From 1c43139c51e2f0191140a8f77f4661bcefde3d40 Mon Sep 17 00:00:00 2001
From: yaacov <kobi.zamir@gmail.com>
Date: Mon, 29 Sep 2025 16:31:07 +0300
Subject: [PATCH] Allow labels and annotation field validation

Signed-off-by: yaacov <kobi.zamir@gmail.com>
---
 pkg/cmd/sql-sql.go | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/pkg/cmd/sql-sql.go b/pkg/cmd/sql-sql.go
index 66b4fb2..7910476 100644
--- a/pkg/cmd/sql-sql.go
+++ b/pkg/cmd/sql-sql.go
@@ -16,6 +16,26 @@ import (
 
 // isValidFieldIdentifier checks if a field name matches the allowed pattern
 func isValidFieldIdentifier(field string) bool {
+	// Check for labels.* pattern
+	if strings.HasPrefix(field, "labels.") {
+		labelKey := field[7:] // Remove "labels." prefix
+		// K8s label keys: alphanumeric, hyphens, underscores, dots
+		// Must start and end with alphanumeric character
+		labelPattern := `^[a-zA-Z0-9]([a-zA-Z0-9\-_.]*[a-zA-Z0-9])?$`
+		match, _ := regexp.MatchString(labelPattern, labelKey)
+		return match
+	}
+
+	// Check for annotations.* pattern
+	if strings.HasPrefix(field, "annotations.") {
+		annotationKey := field[12:] // Remove "annotations." prefix
+		// K8s annotation keys: similar to labels but more flexible
+		// Can contain alphanumeric, hyphens, underscores, dots, and slashes
+		annotationPattern := `^[a-zA-Z0-9]([a-zA-Z0-9\-_./]*[a-zA-Z0-9])?$`
+		match, _ := regexp.MatchString(annotationPattern, annotationKey)
+		return match
+	}
+
 	// Matches patterns like:
 	// - simple: name, first_name, my.field
 	// - array access: items[0], my.array[123]