From fba062e1491d1d7c47bfbc54413394ab4e7f16ba Mon Sep 17 00:00:00 2001
From: Parthiba hazra <parthibahazra@gmail.com>
Date: Thu, 10 Aug 2023 22:54:36 +0530
Subject: [PATCH] :bug: Do not generate violations when there are no incidents
 (#281)

Closes #278

---------

Signed-off-by: Parthiba-Hazra <parthibahazra02@gmail.com>
---
 engine/engine.go     |  2 +-
 provider/provider.go | 12 ++++++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/engine/engine.go b/engine/engine.go
index bb058fbc..daad03c2 100644
--- a/engine/engine.go
+++ b/engine/engine.go
@@ -173,7 +173,7 @@ func (r *ruleEngine) RunRules(ctx context.Context, ruleSets []RuleSet, selectors
 						if rs, ok := mapRuleSets[response.RuleSetName]; ok {
 							rs.Errors[response.Rule.RuleID] = response.Err.Error()
 						}
-					} else if response.ConditionResponse.Matched {
+					} else if response.ConditionResponse.Matched && len(response.ConditionResponse.Incidents) > 0 {
 						violation, err := r.createViolation(response.ConditionResponse, response.Rule)
 						if err != nil {
 							r.logger.Error(err, "unable to create violation from response")
diff --git a/provider/provider.go b/provider/provider.go
index 8a7b43c2..2e72c670 100644
--- a/provider/provider.go
+++ b/provider/provider.go
@@ -431,6 +431,15 @@ func (p *ProviderCondition) Evaluate(ctx context.Context, log logr.Logger, condC
 		}
 		incidents = append(incidents, i)
 	}
+
+	// If there are no incidents, don't generate any violations
+	if len(incidents) == 0 && len(resp.Incidents)-len(incidents) > 0 {
+		log.V(5).Info("filtered out all incidents based on dep label selector", "filteredOutCount", len(resp.Incidents)-len(incidents))
+		return engine.ConditionResponse{
+			Matched: resp.Matched,
+		}, nil
+	}
+
 	cr := engine.ConditionResponse{
 		Matched:         resp.Matched,
 		TemplateContext: resp.TemplateContext,
@@ -438,6 +447,9 @@ func (p *ProviderCondition) Evaluate(ctx context.Context, log logr.Logger, condC
 	}
 
 	log.V(8).Info("condition response", "ruleID", p.Rule.RuleID, "response", cr, "cap", p.Capability, "conditionInfo", p.ConditionInfo, "client", p.Client)
+	if len(resp.Incidents)-len(incidents) > 0 {
+		log.V(5).Info("filtered out incidents based on dep label selector", "filteredOutCount", len(resp.Incidents)-len(incidents))
+	}
 	return cr, nil
 
 }