kyverno/kyverno-json/pkg/apis/policy/v1alpha1"
+	kjson "github.com/kyverno/kyverno-json/pkg/apis/policy/v1alpha1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
@@ -87,6 +87,10 @@ type NamespaceOptions struct {
 	// +optional
 	Name string `json:"name,omitempty"`
 
+	// Compiler defines the default compiler to use when evaluating expressions.
+	// +optional
+	Compiler *kjson.Compiler `json:"compiler,omitempty"`
+
 	// Template defines a template to create the test namespace.
 	// +optional
 	Template *Projection `json:"template,omitempty"`

pkg/apis/v1alpha2/options.go

@@ -860,6 +860,13 @@ spec:
                 description: NamespaceTemplate defines a template to create the test
                   namespace.
                 x-kubernetes-preserve-unknown-fields: true
+              namespaceTemplateCompiler:
+                description: NamespaceTemplateCompiler defines the default compiler
+                  to use when evaluating expressions.
+                enum:
+                - jp
+                - cel
+                type: string
               parallel:
                 description: The maximum number of tests to run at once.
                 format: int
@@ -1833,6 +1840,13 @@ spec:
                 description: Namespace contains properties for the namespace to use
                   for tests.
                 properties:
+                  compiler:
+                    description: Compiler defines the default compiler to use when
+                      evaluating expressions.
+                    enum:
+                    - jp
+                    - cel
+                    type: string
                   name:
                     description: |-
                       Name defines the namespace to use for tests.

pkg/apis/v1alpha2/zz_generated.deepcopy.go

@@ -881,6 +881,13 @@ spec:
                 description: NamespaceTemplate defines a template to create the test
                   namespace.
                 x-kubernetes-preserve-unknown-fields: true
+              namespaceTemplateCompiler:
+                description: NamespaceTemplateCompiler defines the default compiler
+                  to use when evaluating expressions.
+                enum:
+                - jp
+                - cel
+                type: string
               scenarios:
                 description: Scenarios defines test scenarios.
                 items:

pkg/data/crds/chainsaw.kyverno.io_configurations.yaml

@@ -1698,6 +1698,17 @@
           "description": "NamespaceTemplate defines a template to create the test namespace.",
           "x-kubernetes-preserve-unknown-fields": true
         },
+        "namespaceTemplateCompiler": {
+          "description": "NamespaceTemplateCompiler defines the default compiler to use when evaluating expressions.",
+          "type": [
+            "string",
+            "null"
+          ],
+          "enum": [
+            "jp",
+            "cel"
+          ]
+        },
         "parallel": {
           "description": "The maximum number of tests to run at once.",
           "type": [

pkg/data/crds/chainsaw.kyverno.io_tests.yaml

@@ -1783,6 +1783,17 @@
           ],
           "default": {},
           "properties": {
+            "compiler": {
+              "description": "Compiler defines the default compiler to use when evaluating expressions.",
+              "type": [
+                "string",
+                "null"
+              ],
+              "enum": [
+                "jp",
+                "cel"
+              ]
+            },
             "name": {
               "description": "Name defines the namespace to use for tests.\nIf not specified, every test will execute in a random ephemeral namespace\nunless the namespace is overridden in a the test spec.",
               "type": [

pkg/data/schemas/json/configuration-chainsaw-v1alpha1.json

@@ -1741,6 +1741,17 @@
           "description": "NamespaceTemplate defines a template to create the test namespace.",
           "x-kubernetes-preserve-unknown-fields": true
         },
+        "namespaceTemplateCompiler": {
+          "description": "NamespaceTemplateCompiler defines the default compiler to use when evaluating expressions.",
+          "type": [
+            "string",
+            "null"
+          ],
+          "enum": [
+            "jp",
+            "cel"
+          ]
+        },
         "scenarios": {
           "description": "Scenarios defines test scenarios.",
           "type": [

pkg/data/schemas/json/configuration-chainsaw-v1alpha2.json

@@ -7,14 +7,16 @@ import (
 	"github.com/kyverno/chainsaw/pkg/cleanup/cleaner"
 	"github.com/kyverno/chainsaw/pkg/client"
 	"github.com/kyverno/chainsaw/pkg/engine"
+	"github.com/kyverno/kyverno-json/pkg/core/compilers"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 )
 
 type namespaceData struct {
-	name     string
-	template *v1alpha1.Projection
-	cleaner  cleaner.CleanerCollector
+	name      string
+	compilers compilers.Compilers
+	template  *v1alpha1.Projection
+	cleaner   cleaner.CleanerCollector
 }
 
 type contextData struct {
@@ -40,7 +42,7 @@ func setupContextData(ctx context.Context, tc engine.Context, data contextData)
 	}
 	var ns *corev1.Namespace
 	if data.namespace != nil {
-		if namespace, err := buildNamespace(ctx, data.namespace.name, data.namespace.template, tc.Bindings()); err != nil {
+		if namespace, err := buildNamespace(ctx, data.namespace.compilers, data.namespace.name, data.namespace.template, tc.Bindings()); err != nil {
 			return tc, nil, err
 		} else if _, clusterClient, err := tc.CurrentClusterClient(); err != nil {
 			return tc, nil, err

pkg/data/schemas/json/test-chainsaw-v1alpha1.json

@@ -8,11 +8,12 @@ import (
 	"github.com/kyverno/chainsaw/pkg/engine/bindings"
 	"github.com/kyverno/chainsaw/pkg/engine/templating"
 	"github.com/kyverno/chainsaw/pkg/utils/kube"
+	"github.com/kyverno/kyverno-json/pkg/core/compilers"
 	"github.com/kyverno/pkg/ext/resource/convert"
 	corev1 "k8s.io/api/core/v1"
 )
 
-func buildNamespace(ctx context.Context, name string, template *v1alpha1.Projection, tc apis.Bindings) (*corev1.Namespace, error) {
+func buildNamespace(ctx context.Context, compilers compilers.Compilers, name string, template *v1alpha1.Projection, tc apis.Bindings) (*corev1.Namespace, error) {
 	namespace := kube.Namespace(name)
 	if template == nil {
 		return &namespace, nil
@@ -22,7 +23,7 @@ func buildNamespace(ctx context.Context, name string, template *v1alpha1.Project
 	}
 	object := kube.ToUnstructured(&namespace)
 	tc = bindings.RegisterBinding(ctx, tc, "namespace", object.GetName())
-	merged, err := templating.TemplateAndMerge(ctx, apis.DefaultCompilers, object, tc, *template)
+	merged, err := templating.TemplateAndMerge(ctx, compilers, object, tc, *template)
 	if err != nil {
 		return nil, err
 	}