grosser/slow.rego

## slow.rego
package k8srequiredlabels

violation[{"msg": msg, "details": {"missing_labels": missing}}] {
  provided := {label | input.review.object.metadata.labels[label]}
  required := {label | label := input.parameters.labels[_]}
  missing := required - provided
  count(missing) > 0
  msg := sprintf("opa-gatekeeper: you must provide labels %v for %v %v/%v", [missing, input.review.object.kind, input.review.object.metadata.namespace, input.review.object.metadata.name])
}

parameters := {"labels":["project","team"]}
test_allowed0 {
  item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
  count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
}

test_allowed1 {
  item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
  count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
}

test_allowed2 {
  item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
  count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
}

test_allowed3 {
  item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
  count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
}

test_allowed4 {
  item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
  count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
}

test_allowed5 {
  item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
  count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
}

test_allowed6 {
  item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
  count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
}

test_allowed7 {
  item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
  count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
}

test_allowed8 {
  item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
  count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
}

test_allowed9 {
  item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
  count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
}
	package k8srequiredlabels

	violation[{"msg": msg, "details": {"missing_labels": missing}}] {
	provided := {label \| input.review.object.metadata.labels[label]}
	required := {label \| label := input.parameters.labels[_]}
	missing := required - provided
	count(missing) > 0
	msg := sprintf("opa-gatekeeper: you must provide labels %v for %v %v/%v", [missing, input.review.object.kind, input.review.object.metadata.namespace, input.review.object.metadata.name])
	}

	parameters := {"labels":["project","team"]}
	test_allowed0 {
	item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
	count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
	}

	test_allowed1 {
	item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
	count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
	}

	test_allowed2 {
	item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
	count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
	}

	test_allowed3 {
	item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
	count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
	}

	test_allowed4 {
	item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
	count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
	}

	test_allowed5 {
	item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
	count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
	}

	test_allowed6 {
	item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
	count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
	}

	test_allowed7 {
	item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
	count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
	}

	test_allowed8 {
	item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
	count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
	}

	test_allowed9 {
	item := {"metadata":{"annotations":{"deployment.kubernetes.io/revision":"93","samson/deploy_url":"https://samson.zende.sk/projects/zendesk_ars/deploys/892794"},"creationTimestamp":"2019-11-08T20:42:03Z","generation":93,"labels":{"project":"auto-remediation-service","role":"worker","team":"znoc"},"name":"ars-workers","namespace":"auto-remediation-service","resourceVersion":"53751118","selfLink":"/apis/apps/v1/namespaces/auto-remediation-service/deployments/ars-workers","uid":"38b66766-0268-11ea-8b52-0a7a529b5bd5"}}
	count(violation) == 0 with input as {"review":{"object":item},"parameters":parameters}
	}