tfgcv

package

v0.22.0 Latest Latest Go to latest Published: Apr 20, 2023 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/GoogleCloudPlatform/terraform-validator

Links

Open Source Insights

Documentation ¶

Overview ¶

Package tfgcv pulls together the other packages in this project to take a terraform plan, extract the planned resources in Google CAI format, and run those CAI assets through the Config Validator.

Index ¶

func ReadPlannedAssets(ctx context.Context, path, project, zone, region string, ...) ([]google.Asset, error)
func ValidateAssets(ctx context.Context, assets []google.Asset, policyRootPath string) ([]*validator.Violation, error)
func ValidateAssetsWithLibrary(ctx context.Context, assets []google.Asset, policyPaths []string, ...) ([]*validator.Violation, error)
type ReadPlannedAssetsFunc
type ValidateAssetsFunc

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ReadPlannedAssets ¶

func ReadPlannedAssets(ctx context.Context, path, project, zone, region string, ancestry map[string]string, offline, convertUnchanged bool, errorLogger *zap.Logger, userAgent string) ([]google.Asset, error)

ReadPlannedAssets extracts CAI assets from a terraform plan file. If ancestry path is provided, it assumes the project is in that path rather than fetching the ancestry information using Google API. If convertUnchanged is set then resources that do not have any change from their deployed state are also reported in the output, otherwise only resources that are going to be changed are reported. It ignores non-supported resources.

func ValidateAssets ¶

func ValidateAssets(ctx context.Context, assets []google.Asset, policyRootPath string) ([]*validator.Violation, error)

ValidateAssets instantiates GCV and audits CAI assets using "policies" and "lib" folder under policyRootPath.

func ValidateAssetsWithLibrary ¶

func ValidateAssetsWithLibrary(ctx context.Context, assets []google.Asset, policyPaths []string, policyLibraryDir string) ([]*validator.Violation, error)

ValidateAssetsWithLibrary instantiates GCV and audits CAI assets.

Types ¶

type ReadPlannedAssetsFunc ¶ added in v0.8.0

type ReadPlannedAssetsFunc func(ctx context.Context, path, project, zone, region string, ancestry map[string]string, offline, convertUnchanged bool, errorLogger *zap.Logger, userAgent string) ([]google.Asset, error)

type ValidateAssetsFunc ¶ added in v0.8.0

type ValidateAssetsFunc func(ctx context.Context, assets []google.Asset, policyRootPath string) ([]*validator.Violation, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL