Vet condition prior to evaluation

2024-07-14 17:30:37 +03:00 · 2024-06-17 22:59:55 -07:00 · 2024-06-17 22:59:55 -07:00 · 0d16f33018
commit 0d16f33018
parent 65526b1897
3 changed files with 25 additions and 3 deletions
--- a/src/condition.rs
+++ b/src/condition.rs
@ -46,7 +46,11 @@ pub(super) fn evaluate_condition(
                        });
                    }
                    Value::Bool(b) if b => continue,
-                    result => return Err(FlakeCheckerError::InvalidCelCondition(format!("CEL conditions must return a Boolean but your supplied condition returned a {}", result.type_of()))),
+                    result => {
+                        return Err(FlakeCheckerError::NonBooleanCondition(
+                            result.type_of().to_string(),
+                        ))
+                    }
                },
                Err(e) => return Err(FlakeCheckerError::CelExecution(e)),
            }
@ -71,3 +75,19 @@ fn nixpkgs_cel_values(repo: Box<RepoNode>) -> Vec<(&'static str, Value)> {
        (KEY_OWNER, Value::from(repo.original.owner)),
    ]
 }
+
+pub(super) fn vet_condition(condition: &str) -> Result<(), FlakeCheckerError> {
+    let mut ctx = Context::default();
+    ctx.add_variable_from_value(KEY_SUPPORTED_REFS, Value::List(Vec::<Value>::new().into()));
+    ctx.add_variable_from_value(KEY_GIT_REF, Value::from("some-ref"));
+    ctx.add_variable_from_value(KEY_NUM_DAYS_OLD, Value::from(27));
+    ctx.add_variable_from_value(KEY_OWNER, Value::from("some-og"));
+
+    match Program::compile(condition)?.execute(&ctx) {
+        Ok(value) if matches!(value, Value::Bool(_)) => Ok(()),
+        Ok(value) => Err(FlakeCheckerError::NonBooleanCondition(
+            value.type_of().to_string(),
+        )),
+        Err(e) => Err(FlakeCheckerError::CelExecution(e)),
+    }
+}
--- a/src/error.rs
+++ b/src/error.rs
@ -10,8 +10,8 @@ pub enum FlakeCheckerError {
    FlakeLock(#[from] parse_flake_lock::FlakeLockParseError),
    #[error("http client error: {0}")]
    Http(#[from] reqwest::Error),
-    #[error("invalid CEL condition: {0}")]
-    InvalidCelCondition(String),
+    #[error("CEL conditions must return a Boolean but returned {0} instead")]
+    NonBooleanCondition(String),
    #[error("couldn't access flake.lock: {0}")]
    Io(#[from] std::io::Error),
    #[error("couldn't parse flake.lock: {0}")]
--- a/src/main.rs
+++ b/src/main.rs
@ -7,6 +7,7 @@ mod issue;
 mod summary;
 mod telemetry;

+use condition::vet_condition;
 use error::FlakeCheckerError;
 use flake::{check_flake_lock, FlakeCheckConfig};
 use summary::Summary;
@ -179,6 +180,7 @@ fn main() -> Result<ExitCode, FlakeCheckerError> {
    };

    let issues = if let Some(condition) = &condition {
+        vet_condition(condition)?;
        evaluate_condition(&flake_lock, &nixpkgs_keys, condition, allowed_refs.clone())?
    } else {
        check_flake_lock(&flake_lock, &flake_check_config, allowed_refs.clone())?