class Spacelift::Policy::CLI
CLI
implements the logic required to configure, run and report policy checks.
Constants
- DEFAULT_PLAN
- DEFAULT_POLICIES
Attributes
json[R]
policies[R]
Public Class Methods
new()
click to toggle source
# File lib/spacelift/policy/cli.rb, line 17 def initialize @json = DEFAULT_PLAN @policies = DEFAULT_POLICIES end
run(argv: ARGV)
click to toggle source
# File lib/spacelift/policy/cli.rb, line 13 def self.run(argv: ARGV) new.parse(argv).run end
Public Instance Methods
parse(options)
click to toggle source
This method reeks of :reek:NestedIterators and :reek:TooManyStatements rubocop:disable Metrics/LineLength, Metrics/MethodLength
# File lib/spacelift/policy/cli.rb, line 24 def parse(options) parser = OptionParser.new do |opts| opts.banner = 'Usage: spacelift-policy [options]' opts.on('-jJSON', '--json=JSON', 'Path to the Terraform JSON plan') do |json| @json = json.freeze end opts.on('-pPOLICIES', '--policies=POLICIES', 'Glob expression capturing policy files') do |policies| @policies = policies.freeze end opts.on('-h', '--help', 'Prints this help') do puts opts exit end end parser.parse!(options) self end
run()
click to toggle source
This method reeks of :reek:TooManyStatements.
# File lib/spacelift/policy/cli.rb, line 47 def run # List and validate policy paths. paths = Dir.glob(@policies) raise Error, "no policy files matched by #{@policies}" if paths.empty? # Validate state file path. raise Error, "state file '#{json}' not present" unless File.file?(@json) # Load policy files. paths.each { |path| load path } # Apply rules against the plan JSON file. violations = Spacelift::Policy.enforce(File.read(@json)) # Print out violations, if any. violations.each { |violation| warn violation.to_s } # In the end, report if there were any violations. Based on that the # caller will be able to decide whether ther run was successful or not. violations.empty? end