class Spacelift::Policy::CLI

CLI implements the logic required to configure, run and report policy checks.

Constants

DEFAULT_PLAN
DEFAULT_POLICIES

Attributes

json[R]
policies[R]

Public Class Methods

new() click to toggle source
# File lib/spacelift/policy/cli.rb, line 17
def initialize
  @json = DEFAULT_PLAN
  @policies = DEFAULT_POLICIES
end
run(argv: ARGV) click to toggle source
# File lib/spacelift/policy/cli.rb, line 13
def self.run(argv: ARGV)
  new.parse(argv).run
end

Public Instance Methods

parse(options) click to toggle source

This method reeks of :reek:NestedIterators and :reek:TooManyStatements rubocop:disable Metrics/LineLength, Metrics/MethodLength

# File lib/spacelift/policy/cli.rb, line 24
def parse(options)
  parser = OptionParser.new do |opts|
    opts.banner = 'Usage: spacelift-policy [options]'

    opts.on('-jJSON', '--json=JSON', 'Path to the Terraform JSON plan') do |json|
      @json = json.freeze
    end

    opts.on('-pPOLICIES', '--policies=POLICIES', 'Glob expression capturing policy files') do |policies|
      @policies = policies.freeze
    end

    opts.on('-h', '--help', 'Prints this help') do
      puts opts
      exit
    end
  end
  parser.parse!(options)
  self
end
run() click to toggle source

This method reeks of :reek:TooManyStatements.

# File lib/spacelift/policy/cli.rb, line 47
def run
  # List and validate policy paths.
  paths = Dir.glob(@policies)
  raise Error, "no policy files matched by #{@policies}" if paths.empty?

  # Validate state file path.
  raise Error, "state file '#{json}' not present" unless File.file?(@json)

  # Load policy files.
  paths.each { |path| load path }

  # Apply rules against the plan JSON file.
  violations = Spacelift::Policy.enforce(File.read(@json))

  # Print out violations, if any.
  violations.each { |violation| warn violation.to_s }

  # In the end, report if there were any violations. Based on that the
  # caller will be able to decide whether ther run was successful or not.
  violations.empty?
end