Class: Spacelift::Policy::CLI

Inherits:

Object

Object
Spacelift::Policy::CLI

show all

Defined in:: lib/spacelift/policy/cli.rb

Overview

CLI implements the logic required to configure, run and report policy checks.

Constant Summary collapse

DEFAULT_PLAN =

'spacelift.plan.json'.freeze

DEFAULT_POLICIES =

'/spacelift/project/**/*.policy.rb'.freeze

Instance Attribute Summary collapse

#json ⇒ Object readonly

Returns the value of attribute json.
#policies ⇒ Object readonly

Returns the value of attribute policies.

Class Method Summary collapse

.run(argv: ARGV) ⇒ Object

Instance Method Summary collapse

#initialize ⇒ CLI constructor

A new instance of CLI.
#parse(options) ⇒ Object

This method reeks of :reek:NestedIterators and :reek:TooManyStatements rubocop:disable Metrics/LineLength, Metrics/MethodLength.
#run ⇒ Object

This method reeks of :reek:TooManyStatements.

Constructor Details

#initialize ⇒ `CLI`

Returns a new instance of CLI.

# File 'lib/spacelift/policy/cli.rb', line 17

def initialize
  @json = DEFAULT_PLAN
  @policies = DEFAULT_POLICIES
end

Instance Attribute Details

#json ⇒ `Object` (readonly)

Returns the value of attribute json.



8
9
10

# File 'lib/spacelift/policy/cli.rb', line 8

def json
  @json
end

#policies ⇒ `Object` (readonly)

Returns the value of attribute policies.



8
9
10

# File 'lib/spacelift/policy/cli.rb', line 8

def policies
  @policies
end

Class Method Details

.run(argv: ARGV) ⇒ `Object`



13
14
15

# File 'lib/spacelift/policy/cli.rb', line 13

def self.run(argv: ARGV)
  new.parse(argv).run
end

Instance Method Details

#parse(options) ⇒ `Object`

This method reeks of :reek:NestedIterators and :reek:TooManyStatements rubocop:disable Metrics/LineLength, Metrics/MethodLength

# File 'lib/spacelift/policy/cli.rb', line 24

def parse(options)
  parser = OptionParser.new do |opts|
    opts.banner = 'Usage: spacelift-policy [options]'

    opts.on('-jJSON', '--json=JSON', 'Path to the Terraform JSON plan') do |json|
      @json = json.freeze
    end

    opts.on('-pPOLICIES', '--policies=POLICIES', 'Glob expression capturing policy files') do |policies|
      @policies = policies.freeze
    end

    opts.on('-h', '--help', 'Prints this help') do
      puts opts
      exit
    end
  end
  parser.parse!(options)
  self
end

#run ⇒ `Object`

This method reeks of :reek:TooManyStatements.

Raises:

(Error)

# File 'lib/spacelift/policy/cli.rb', line 47

def run
  # List and validate policy paths.
  paths = Dir.glob(@policies)
  raise Error, "no policy files matched by #{@policies}" if paths.empty?

  # Validate state file path.
  raise Error, "state file '#{json}' not present" unless File.file?(@json)

  # Load policy files.
  paths.each { |path| load path }

  # Apply rules against the plan JSON file.
  violations = Spacelift::Policy.enforce(File.read(@json))

  # Print out violations, if any.
  violations.each { |violation| warn violation.to_s }

  # In the end, report if there were any violations. Based on that the
  # caller will be able to decide whether ther run was successful or not.
  violations.empty?
end