Open jkodroff opened 4 months ago
Note that some of this information you can already get via:
pulumi.runtime.isDryRun()
pulumi.getProject()
pulumi.getStack()
Which will work inside a policy.
I don't think we have a way to get the path of the program.
Having something like a stackContext
that has all this information would be useful, if nothing else for discoverability of the information.
@justinvp And... I am kicking myself for missing this comment. I had no idea these would work, and it's damn useful that they do! I'm gonna give this a try.
Hello!
Issue details
I'm trying to run the Snyk CLI in a resource validation policy to validate a
docker.Image
resource:I can get it working for basic scanning, but Snyk has an option to pass a
--file /path/to/Dockerfile
argument to provide additional suggestions for remediation. I can't seem to find a way get the directory of the Pulumi program. (process.cwd()
gives me the path to the policy instead of the path to the Pulumi program.)It would be useful if
ResourceValidationArgs
included something like astackContext
or similar object with things like the stack name, program name, full path to the Pulumi program, etc. Could also be helpful to know whether we're inpreview
orup
.UPDATE: StackValidation would likewise benefit from the same.
Affected area/feature