Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CLI command to evaluate policies #1108

Open
Tracked by #122
jiparis opened this issue Jul 18, 2024 · 2 comments
Open
Tracked by #122

CLI command to evaluate policies #1108

jiparis opened this issue Jul 18, 2024 · 2 comments
Labels
component/CLI policies

Comments

@jiparis
Copy link
Member

jiparis commented Jul 18, 2024
edited
Loading

it would be useful to have something like chainloop policy eval that receives a material and a policy (file, URL) and returns a report with potential violations. I would be used in manual control gates
@jiparis jiparis mentioned this issue Jul 18, 2024
Open
@migmartri
Copy link
Member

I'd love if this command has a 'development mode` (flag) that allows us to see the input, data,linting errors, and evaluation output, similar to what the rego playground does.

@migmartri migmartri assigned migmartri and unassigned migmartri Aug 21, 2024
@jiparis
Copy link
Member Author

jiparis commented Aug 22, 2024

I'd love if this command has a 'development mode` (flag) that allows us to see the input, data,linting errors, and evaluation output, similar to what the rego playground does.

I think opa eval might be of help for this:

> cat input.json
{"components": [{"name": "thename", "bom-ref": "theref", "licenses": []}]}

> opa eval -d cyclonedx-licenses.rego -i input.json 'data.cyclonedx_licenses.violations'
{
  "result": [
    {
      "expressions": [
        {
          "value": [
            "Missing licenses for thename (theref)"
          ],
          "text": "data.cyclonedx_licenses.violations",
          "location": {
            "row": 1,
            "col": 1
          }
        }
      ]
    }
  ]
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
component/CLI policies
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@migmartri @jiparis