Open micahlee opened 4 years ago
The policy parser currently errors and returns the first policy error encountered. We should evaluate the feasibility of returning all detectable violations in a policy document at once on failure to support fixing more than one at a time.
See as an example: https://github.com/cyberark/conjur-policy-parser/pull/28/files#diff-96c32d844ea28af01851870a8cf2454b
- !host id: a-host restricted_to: [ first_invalid_cidr, second_invalid_cidr ]
Currently this only fails with:
Error at ... Invalid IP address or CIDR range 'first_invalid_cidr'
Ideally this would fail with:
Error at ... Invalid IP address or CIDR range 'first_invalid_cidr' Error at ... Invalid IP address or CIDR range 'second_invalid_cidr'
The policy parser currently errors and returns the first policy error encountered. We should evaluate the feasibility of returning all detectable violations in a policy document at once on failure to support fixing more than one at a time.
See as an example: https://github.com/cyberark/conjur-policy-parser/pull/28/files#diff-96c32d844ea28af01851870a8cf2454b
Currently this only fails with:
Ideally this would fail with: