forked from ansible/example-opa-policy-for-aap
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathjt_naming_validation.rego
More file actions
29 lines (23 loc) · 927 Bytes
/
jt_naming_validation.rego
File metadata and controls
29 lines (23 loc) · 927 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
package aap_policy_examples
import rego.v1
import future.keywords.in
# Default policy response indicating allowed status with no violations
default jt_naming_validation := {
"allowed": true,
"violations": [],
}
# Validate that job template name has correct organization and project name prefixes
jt_naming_validation := result if {
# Extract values from input
org_name := object.get(input, ["organization", "name"], "")
project_name := object.get(input, ["project", "name"], "")
jt_name := object.get(input, ["job_template", "name"], "")
# Construct the expected prefix
expected_prefix := concat("_", [org_name, project_name])
# Check if job template name starts with expected prefix
not startswith(jt_name, expected_prefix)
result := {
"allowed": false,
"violations": [sprintf("Job template naming for '%v' does not comply with standards", [jt_name])]
}
}