Class: Spacelift::Policy::Rule

Inherits:
Object
  • Object
show all
Defined in:
lib/spacelift/policy/rule.rb

Overview

Rule represents a single rule applied to all resources.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(name) {|_self| ... } ⇒ Rule

Returns a new instance of Rule.

Yields:

  • (_self)

Yield Parameters:



10
11
12
13
14
15
16
17
 
# File 'lib/spacelift/policy/rule.rb', line 10

def initialize(name)
  @name = name
  @matchers = []
  @check = nil
  yield self
  freeze
  validate
end

Instance Attribute Details

#nameObject (readonly)

Returns the value of attribute name.



8
9
10
 
# File 'lib/spacelift/policy/rule.rb', line 8

def name
  @name
end

Instance Method Details

#process(resource) ⇒ Object 



19
20
21
22
23
 
# File 'lib/spacelift/policy/rule.rb', line 19

def process(resource)
  return [true, nil] if ok?(resource)

  [false, Violation.new(address: resource.address, rule: name)]
end

#then(&block) ⇒ Object

Raises:



25
26
27
28
29
 
# File 'lib/spacelift/policy/rule.rb', line 25

def then(&block)
  raise Error, "check already defined on rule '#{name}'" if check

  self.check = block
end

#when(&block) ⇒ Object 



31
32
33
34
 
# File 'lib/spacelift/policy/rule.rb', line 31

def when(&block)
  matchers << block
  self
end

#when_action_is(*actions) ⇒ Object 



36
37
38
39
40
41
42
 
# File 'lib/spacelift/policy/rule.rb', line 36

def when_action_is(*actions)
  required = Set.new(actions)

  self.when do |resource|
    Set.new(resource.change.actions).intersect?(required)
  end
end

#when_managedObject 



44
45
46
 
# File 'lib/spacelift/policy/rule.rb', line 44

def when_managed
  self.when { |resource| resource.mode == 'managed' }
end

#when_type_is(*types) ⇒ Object 



48
49
50
 
# File 'lib/spacelift/policy/rule.rb', line 48

def when_type_is(*types)
  self.when { |resource| types.include?(resource.type) }
end