mirror of
https://github.com/kubevela/kubevela.git
synced 2026-05-18 15:27:45 +00:00
f36017dfa5
Populate policy context with explicit fields and filtered metadata using the existing process.Context infrastructure, providing a secure and user-friendly API for policy templates. Changes: - Populate ContextData with filtered labels/annotations (via filterUserMetadata) - Add explicit fields: appName, namespace, appRevision, appRevisionNum - Use process.Context.BaseContextFile() to inject context into CUE - Reuses existing context infrastructure (same as components/workflows) Context fields now available in policies: - context.appName - explicit application name - context.namespace - explicit namespace - context.appRevision - explicit revision name - context.appRevisionNum - explicit revision number - context.appLabels - filtered user labels (internal prefixes removed) - context.appAnnotations - filtered user annotations (internal prefixes removed) Security: Filtered metadata isolates policy context from components/workflows: - Policies: get filtered labels/annotations (secure) - Components/workflows: get unfiltered labels/annotations (unchanged) - Policy additionalContext flows via Go context to components as context.custom Tests: - Verify explicit fields accessible in policies - Verify user metadata accessible (filtered) - Verify internal metadata filtered out Part of Policy Refactor Plan v3 - Part 1.2 & 1.3: Foundation 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>