-
Notifications
You must be signed in to change notification settings - Fork 2.4k
/
rego_flags.go
117 lines (109 loc) · 3.16 KB
/
rego_flags.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
package flag
// e.g. config yaml:
//
// rego:
// trace: true
// config-policy: "custom-policy/policy"
// policy-namespaces: "user"
var (
IncludeDeprecatedChecksFlag = Flag[bool]{
Name: "include-deprecated-checks",
ConfigName: "rego.include-deprecated-checks",
Usage: "include deprecated checks",
}
SkipCheckUpdateFlag = Flag[bool]{
Name: "skip-check-update",
ConfigName: "rego.skip-check-update",
Usage: "skip fetching rego check updates",
Aliases: []Alias{
{
Name: "skip-policy-update",
Deprecated: true,
},
},
}
TraceFlag = Flag[bool]{
Name: "trace",
ConfigName: "rego.trace",
Usage: "enable more verbose trace output for custom queries",
}
ConfigCheckFlag = Flag[[]string]{
Name: "config-check",
ConfigName: "rego.check",
Usage: "specify the paths to the Rego check files or to the directories containing them, applying config files",
Aliases: []Alias{
{Name: "policy", Deprecated: true},
{Name: "config-policy", Deprecated: true},
},
}
ConfigDataFlag = Flag[[]string]{
Name: "config-data",
ConfigName: "rego.data",
Usage: "specify paths from which data for the Rego checks will be recursively loaded",
Aliases: []Alias{
{Name: "data"},
},
}
CheckNamespaceFlag = Flag[[]string]{
Name: "check-namespaces",
ConfigName: "rego.namespaces",
Usage: "Rego namespaces",
Aliases: []Alias{
{Name: "namespaces"},
{Name: "policy-namespaces", Deprecated: true},
},
}
)
// RegoFlagGroup composes common printer flag structs used for commands providing misconfinguration scanning.
type RegoFlagGroup struct {
IncludeDeprecatedChecks *Flag[bool]
SkipCheckUpdate *Flag[bool]
Trace *Flag[bool]
CheckPaths *Flag[[]string]
DataPaths *Flag[[]string]
CheckNamespaces *Flag[[]string]
}
type RegoOptions struct {
IncludeDeprecatedChecks bool
SkipCheckUpdate bool
Trace bool
CheckPaths []string
DataPaths []string
CheckNamespaces []string
}
func NewRegoFlagGroup() *RegoFlagGroup {
return &RegoFlagGroup{
IncludeDeprecatedChecks: IncludeDeprecatedChecksFlag.Clone(),
SkipCheckUpdate: SkipCheckUpdateFlag.Clone(),
Trace: TraceFlag.Clone(),
CheckPaths: ConfigCheckFlag.Clone(),
DataPaths: ConfigDataFlag.Clone(),
CheckNamespaces: CheckNamespaceFlag.Clone(),
}
}
func (f *RegoFlagGroup) Name() string {
return "Rego"
}
func (f *RegoFlagGroup) Flags() []Flagger {
return []Flagger{
f.IncludeDeprecatedChecks,
f.SkipCheckUpdate,
f.Trace,
f.CheckPaths,
f.DataPaths,
f.CheckNamespaces,
}
}
func (f *RegoFlagGroup) ToOptions() (RegoOptions, error) {
if err := parseFlags(f); err != nil {
return RegoOptions{}, err
}
return RegoOptions{
IncludeDeprecatedChecks: f.IncludeDeprecatedChecks.Value(),
SkipCheckUpdate: f.SkipCheckUpdate.Value(),
Trace: f.Trace.Value(),
CheckPaths: f.CheckPaths.Value(),
DataPaths: f.DataPaths.Value(),
CheckNamespaces: f.CheckNamespaces.Value(),
}, nil
}