[BUG] Policies with PreConditions are marked as "failed" in the metrics

[diranged]

Software version numbers

• Kubernetes version: 1.21
• Kubernetes platform (if applicable; ex., EKS, GKE, OpenShift): EKS
• Kyverno version: 1.5.1

Describe the bug
Slack Thread: https://kubernetes.slack.com/archives/CLGR9BJU9/p1635458987180000

Any Policy or ClusterPolicy with a preconditions field will report rule_result=fail for rules that do not match the precondition. This makes it hard to monitor for rule failures when preconditions are used to exclude a rule from being applied.

To Reproduce

Create this rule:

apiVersion: kyverno.io/v1
kind: ClusterPolicy
metadata:
  name: set-service-defaults
spec:
  background: false
  validationFailureAction: enforce
  rules:
  - name: set-service-defaults
    match:
      resources:
        kinds: [Service]
    preconditions:
      - key: "{{request.object.spec.type}}"
        operator: Equals
        value: LoadBalancer
    mutate:
      patchStrategicMerge:
        metadata:
          annotations:
            service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "kubernetes_namespace={{request.object.metadata.namespace}},project={{request.object.metadata.namespace}}"

Then create some Service objects that are not LoadBalancer types. Check your metrics and you will see that they are continually being marked as rule_result=fail in the metrics, while they are not marked that way in the PolicyReport.

Expected behavior

The data that populates the metrics should be the same as the data we see in the PolicyReport.

[chipzoller]

/cc @yashvardhan-kukreja

[yashvardhan-kukreja]

ack'd on it 👍🏼