-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathMakefile
More file actions
41 lines (30 loc) · 1.31 KB
/
Makefile
File metadata and controls
41 lines (30 loc) · 1.31 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
OPA ?= opa
POLICIES = ./policies
BUNDLES = ./bundles
.PHONY: help test fmt lint build clean
help: ## Show this help
@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-20s\033[0m %s\n", $$1, $$2}'
test: ## Run all policy tests
$(OPA) test $(POLICIES) -v
test-coverage: ## Run tests with coverage report
$(OPA) test $(POLICIES) --coverage --format=json | jq .
fmt: ## Format all Rego files (in-place)
$(OPA) fmt --write $(POLICIES)
fmt-check: ## Check formatting without modifying files
$(OPA) fmt --list $(POLICIES)
lint: ## Lint policies using Regal (install: https://docs.styra.com/regal)
regal lint $(POLICIES)
build: ## Build all policy bundles
@mkdir -p $(BUNDLES)
@for dir in ./policies/*/; do \
name=$$(basename $$dir); \
echo "Building bundle: $$name"; \
$(OPA) build $$dir -o $(BUNDLES)/$$name.tar.gz; \
done
clean: ## Remove build artifacts
rm -rf $(BUNDLES)/*.tar.gz
eval: ## Evaluate a policy (usage: make eval QUERY="data.authz.allow" INPUT=input.json)
$(OPA) eval -i $(INPUT) -d $(POLICIES) "$(QUERY)"
check-deps: ## Check required tools are installed
@command -v $(OPA) >/dev/null 2>&1 || { echo "OPA is not installed. See https://www.openpolicyagent.org/docs/latest/#1-download-opa"; exit 1; }
@echo "OPA: $$($(OPA) version | head -1)"