Merge pull request #1941 from kubescape/semver

fix isRuleKubescapeVersionCompatible bug with version 4.0.0

build/goreleaser-post-e2e.sh

@@ -128,7 +128,7 @@ gha_group_start "Smoke tests"
 log "Running smoke tests with $PYTHON $SMOKE_RUNNER \"$ART_PATH\""
 # Run the test runner, propagate exit code
 set +e
-"$PYTHON" "$SMOKE_RUNNER" "$ART_PATH"
+RELEASE="${RELEASE:-}" "$PYTHON" "$SMOKE_RUNNER" "$ART_PATH"
 rc=$?
 set -e
 

core/cautils/datastructuresmethods.go

@@ -76,14 +76,18 @@ func ShouldSkipRule(control reporthandling.Control, rule reporthandling.PolicyRu
 // In local build (BuildNumber = ""):
 // returns true only if rule doesn't have the "until" attribute
 func isRuleKubescapeVersionCompatible(attributes map[string]interface{}, version string) bool {
+	normalizedVersion := version
+	if version != "" && !semver.IsValid(version) {
+		normalizedVersion = "v" + version
+	}
+
 	if from, ok := attributes["useFromKubescapeVersion"]; ok && from != nil {
 		switch sfrom := from.(type) {
 		case string:
-			if version != "" && semver.Compare(version, sfrom) == -1 {
+			if normalizedVersion != "" && semver.IsValid(normalizedVersion) && semver.Compare(normalizedVersion, sfrom) == -1 {
 				return false
 			}
 		default:
-			// Handle case where useFromKubescapeVersion is not a string
 			return false
 		}
 	}
@@ -91,11 +95,10 @@ func isRuleKubescapeVersionCompatible(attributes map[string]interface{}, version
 	if until, ok := attributes["useUntilKubescapeVersion"]; ok && until != nil {
 		switch suntil := until.(type) {
 		case string:
-			if version == "" || semver.Compare(version, suntil) >= 0 {
+			if normalizedVersion == "" || (semver.IsValid(normalizedVersion) && semver.Compare(normalizedVersion, suntil) >= 0) {
 				return false
 			}
 		default:
-			// Handle case where useUntilKubescapeVersion is not a string
 			return false
 		}
 	}

smoke_testing/test_version.py

@@ -1,7 +1,9 @@
 import os
-import smoke_utils
+import re
 import sys
 
+import smoke_utils
+
 
 def run(kubescape_exec: str):
     print("Testing version")
@@ -10,7 +12,22 @@ def run(kubescape_exec: str):
     msg = smoke_utils.run_command(command=[kubescape_exec, "version"])
     if isinstance(msg, bytes):
         msg = msg.decode('utf-8')
-    assert (ver and ver in msg) or (ver and ver.lstrip('v') in msg), f"expected version: {ver}, found: {msg}"
+
+    # Extract version from output
+    version_match = re.search(r'Your current version is: ([^\s\n]+)', msg)
+    if version_match:
+        output_version = version_match.group(1)
+        print(f"Found version in output: {output_version}")
+
+        # If RELEASE is set, verify it matches the output
+        if ver:
+            # Check if RELEASE (with or without 'v' prefix) is in the output
+            assert (ver in msg) or (ver.lstrip('v') in msg), f"expected version: {ver}, found: {output_version}"
+        else:
+            # If RELEASE is not set, just verify that a version was found
+            assert output_version, f"no version found in output: {msg}"
+    else:
+        raise AssertionError(f"no version found in output: {msg}")
 
     print("Done testing version")