Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(rego): add result package #62

Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

feat(rego): add result package #62

wants to merge 3 commits into from

Conversation

nikpivkin
Copy link
Contributor

@nikpivkin nikpivkin commented Jan 22, 2024
edited
Loading

The purpose of this change is to improve testing of REGO policies by removing the dependency on trivy-iac and adding a new result package to the library.

Currently, it is not possible to test REGO policies because the result.new function that is used in all policies is declared in trivy-iac using the OPA sdk. This PR adds a new result package to the library, thus removing the dependency on trivy-iac.

Two functions have been moved:

  • is_managed - checks that the metadata is managed
  • new - returns structured result, which is needed for further analysis by the REGO policy scanner.

The new function signature remains the same, which ensures backward compatibility. The isManaged function has been renamed to is_managed.

@nikpivkin nikpivkin changed the title feat(rego): migrate result function from Go feat(rego): add result package Jan 22, 2024
@nikpivkin nikpivkin mentioned this pull request Jan 22, 2024
Draft
1 task
@nikpivkin nikpivkin mentioned this pull request Feb 5, 2024
Merged
@nikpivkin
Copy link
Contributor Author

This change will cause a backwards compatibility break for users who do not upgrade Trivy to a version that contains this change. Therefore, this PR will be in draft until a solution for this problem is found.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@simar7 simar7 Awaiting requested review from simar7 simar7 will be requested when the pull request is marked ready for review simar7 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
1 participant
@nikpivkin