json.match_schema() does not work reliable with array input and schema

Question

json.match_schema() does not work reliable with array input and schema

Opened this issue 2 months ago · 0 comments

mscudlik commented 2 months ago

Short description

json.match_schema() does not work reliable with array input and schema

Steps To Reproduce

I have created a small example:
https://github.com/mscudlik/opa-json-match-schema

Expected behavior

In my example, the command

opa eval -b . -f pretty data.array_input.policy --input array_input/input/valid/data.json

should return matches true, and the test
https://github.com/mscudlik/opa-json-match-schema/blob/main/array_input/test/string_regex_pattern_test.rego

There should also be error messages in case the schema is not valid

Somehow

opa eval -b . -f pretty data.array_input.policy --input array_input/input/invalid_no_array/data.json

works with the expected error message, while

opa eval -b . -f pretty data.array_input.policy --input array_input/input/invalid_type/data.json

produces the expected matches value, but the errors are missing

Additional context

Usecase is to validate the input (which i cannot trust)

opa version

Version: 0.62.0
Build Commit: 1d0ab93822e83a4165c78372a7fb4c05e14a8bca
Build Timestamp: 2024-02-29T17:07:11Z
Build Hostname: Mac-1709226273754.local
Go Version: go1.22.0
Platform: darwin/amd64
WebAssembly: available