opa

package
v0.40.16 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 10, 2022 License: Apache-2.0 Imports: 11 Imported by: 11

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Eval

func Eval(t testing.TestingT, options *EvalOptions, jsonFilePaths []string, resultQuery string)

EvalE runs `opa eval` on the given JSON files using the configured policy file and result query. Translates to:

opa eval -i $JSONFile -d $RulePath $ResultQuery

This will asynchronously run OPA on each file concurrently using goroutines. This will fail the test if any one of the files failed.

func EvalE

func EvalE(t testing.TestingT, options *EvalOptions, jsonFilePaths []string, resultQuery string) error

EvalE runs `opa eval` on the given JSON files using the configured policy file and result query. Translates to:

opa eval -i $JSONFile -d $RulePath $ResultQuery

This will asynchronously run OPA on each file concurrently using goroutines.

Types

type EvalOptions

type EvalOptions struct {
	// Whether OPA should run checks with failure.
	FailMode FailMode

	// Path to rego file containing the OPA rules. Can also be a remote path defined in go-getter syntax. Refer to
	// https://github.com/hashicorp/go-getter#url-format for supported options.
	RulePath string

	// Set a logger that should be used. See the logger package for more info.
	Logger *logger.Logger

	// When true, keep any temp files and folders that are created for the purpose of running opa eval.
	DebugKeepTempFiles bool

	// When true, disable the functionality where terratest reruns the opa check on the same file and query all elements
	// on error. By default, terratest will rerun the opa eval call with `data` query so you can see all the contents
	// evaluated.
	DebugDisableQueryDataOnError bool
}

EvalOptions defines options that can be passed to the 'opa eval' command for checking policies on arbitrary JSON data via OPA.

type FailMode

type FailMode int

FailMode signals whether `opa eval` should fail when the query returns an undefined value (FailUndefined), a defined value (FailDefined), or not at all (NoFail).

const (
	FailUndefined FailMode = iota
	FailDefined
	NoFail
)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL