Skip to content

Bump Regula dependency to latest git.#42

Open
evan-fugue wants to merge 1 commit into
masterfrom
feature/update-to-latest-regula
Open

Bump Regula dependency to latest git.#42
evan-fugue wants to merge 1 commit into
masterfrom
feature/update-to-latest-regula

Conversation

@evan-fugue
Copy link
Copy Markdown
Contributor

@evan-fugue evan-fugue commented Sep 24, 2021

This is so we make use of HuJSON to parse the JSON in Rego metadoc
blocks, which allows trailing commas and comments.

For example, you can test with the rule:

__rego__metadoc__ := {
  "id": "FG_R00011",
  "title": "CloudFront viewer protocol policy should be set to https-only or redirect-to-https",
  "description": "CloudFront viewer protocol policy should be set to https-only or redirect-to-https. CloudFront connections should be encrypted during transmission over networks that can be accessed by malicious individuals. A CloudFront distribution should only use HTTPS or Redirect HTTP to HTTPS for communication between viewers and CloudFront.",
  "custom": {
    "severity": "Medium",
    "families": [
      "More rules",
      "e6f9b788-1841-4466-8db7-28d2f08da2ff"
    ],
    "provider": "AWS",
  }
}

resource_type = "AWS.EC2.Instance"

approved_amis = {
  "ami-04b762b4289fba92b"
}

allow {
    ami = input.ami  # Pull out AMIs
    approved_amis[ami]  # Assert
}

Note the comma after "provider": "AWS" at the end of the metadoc block.

@evan-fugue
Bump Regula dependency to latest git.
e46c98f 
This is so we make use of HuJSON to parse the JSON in Rego metadoc
blocks, which allows trailing commas and comments.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@evan-fugue