Skip to content

Commit

Permalink
feat(sourceNamespace): Regex Support
Browse files Browse the repository at this point in the history
Signed-off-by: Arthur <[email protected]>
  • Loading branch information
ArthurVardevanyan committed Jul 11, 2024
1 parent de76937 commit 0c967c6
Show file tree
Hide file tree
Showing 5 changed files with 49 additions and 1 deletion.
1 change: 1 addition & 0 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -185,6 +185,7 @@ require (
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/desertbit/timer v0.0.0-20180107155436-c41aec40b27f // indirect
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
github.com/dlclark/regexp2 v1.11.2
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
github.com/emirpasic/gods v1.18.1 // indirect
github.com/evanphx/json-patch/v5 v5.8.0 // indirect
Expand Down
2 changes: 2 additions & 0 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -844,6 +844,8 @@ github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/r
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
github.com/distribution/reference v0.5.0 h1:/FUIFXtfc/x2gpa5/VGfiGLuOIdYa1t65IKK2OFGvA0=
github.com/distribution/reference v0.5.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
github.com/dlclark/regexp2 v1.11.2 h1:/u628IuisSTwri5/UKloiIsH8+qF2Pu7xEQX+yIKg68=
github.com/dlclark/regexp2 v1.11.2/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
github.com/dnaeon/go-vcr v1.1.0 h1:ReYa/UBrRyQdant9B4fNHGoCNKw6qh6P0fsdGmZpR7c=
github.com/dnaeon/go-vcr v1.1.0/go.mod h1:M7tiix8f0r6mKKJ3Yq/kqU1OYf3MnfmBWVbPx/yU9ko=
github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE=
Expand Down
13 changes: 12 additions & 1 deletion util/glob/list.go
Original file line number Diff line number Diff line change
@@ -1,10 +1,21 @@
package glob

import (
"strings"

"github.com/argoproj/argo-cd/v2/util/regex"
)

// MatchStringInList will return true if item is contained in list. If
// exactMatch is set to false, list may contain globs to be matched.
func MatchStringInList(list []string, item string, exactMatch bool) bool {
for _, ll := range list {
if item == ll || (!exactMatch && Match(ll, item)) {
// If string is wrapped in "/", assume it is a regular expression.
if strings.HasPrefix(ll, "/") && strings.HasSuffix(ll, "/") {
if !exactMatch && regex.Match(ll[1:len(ll)-1], item) {
return true
}
} else if item == ll || (!exactMatch && Match(ll, item)) {
return true
}
}
Expand Down
20 changes: 20 additions & 0 deletions util/regex/regex.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
package regex

import (
"github.com/dlclark/regexp2"
log "github.com/sirupsen/logrus"
)

func Match(pattern, text string) bool {
compiledRegex, err := regexp2.Compile(pattern, 0)
if err != nil {
log.Warnf("failed to compile pattern %s due to error %v", pattern, err)
return false
}
regexMatch, err := compiledRegex.MatchString(text)
if err != nil {
log.Warnf("failed to match pattern %s due to error %v", pattern, err)
return false
}
return regexMatch
}
14 changes: 14 additions & 0 deletions util/security/application_namespaces_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,20 @@ func Test_IsNamespaceEnabled(t *testing.T) {
[]string{"allowed"},
false,
},
{
"match everything but specified word: fail",
"disallowed",
"argocd",
[]string{"/^((?!disallowed).)*$/"},
false,
},
{
"match everything but specified word: pass",
"allowed",
"argocd",
[]string{"/^((?!disallowed).)*$/"},
true,
},
}

for _, tc := range testCases {
Expand Down

0 comments on commit 0c967c6

Please sign in to comment.