-
Notifications
You must be signed in to change notification settings - Fork 121
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: List local and imported variables in the policy with InspectPolicies #2141
Conversation
fa2bced
to
7a732f0
Compare
2f17696
to
08de3ff
Compare
5a5ef1b
to
2cf5a72
Compare
I was querying the unfiltered and filtered policies from the database and still do. I use the unfiltered one to resolve the state of each variable so that we do not report any undefined variables in the inspection. If we only check the filtered policies while inspecting, then some variables may appear as undefined even if they are actually defined in the policies left out. I am not sure if this is the expected resolution though, let me know if this is not what you had in mind. |
If there are a lot of policies, this would be quite inefficient. The list of filtered policies might not even be importing any variables -- in which case we would have done a lot of work for nothing. Get the list of policies the user is interested in inspecting. While going through that list one by one, load and cache any imported variables as necessary. Or, do one pass, collect the set of imported policies that are referenced but not loaded initially, load all of them as a batch, and do a second pass to handle the unresolved variables. |
4ef169b
to
2dd6513
Compare
…icies Signed-off-by: Oğuzhan Durgun <oguzhandurgun95@gmail.com>
Signed-off-by: Oğuzhan Durgun <oguzhandurgun95@gmail.com>
Signed-off-by: Oğuzhan Durgun <oguzhandurgun95@gmail.com>
Signed-off-by: Oğuzhan Durgun <oguzhandurgun95@gmail.com>
Signed-off-by: Oğuzhan Durgun <oguzhandurgun95@gmail.com>
Signed-off-by: Oğuzhan Durgun <oguzhandurgun95@gmail.com>
Signed-off-by: Oğuzhan Durgun <oguzhandurgun95@gmail.com>
InspectPolicies on
disk
storecerbosctl inspect policies
ondisk
storeInspectPolicies on
hub
storecerbosctl inspect policies
onhub
store