diff --git a/pkg/policies/engine/rego/rego_test.go b/pkg/policies/engine/rego/rego_test.go index 752dd0625..e76e4e31e 100644 --- a/pkg/policies/engine/rego/rego_test.go +++ b/pkg/policies/engine/rego/rego_test.go @@ -341,18 +341,18 @@ func TestRego_MatchesParameters(t *testing.T) { Source: regoContent, } - t.Run("high severity matches medium expectation", func(t *testing.T) { + t.Run("high expectation matches low severity", func(t *testing.T) { matches, err := r.MatchesParameters(context.TODO(), policy, - map[string]string{"severity": "high"}, - map[string]string{"severity": "medium"}) + map[string]string{"severity": "low"}, + map[string]string{"severity": "high"}) require.NoError(t, err) assert.True(t, matches) }) - t.Run("low severity does not match high expectation", func(t *testing.T) { + t.Run("medium expectation does not match high severity", func(t *testing.T) { matches, err := r.MatchesParameters(context.TODO(), policy, - map[string]string{"severity": "low"}, - map[string]string{"severity": "high"}) + map[string]string{"severity": "high"}, + map[string]string{"severity": "medium"}) require.NoError(t, err) assert.False(t, matches) }) diff --git a/pkg/policies/engine/rego/testfiles/matches_parameters.rego b/pkg/policies/engine/rego/testfiles/matches_parameters.rego index 04e4935ca..cd56a306a 100644 --- a/pkg/policies/engine/rego/testfiles/matches_parameters.rego +++ b/pkg/policies/engine/rego/testfiles/matches_parameters.rego @@ -15,6 +15,6 @@ matches_parameters := result { eval_idx := severity_index(eval_severity) expected_idx := severity_index(expected_severity) - # Evaluation severity must be >= expected severity - result := eval_idx >= expected_idx + # Expected severity must be >= evaluation severity + result := expected_idx >= eval_idx } \ No newline at end of file