bcho
commented
1 year ago @everjing I have fixed and updated the test case to the new one, PTAL!
Closed bcho closed 1 year ago
bcho
commented
1 year ago @everjing I have fixed and updated the test case to the new one, PTAL!
bcho
commented
1 year ago The change from cb5e596 is to fix a code bug that aggregated in rule instead of object. The new aggregate logic is as follow:
aggregatedQueryResults.Merge(queryResults), which is to accumulate the query resultscc @everjing
everjing
commented
1 year ago Do we need to treat completely duplicate rules as one? Current setting still treats
The change from cb5e596 is to fix a code bug that aggregated in rule instead of object. The new aggregate logic is as follow:
- suppose we have X total rules, N distinct rules, M objects
- in this case, we need to run N * M queries; for each object, we need to run N queries
- for each object, suppose we get R1 success results, R2 failure results, R3 warning results, R4 exception results
- now, we have total (R = R1 + R2 + R3 + R4) results generated from N distinct rules
- however, we might have (X - R) duplicated rules (where X - R > 0). In this case, we count these rules as succeeded
- finally, we aggregate the results from each object quires, and merge them with
aggregatedQueryResults.Merge(queryResults), which is to accumulate the query resultscc @everjing
Making great sense to me. Thank you!
Because an rego query returns all failures for a given rule, even if the rule is repeated with different bodies. Therefore, we should only query the distinct rules. At the end, the total success rules should be the count of the total rules minus the query results plus succeeded query results.
Fix #25