Open jiparis opened 1 month ago
I'd love if this command has a 'development mode` (flag) that allows us to see the input, data,linting errors, and evaluation output, similar to what the rego playground does.
I'd love if this command has a 'development mode` (flag) that allows us to see the input, data,linting errors, and evaluation output, similar to what the rego playground does.
I think opa eval might be of help for this:
> cat input.json
{"components": [{"name": "thename", "bom-ref": "theref", "licenses": []}]}
> opa eval -d cyclonedx-licenses.rego -i input.json 'data.cyclonedx_licenses.violations'
{
"result": [
{
"expressions": [
{
"value": [
"Missing licenses for thename (theref)"
],
"text": "data.cyclonedx_licenses.violations",
"location": {
"row": 1,
"col": 1
}
}
]
}
]
}
it would be useful to have something like
chainloop policy eval
that receives a material and a policy (file, URL) and returns a report with potential violations. I would be used in manual control gates