search

pulumi / pulumi-policy

Pulumi's Policy as Code SDK, CrossGuard. Define infrastructure checks in code to enforce security, compliance, cost, and other practices, enforced at deployment time.
https://www.pulumi.com/docs/guides/crossguard/
Apache License 2.0
34 stars 5 forks source link

Exception calling application: Object of type StackValidationArgs is not JSON serializable #295

Open rshade opened 2 years ago

rshade commented 2 years ago

Hello!

Issue details

I would like the stack in policies to be serializable to a file so I can call an external application against it(snyk,checkov,infracost) and report violations back via status code.

Affected area/feature

Frassle commented 2 years ago

Pythons json.dump by default doesn't support user classes. We think we could add a __dict__ method to these types (they are just data containers) to get json.dump to accept it (possibly look at data classes, they might just do this for free).

rshade commented 2 years ago

I tried this also: 

from pulumi_policy import (
    EnforcementLevel,
    PolicyPack,
    ReportViolation,
    StackValidationArgs,
    StackValidationPolicy,
)
import os
import json

required_region = "us-west-1"
max_num_buckets = 1

def s3_region_check_validator(stack: StackValidationArgs, report_violation: ReportViolation):
    resources = []
    t = open("demo.json", "a")
    t.write(json.dumps(stack.__dict__))

s3_region_check = StackValidationPolicy(
    name="s3-region-check",
    description= "Checks the region the bucket was deployed in.",
    validate=s3_region_check_validator
)

PolicyPack(
    name="aws-python",
    enforcement_level=EnforcementLevel.ADVISORY,
    policies=[
        s3_region_check,
    ],
)

I get the same error:


Diagnostics:
  pulumi:pulumi:Stack (test-project-dev):
    error: Exception calling application: Object of type PolicyResource is not JSON serializable```