-
Notifications
You must be signed in to change notification settings - Fork 27
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Chained rule body #292
Comments
This isn't directly visible in the AST as it's currently provided, but would be helped by open-policy-agent/opa#6213, as we could then check the |
This is also somewhat covered by the opa-fmt rule: opa fmt will not let this through. But you could have been disabling the opa-fmt rule for some reason, I suppose. |
That is a good point! But yeah, our goal should be to not make rules depend on other rules. Like we're about to have one rule that forbids using Funny thing is I just tried to lint a simple policy using this style, and it turns out it also renders a few false positives 😅 Linting foo {
true
} {
false
} Result
The first case is a bug, obviously, as there is no I guess in the second case, it does make sense to say that even the second rule is called "foo" — but it does look funny when you see the We might get around not having the text attribute in the location for this rule though, as I think we can simply scan the |
This is also not recognized in strict mode — or rather, it is recognized, but this style isn't going to work for functions with args: x(y) {
input.foo
} {
y
}
😄 |
While `opa-fmt` fixes this, this is peculiar enough that the rule docs alone make for an informative source to point at. Also some minor improvements here and there: * Fix other rules that would report false positives when chained rules bodies were present * Remove a trailing quote in the builtin test template used by `rego new rule` * Add some guiding principles for new rules in development.md Fixes #292 Signed-off-by: Anders Eknert <anders@styra.com>
While `opa-fmt` fixes this, this is peculiar enough that the rule docs alone make for an informative source to point at. Also some minor improvements here and there: * Fix other rules that would report false positives when chained rules bodies were present * Remove a trailing quote in the builtin test template used by `rego new rule` * Add some guiding principles for new rules in development.md Fixes #292 Signed-off-by: Anders Eknert <anders@styra.com>
While `opa-fmt` fixes this, this is peculiar enough that the rule docs alone make for an informative source to point at. Also some minor improvements here and there: * Fix other rules that would report false positives when chained rules bodies were present * Remove a trailing quote in the builtin test template used by `rego new rule` * Add some guiding principles for new rules in development.md Fixes #292 Signed-off-by: Anders Eknert <anders@styra.com>
While `opa-fmt` fixes this, this is peculiar enough that the rule docs alone make for an informative source to point at. Also some minor improvements here and there: * Fix other rules that would report false positives when chained rules bodies were present * Remove a trailing quote in the builtin test template used by `rego new rule` * Add some guiding principles for new rules in development.md Fixes #292 Signed-off-by: Anders Eknert <anders@styra.com>
While `opa-fmt` fixes this, this is peculiar enough that the rule docs alone make for an informative source to point at. Also some minor improvements here and there: * Fix other rules that would report false positives when chained rules bodies were present * Remove a trailing quote in the builtin test template used by `rego new rule` * Add some guiding principles for new rules in development.md Fixes #292 Signed-off-by: Anders Eknert <anders@styra.com>
While `opa-fmt` fixes this, this is peculiar enough that the rule docs alone make for an informative source to point at. Also some minor improvements here and there: * Fix other rules that would report false positives when chained rules bodies were present * Remove a trailing quote in the builtin test template used by `rego new rule` * Add some guiding principles for new rules in development.md Fixes #292 Signed-off-by: Anders Eknert <anders@styra.com>
While `opa-fmt` fixes this, this is peculiar enough that the rule docs alone make for an informative source to point at. Also some minor improvements here and there: * Fix other rules that would report false positives when chained rules bodies were present * Remove a trailing quote in the builtin test template used by `rego new rule` * Add some guiding principles for new rules in development.md Fixes #292 Signed-off-by: Anders Eknert <anders@styra.com>
While `opa-fmt` fixes this, this is peculiar enough that the rule docs alone make for an informative source to point at. Also some minor improvements here and there: * Fix other rules that would report false positives when chained rules bodies were present * Remove a trailing quote in the builtin test template used by `rego new rule` * Add some guiding principles for new rules in development.md Fixes #292 Signed-off-by: Anders Eknert <anders@styra.com>
While `opa-fmt` fixes this, this is peculiar enough that the rule docs alone make for an informative source to point at. Also some minor improvements here and there: * Fix other rules that would report false positives when chained rules bodies were present * Remove a trailing quote in the builtin test template used by `rego new rule` * Add some guiding principles for new rules in development.md Fixes #292 Signed-off-by: Anders Eknert <anders@styra.com>
From the OPA docs.
I don't see this used very often, but it'd be good to add as a style category rule.
The text was updated successfully, but these errors were encountered: