如何修复我的OPA规则中两个值的比较?

huangapple
go评论53阅读模式
英文:

How to fix my comparison of two values in my OPA rules?

问题

我想要在一个OPA规则中比较两个值。

我的OPA规则如下:

package example

vm_name = input.planned_values.root_module.resources[0].values.name
vm_name_length = count(vm_name)

输出如下:

~$ ./opa eval -i tfplan.json -d test1.rego "data.example"
{
  "result": [
    {
      "expressions": [
        {
          "value": {
            "vm_name": "XXXXXXXX",
            "vm_name_length": 8
          },
          "text": "data.example",
          "location": {
            "row": 1,
            "col": 1
          }
        }
      ]
    }
  ]
}

我尝试比较所需长度和VM名称的长度:

package example

vm_name = input.planned_values.root_module.resources[0].values.name
vm_name_length = count(vm_name)

if vm_name_length == 13 {
  msg := "OK"
}
else {
  msg := "Not ok"
}

但输出如下:

{
  "errors": [
    {
      "message": "unexpected assign token: non-terminated set",
      "code": "rego_parse_error",
      "location": {
        "file": "test1.rego",
        "row": 24,
        "col": 7
      },
      "details": {
        "line": "  msg := \"OK\"",
        "idx": 6
      }
    }
  ]
}

有人知道如何做吗?

英文:

I would like to make comparison between two values in a OPA rule.

My OPA rule is :

package example


vm_name = input.planned_values.root_module.resources[0].values.name
vm_name_length = count(vm_name)

The output is :

~$ ./opa eval -i tfplan.json -d test1.rego "data.example"
{
  "result": [
    {
      "expressions": [
        {
          "value": {
            "vm_name": "XXXXXXXX",
            "vm_name_length": 8
          },
          "text": "data.example",
          "location": {
            "row": 1,
            "col": 1
          }
        }
      ]
    }
  ]
}

I've tried to make a comparison between the length needed and the length of the VM name :

package example

vm_name = input.planned_values.root_module.resources[0].values.name
vm_name_length = count(vm_name)

if vm_name_length == 13 {
  msg := "OK"
}
else {
  msg := "Not ok"
}

But the output is :

{
  "errors": [
    {
      "message": "unexpected assign token: non-terminated set",
      "code": "rego_parse_error",
      "location": {
        "file": "test1.rego",
        "row": 24,
        "col": 7
      },
      "details": {
        "line": "  msg := \"OK\"",
        "idx": 6
      }
    }
  ]
}

Does anyone know how to do that ?

答案1

得分: 1

Rego规则描述"条件赋值",因此规则体中的所有条件(即在{ ... }内部)都需要为真,以便规则评估赋值。

package example

vm_name = input.planned_values.root_module.resources[0].values.name
vm_name_length = count(vm_name)

default msg := "Not ok"

msg := "OK" {
    vm_name_length == 13
}
英文:

Rego rules describe conditional assignment, so all conditions in the rule body (i.e. inside of the { ... }) will need to be true in order for the rule to evaluate the assignment.

package example

vm_name = input.planned_values.root_module.resources[0].values.name
vm_name_length = count(vm_name)

default msg := "Not ok"

msg := "OK" {
    vm_name_length == 13
}

huangapple
  • 本文由 发表于 2023年2月6日 06:04:23
  • 转载请务必保留本文链接:https://go.coder-hub.com/75355839.html
  • open-policy-agent
  • terraform
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定