generate stable bundle (koderover#678)

Signed-off-by: lou <[email protected]>
zhucc · Nov 30, 2021 · 362f1bb · 362f1bb
1 parent 556f89f
commit 362f1bb
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 4 deletions.
diff --git a/pkg/microservice/policy/core/service/bundle/opa_bundle.go b/pkg/microservice/policy/core/service/bundle/opa_bundle.go
@@ -82,15 +82,44 @@ type rule struct {
 	Endpoint         string       `json:"endpoint"`
 	ResourceType     string       `json:"resourceType,omitempty"`
 	IDRegex          string       `json:"idRegex,omitempty"`
-	MatchAttributes  []attribute  `json:"matchAttributes,omitempty"`
+	MatchAttributes  Attributes   `json:"matchAttributes,omitempty"`
 	MatchExpressions []expression `json:"matchExpressions,omitempty"`
 }
 
-type attribute struct {
+type Attribute struct {
 	Key   string `json:"key"`
 	Value string `json:"value"`
 }
 
+type Attributes []*Attribute
+
+func (a Attributes) LessOrEqual(other Attributes) bool {
+	if len(a) == 0 {
+		return true
+	}
+	if len(other) == 0 {
+		return false
+	}
+	for i, attr := range a {
+		if i > len(other)-1 {
+			return false
+		}
+		ki := attr.Key
+		kj := other[i].Key
+		vi := attr.Value
+		vj := other[i].Value
+		if ki == kj {
+			if vi == vj {
+				continue
+			}
+			return vi < vj
+		}
+		return ki < kj
+	}
+
+	return true
+}
+
 type expression struct {
 	Key      string             `json:"key"`
 	Values   []string           `json:"values"`
@@ -118,6 +147,9 @@ func (o rules) Len() int      { return len(o) }
 func (o rules) Swap(i, j int) { o[i], o[j] = o[j], o[i] }
 func (o rules) Less(i, j int) bool {
 	if o[i].Endpoint == o[j].Endpoint {
+		if o[i].Method == o[j].Method {
+			return o[i].MatchAttributes.LessOrEqual(o[j].MatchAttributes)
+		}
 		return o[i].Method < o[j].Method
 	}
 	return o[i].Endpoint < o[j].Endpoint

diff --git a/pkg/microservice/policy/core/service/bundle/resource_endpoint_mapping.go b/pkg/microservice/policy/core/service/bundle/resource_endpoint_mapping.go
@@ -54,9 +54,9 @@ func getResourceActionMappings(policies []*models.Policy) resourceActionMappings
 
 		for _, r := range p.Rules {
 			for _, ar := range r.Rules {
-				var as []attribute
+				var as []*Attribute
 				for _, a := range ar.MatchAttributes {
-					as = append(as, attribute{Key: a.Key, Value: a.Value})
+					as = append(as, &Attribute{Key: a.Key, Value: a.Value})
 				}
 
 				data[p.Resource][r.Action] = append(data[p.Resource][r.Action], &rule{