class Inspec::Resources::OpaCli

Public Class Methods

new(opts = {}) click to toggle source
Calls superclass method Inspec::Resources::Opa::new
# File lib/inspec/resources/opa_cli.rb, line 9
def initialize(opts = {})
  @opa_executable_path = opts[:opa_executable_path] || "opa" # if this path is not provided then we will assume that it's been set in the ENV PATH
  @policy = opts[:policy] || nil
  @data = opts[:data] || nil
  @query = opts[:query] || nil
  if (@policy.nil? || @policy.empty?) || (@data.nil? || @data.empty?) || (@query.nil? || @query.empty?)
    fail_resource "OPA policy, data and query are mandatory."
  end
  @content = load_result
  super(@content)
end

Public Instance Methods

allow() click to toggle source
# File lib/inspec/resources/opa_cli.rb, line 21
def allow
  @content["result"][0]["expressions"][0]["value"] if @content["result"][0]["expressions"][0]["text"].include?("allow")
end
to_s() click to toggle source
# File lib/inspec/resources/opa_cli.rb, line 25
def to_s
  "OPA cli"
end

Private Instance Methods

load_result() click to toggle source
# File lib/inspec/resources/opa_cli.rb, line 31
def load_result
  raise Inspec::Exceptions::ResourceFailed, "#{resource_exception_message}" if resource_failed?

  result = inspec.command("#{@opa_executable_path} eval -i '#{@data}' -d '#{@policy}' '#{@query}'")
  if result.exit_status == 0
    result.stdout.gsub("\n", "")
  else
    error = result.stdout + "\n" + result.stderr
    raise Inspec::Exceptions::ResourceFailed, "Error while executing OPA query: #{error}"
  end
end