Skip to content

Commit

Permalink
add tests
Browse files Browse the repository at this point in the history
  • Loading branch information
lmolkova committed Aug 18, 2024
1 parent 65a4a9a commit 8110e88
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 12 deletions.
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ yamllint:
# Test rego policies
.PHONY: test-policies
test-policies:
docker run --rm -v $(PWD)/policies:/policies openpolicyagent/opa:0.67.1 test --explain fails /policies
docker run --rm -v $(PWD)/policies:/policies openpolicyagent/opa:0.67.1 test --var-values --explain fails /policies

# Generate markdown tables from YAML definitions
.PHONY: table-generation
Expand Down
2 changes: 1 addition & 1 deletion policies/attribute_name_collisions.rego
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package after_resolution
package attribute_name_collisions

# check that attribute constant names do not collide
deny[attr_registry_collision(description, name)] {
Expand Down
13 changes: 3 additions & 10 deletions policies/yaml_schema.rego
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
package before_resolution
package yaml_schema

# checks attribute name format
deny[yaml_schema_violation(description, group.id, name)] {
group := input.groups[_]
attr := group.attributes[_]
name := get_attribute_name(attr, group)
name := attr.id

not regex.match(name_regex, name)

Expand Down Expand Up @@ -38,7 +38,7 @@ deny[yaml_schema_violation(description, group.id, name)] {
deny[yaml_schema_violation(description, group.id, attr_name)] {
group := input.groups[_]
attr := group.attributes[_]
attr_name := get_attribute_name(attr, group)
attr_name := attr.id
name := attr.type.members[_].id

not regex.match(name_regex, name)
Expand All @@ -61,10 +61,3 @@ yaml_schema_violation(description, group, attr) = violation {
name_regex := "^[a-z][a-z0-9]*([._][a-z0-9]+)*$"

invalid_name_helper := "must consist of lowercase alphanumeric characters separated by '_' and '.'"

get_attribute_name(attr, group) = name {
full_name = concat(".", [group.prefix, attr.id])

# if there was no prefix, we have a leading dot
name := trim(full_name, ".")
}

0 comments on commit 8110e88

Please sign in to comment.