Merge pull request #301 from wwwil/op-regex

Add regex compare op
5 years ago · ea7400aa4b
parent c379df19b0 5e3ff51fa9
commit ea7400aa4b
4 changed files with 30 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -232,6 +232,9 @@ These operations are:
 - `lte`: tests if the flag value is less than or equal to the compared value.
 - `has`: tests if the flag value contains the compared value.
 - `nothave`: tests if the flag value does not contain the compared value.
+- `regex`: tests if the flag value matches the compared value regular expression.
+
+When defining regular expressions in YAML it is generally easier to wrap them in single quotes, for example `'^[abc]$'`, to avoid issues with string escaping.

 # Roadmap
 Going forward we plan to release updates to kube-bench to add support for new releases of the Benchmark, which in turn we can anticipate being made for each new Kubernetes release.
--- a/check/data
+++ b/check/data
@ -297,3 +297,13 @@ groups:
              op: eq
              value: "false"
            set: true
+
+    - id: 26
+      text: "check regex op matches"
+      tests:
+        test_items:
+          - path: "{.currentMasterVersion}"
+            compare:
+              op: regex
+              value: '^1\.12.*$'
+            set: true
--- a/check/test.go
+++ b/check/test.go
@ -185,6 +185,11 @@ func (t *testItem) execute(s string) *testOutput {
 			case "nothave":
 				expectedResultPattern = " '%s' not have '%s'"
 				result.testResult = !strings.Contains(flagVal, t.Compare.Value)
+
+			case "regex":
+				expectedResultPattern = " '%s' matched by '%s'"
+				opRe := regexp.MustCompile(t.Compare.Value)
+				result.testResult = opRe.MatchString(flagVal)
 			}

 			result.ExpectedResult = fmt.Sprintf(expectedResultPattern, t.Flag, t.Compare.Value)
--- a/check/test_test.go
+++ b/check/test_test.go
@ -152,6 +152,10 @@ func TestTestExecute(t *testing.T) {
 			controls.Groups[0].Checks[22],
 			"authentication:\n  anonymous:\n    enabled: false",
 		},
+		{
+			controls.Groups[0].Checks[26],
+			"currentMasterVersion: 1.12.7",
+		},
 	}

 	for _, c := range cases {
@ -180,6 +184,14 @@ func TestTestExecuteExceptions(t *testing.T) {
 			controls.Groups[0].Checks[25],
 			"broken } yaml\nenabled: true",
 		},
+		{
+			controls.Groups[0].Checks[26],
+			"currentMasterVersion: 1.11",
+		},
+		{
+			controls.Groups[0].Checks[26],
+			"currentMasterVersion: ",
+		},
 	}

 	for _, c := range cases {