├── .flake8 ├── .gitignore ├── .pre-commit-config.yaml ├── LICENSE ├── README.md ├── ansible_policy ├── __init__.py ├── __version__.py ├── eval_policy.py ├── models.py ├── policybook │ ├── README.md │ ├── condition_parser.py │ ├── expressioin_transpiler.py │ ├── image │ │ ├── example_result.png │ │ ├── flow.drawio │ │ └── flow.png │ ├── json_generator.py │ ├── policy_parser.py │ ├── policybook_models.py │ ├── rego_model.py │ ├── to_ast.py │ └── transpiler.py ├── rego │ └── utils.rego ├── rego_data.py └── utils.py ├── examples ├── ansible-policy.cfg ├── check_event │ ├── event_handler.py │ └── policies │ │ └── check_changed_event.yml ├── check_project │ ├── playbook.yml │ ├── playbook_mongodb.yml │ └── policies │ │ ├── check_become.yml │ │ ├── check_collection.yml │ │ └── check_pkg.yml └── check_rest │ ├── policies │ └── check_rest_username.yml │ └── rest_hook.py ├── images ├── ap-arch.png ├── example_output.png ├── example_output_event_stream.png ├── example_output_json.png └── example_output_policybook.png ├── pyproject.toml └── tests └── unit ├── asts ├── policies_with_multiple_conditions.yml ├── policies_with_multiple_conditions2.yml ├── policies_with_multiple_conditions3.yml └── policies_with_multiple_conditions4.yml ├── integration ├── affirm_operator │ ├── extensions │ │ └── policy │ │ │ └── affirm_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── in_operator │ ├── extensions │ │ └── policy │ │ │ └── in_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── int_equal_operator │ ├── extensions │ │ └── policy │ │ │ └── equal_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── is_defined_operator │ ├── extensions │ │ └── policy │ │ │ └── is_defined_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── item_in_list_operator │ ├── extensions │ │ └── policy │ │ │ └── item_in_list_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── item_not_in_list_operator │ ├── extensions │ │ └── policy │ │ │ └── item_not_in_list_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── list_contains_operator │ ├── extensions │ │ └── policy │ │ │ └── list_contains_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── list_not_contains_operator │ ├── extensions │ │ └── policy │ │ │ └── list_not_contains_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── match_operator │ ├── extensions │ │ └── policy │ │ │ └── match_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── multi_condition_all │ ├── extensions │ │ └── policy │ │ │ └── multi_condition_all.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── multi_condition_any │ ├── extensions │ │ └── policy │ │ │ └── multi_condition_any.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── multi_condition_notall │ ├── extensions │ │ └── policy │ │ │ └── multi_condition_not_all.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── negate_operator │ ├── extensions │ │ └── policy │ │ │ └── negate_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── not_in_operator │ ├── extensions │ │ └── policy │ │ │ └── in_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── not_match_operator │ ├── extensions │ │ └── policy │ │ │ └── match_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── not_regex_operator │ ├── extensions │ │ └── policy │ │ │ └── search_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── not_search_operator │ ├── extensions │ │ └── policy │ │ │ └── search_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── not_select_compare_operator │ ├── extensions │ │ └── policy │ │ │ └── select_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── not_select_search_operator │ ├── extensions │ │ └── policy │ │ │ └── select_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── not_selectattr_compare_operator │ ├── extensions │ │ └── policy │ │ │ └── not_selectattr_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── not_selectattr_search_operator │ ├── extensions │ │ └── policy │ │ │ └── not_selectattr_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── null_not_equal_operator │ ├── extensions │ │ └── policy │ │ │ └── equal_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── regex_operator │ ├── extensions │ │ └── policy │ │ │ └── search_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── search_operator │ ├── extensions │ │ └── policy │ │ │ └── search_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── select_compare_operator │ ├── extensions │ │ └── policy │ │ │ └── select_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── select_search_operator │ ├── extensions │ │ └── policy │ │ │ └── select_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── selectattr_compare_operator │ ├── extensions │ │ └── policy │ │ │ └── selectattr_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── selectattr_search_operator │ ├── extensions │ │ └── policy │ │ │ └── selectattr_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml └── str_equal_operator │ ├── extensions │ └── policy │ │ └── equal_operator_test.rego │ ├── input_fail.json │ ├── input_pass.json │ └── policybook.yml ├── policybooks ├── policies_with_multiple_conditions.yml ├── policies_with_multiple_conditions2.yml ├── policies_with_multiple_conditions3.yml └── policies_with_multiple_conditions4.yml ├── test_ast.py ├── test_policybook_e2e.py └── test_transpiler.py /.flake8: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/.flake8 -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | __pycache__ 2 | *.egg-info 3 | build 4 | dist 5 | venv 6 | output.json 7 | *.bak 8 | test 9 | .DS_Store -------------------------------------------------------------------------------- /.pre-commit-config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/.pre-commit-config.yaml -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/README.md -------------------------------------------------------------------------------- /ansible_policy/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /ansible_policy/__version__.py: -------------------------------------------------------------------------------- 1 | __version__ = "v0.0.1" 2 | -------------------------------------------------------------------------------- /ansible_policy/eval_policy.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/ansible_policy/eval_policy.py -------------------------------------------------------------------------------- /ansible_policy/models.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/ansible_policy/models.py -------------------------------------------------------------------------------- /ansible_policy/policybook/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/ansible_policy/policybook/README.md -------------------------------------------------------------------------------- /ansible_policy/policybook/condition_parser.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/ansible_policy/policybook/condition_parser.py -------------------------------------------------------------------------------- /ansible_policy/policybook/expressioin_transpiler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/ansible_policy/policybook/expressioin_transpiler.py -------------------------------------------------------------------------------- /ansible_policy/policybook/image/example_result.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/ansible_policy/policybook/image/example_result.png -------------------------------------------------------------------------------- /ansible_policy/policybook/image/flow.drawio: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/ansible_policy/policybook/image/flow.drawio -------------------------------------------------------------------------------- /ansible_policy/policybook/image/flow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/ansible_policy/policybook/image/flow.png -------------------------------------------------------------------------------- /ansible_policy/policybook/json_generator.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/ansible_policy/policybook/json_generator.py -------------------------------------------------------------------------------- /ansible_policy/policybook/policy_parser.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/ansible_policy/policybook/policy_parser.py -------------------------------------------------------------------------------- /ansible_policy/policybook/policybook_models.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/ansible_policy/policybook/policybook_models.py -------------------------------------------------------------------------------- /ansible_policy/policybook/rego_model.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/ansible_policy/policybook/rego_model.py -------------------------------------------------------------------------------- /ansible_policy/policybook/to_ast.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/ansible_policy/policybook/to_ast.py -------------------------------------------------------------------------------- /ansible_policy/policybook/transpiler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/ansible_policy/policybook/transpiler.py -------------------------------------------------------------------------------- /ansible_policy/rego/utils.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/ansible_policy/rego/utils.rego -------------------------------------------------------------------------------- /ansible_policy/rego_data.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/ansible_policy/rego_data.py -------------------------------------------------------------------------------- /ansible_policy/utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/ansible_policy/utils.py -------------------------------------------------------------------------------- /examples/ansible-policy.cfg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/examples/ansible-policy.cfg -------------------------------------------------------------------------------- /examples/check_event/event_handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/examples/check_event/event_handler.py -------------------------------------------------------------------------------- /examples/check_event/policies/check_changed_event.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/examples/check_event/policies/check_changed_event.yml -------------------------------------------------------------------------------- /examples/check_project/playbook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/examples/check_project/playbook.yml -------------------------------------------------------------------------------- /examples/check_project/playbook_mongodb.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/examples/check_project/playbook_mongodb.yml -------------------------------------------------------------------------------- /examples/check_project/policies/check_become.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/examples/check_project/policies/check_become.yml -------------------------------------------------------------------------------- /examples/check_project/policies/check_collection.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/examples/check_project/policies/check_collection.yml -------------------------------------------------------------------------------- /examples/check_project/policies/check_pkg.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/examples/check_project/policies/check_pkg.yml -------------------------------------------------------------------------------- /examples/check_rest/policies/check_rest_username.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/examples/check_rest/policies/check_rest_username.yml -------------------------------------------------------------------------------- /examples/check_rest/rest_hook.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/examples/check_rest/rest_hook.py -------------------------------------------------------------------------------- /images/ap-arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/images/ap-arch.png -------------------------------------------------------------------------------- /images/example_output.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/images/example_output.png -------------------------------------------------------------------------------- /images/example_output_event_stream.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/images/example_output_event_stream.png -------------------------------------------------------------------------------- /images/example_output_json.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/images/example_output_json.png -------------------------------------------------------------------------------- /images/example_output_policybook.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/images/example_output_policybook.png -------------------------------------------------------------------------------- /pyproject.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/pyproject.toml -------------------------------------------------------------------------------- /tests/unit/asts/policies_with_multiple_conditions.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/asts/policies_with_multiple_conditions.yml -------------------------------------------------------------------------------- /tests/unit/asts/policies_with_multiple_conditions2.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/asts/policies_with_multiple_conditions2.yml -------------------------------------------------------------------------------- /tests/unit/asts/policies_with_multiple_conditions3.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/asts/policies_with_multiple_conditions3.yml -------------------------------------------------------------------------------- /tests/unit/asts/policies_with_multiple_conditions4.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/asts/policies_with_multiple_conditions4.yml -------------------------------------------------------------------------------- /tests/unit/integration/affirm_operator/extensions/policy/affirm_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/affirm_operator/extensions/policy/affirm_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/affirm_operator/input_fail.json: -------------------------------------------------------------------------------- 1 | { 2 | "test_val": false 3 | } -------------------------------------------------------------------------------- /tests/unit/integration/affirm_operator/input_pass.json: -------------------------------------------------------------------------------- 1 | { 2 | "test_val" : true 3 | } -------------------------------------------------------------------------------- /tests/unit/integration/affirm_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/affirm_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/in_operator/extensions/policy/in_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/in_operator/extensions/policy/in_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/in_operator/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/in_operator/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/in_operator/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/in_operator/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/in_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/in_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/int_equal_operator/extensions/policy/equal_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/int_equal_operator/extensions/policy/equal_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/int_equal_operator/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/int_equal_operator/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/int_equal_operator/input_pass.json: -------------------------------------------------------------------------------- 1 | { 2 | "test_val": 1 3 | } -------------------------------------------------------------------------------- /tests/unit/integration/int_equal_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/int_equal_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/is_defined_operator/extensions/policy/is_defined_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/is_defined_operator/extensions/policy/is_defined_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/is_defined_operator/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/is_defined_operator/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/is_defined_operator/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/is_defined_operator/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/is_defined_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/is_defined_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/item_in_list_operator/extensions/policy/item_in_list_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/item_in_list_operator/extensions/policy/item_in_list_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/item_in_list_operator/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/item_in_list_operator/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/item_in_list_operator/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/item_in_list_operator/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/item_in_list_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/item_in_list_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/item_not_in_list_operator/extensions/policy/item_not_in_list_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/item_not_in_list_operator/extensions/policy/item_not_in_list_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/item_not_in_list_operator/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/item_not_in_list_operator/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/item_not_in_list_operator/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/item_not_in_list_operator/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/item_not_in_list_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/item_not_in_list_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/list_contains_operator/extensions/policy/list_contains_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/list_contains_operator/extensions/policy/list_contains_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/list_contains_operator/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/list_contains_operator/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/list_contains_operator/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/list_contains_operator/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/list_contains_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/list_contains_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/list_not_contains_operator/extensions/policy/list_not_contains_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/list_not_contains_operator/extensions/policy/list_not_contains_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/list_not_contains_operator/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/list_not_contains_operator/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/list_not_contains_operator/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/list_not_contains_operator/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/list_not_contains_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/list_not_contains_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/match_operator/extensions/policy/match_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/match_operator/extensions/policy/match_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/match_operator/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/match_operator/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/match_operator/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/match_operator/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/match_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/match_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/multi_condition_all/extensions/policy/multi_condition_all.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/multi_condition_all/extensions/policy/multi_condition_all.rego -------------------------------------------------------------------------------- /tests/unit/integration/multi_condition_all/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/multi_condition_all/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/multi_condition_all/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/multi_condition_all/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/multi_condition_all/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/multi_condition_all/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/multi_condition_any/extensions/policy/multi_condition_any.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/multi_condition_any/extensions/policy/multi_condition_any.rego -------------------------------------------------------------------------------- /tests/unit/integration/multi_condition_any/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/multi_condition_any/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/multi_condition_any/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/multi_condition_any/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/multi_condition_any/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/multi_condition_any/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/multi_condition_notall/extensions/policy/multi_condition_not_all.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/multi_condition_notall/extensions/policy/multi_condition_not_all.rego -------------------------------------------------------------------------------- /tests/unit/integration/multi_condition_notall/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/multi_condition_notall/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/multi_condition_notall/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/multi_condition_notall/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/multi_condition_notall/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/multi_condition_notall/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/negate_operator/extensions/policy/negate_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/negate_operator/extensions/policy/negate_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/negate_operator/input_fail.json: -------------------------------------------------------------------------------- 1 | { 2 | "test_val": true 3 | } -------------------------------------------------------------------------------- /tests/unit/integration/negate_operator/input_pass.json: -------------------------------------------------------------------------------- 1 | { 2 | "test_val" : false 3 | } -------------------------------------------------------------------------------- /tests/unit/integration/negate_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/negate_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/not_in_operator/extensions/policy/in_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_in_operator/extensions/policy/in_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/not_in_operator/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_in_operator/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/not_in_operator/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_in_operator/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/not_in_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_in_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/not_match_operator/extensions/policy/match_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_match_operator/extensions/policy/match_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/not_match_operator/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_match_operator/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/not_match_operator/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_match_operator/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/not_match_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_match_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/not_regex_operator/extensions/policy/search_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_regex_operator/extensions/policy/search_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/not_regex_operator/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_regex_operator/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/not_regex_operator/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_regex_operator/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/not_regex_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_regex_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/not_search_operator/extensions/policy/search_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_search_operator/extensions/policy/search_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/not_search_operator/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_search_operator/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/not_search_operator/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_search_operator/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/not_search_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_search_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/not_select_compare_operator/extensions/policy/select_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_select_compare_operator/extensions/policy/select_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/not_select_compare_operator/input_fail.json: -------------------------------------------------------------------------------- 1 | { 2 | "test_val": 5 3 | } -------------------------------------------------------------------------------- /tests/unit/integration/not_select_compare_operator/input_pass.json: -------------------------------------------------------------------------------- 1 | { 2 | "test_val": 25 3 | } -------------------------------------------------------------------------------- /tests/unit/integration/not_select_compare_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_select_compare_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/not_select_search_operator/extensions/policy/select_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_select_search_operator/extensions/policy/select_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/not_select_search_operator/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_select_search_operator/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/not_select_search_operator/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_select_search_operator/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/not_select_search_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_select_search_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/not_selectattr_compare_operator/extensions/policy/not_selectattr_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_selectattr_compare_operator/extensions/policy/not_selectattr_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/not_selectattr_compare_operator/input_fail.json: -------------------------------------------------------------------------------- 1 | { 2 | "test_val": 15 3 | } -------------------------------------------------------------------------------- /tests/unit/integration/not_selectattr_compare_operator/input_pass.json: -------------------------------------------------------------------------------- 1 | { 2 | "test_val": 25 3 | } -------------------------------------------------------------------------------- /tests/unit/integration/not_selectattr_compare_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_selectattr_compare_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/not_selectattr_search_operator/extensions/policy/not_selectattr_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_selectattr_search_operator/extensions/policy/not_selectattr_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/not_selectattr_search_operator/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_selectattr_search_operator/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/not_selectattr_search_operator/input_pass.json: -------------------------------------------------------------------------------- 1 | { 2 | "test_val": "name" 3 | } -------------------------------------------------------------------------------- /tests/unit/integration/not_selectattr_search_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/not_selectattr_search_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/null_not_equal_operator/extensions/policy/equal_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/null_not_equal_operator/extensions/policy/equal_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/null_not_equal_operator/input_fail.json: -------------------------------------------------------------------------------- 1 | { 2 | "test_val": null 3 | } -------------------------------------------------------------------------------- /tests/unit/integration/null_not_equal_operator/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/null_not_equal_operator/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/null_not_equal_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/null_not_equal_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/regex_operator/extensions/policy/search_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/regex_operator/extensions/policy/search_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/regex_operator/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/regex_operator/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/regex_operator/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/regex_operator/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/regex_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/regex_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/search_operator/extensions/policy/search_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/search_operator/extensions/policy/search_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/search_operator/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/search_operator/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/search_operator/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/search_operator/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/search_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/search_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/select_compare_operator/extensions/policy/select_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/select_compare_operator/extensions/policy/select_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/select_compare_operator/input_fail.json: -------------------------------------------------------------------------------- 1 | { 2 | "test_val": 25 3 | } -------------------------------------------------------------------------------- /tests/unit/integration/select_compare_operator/input_pass.json: -------------------------------------------------------------------------------- 1 | { 2 | "test_val": 15 3 | } -------------------------------------------------------------------------------- /tests/unit/integration/select_compare_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/select_compare_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/select_search_operator/extensions/policy/select_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/select_search_operator/extensions/policy/select_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/select_search_operator/input_fail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/select_search_operator/input_fail.json -------------------------------------------------------------------------------- /tests/unit/integration/select_search_operator/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/select_search_operator/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/select_search_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/select_search_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/selectattr_compare_operator/extensions/policy/selectattr_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/selectattr_compare_operator/extensions/policy/selectattr_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/selectattr_compare_operator/input_fail.json: -------------------------------------------------------------------------------- 1 | { 2 | "test_val": 50 3 | } -------------------------------------------------------------------------------- /tests/unit/integration/selectattr_compare_operator/input_pass.json: -------------------------------------------------------------------------------- 1 | { 2 | "test_val": 15 3 | } -------------------------------------------------------------------------------- /tests/unit/integration/selectattr_compare_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/selectattr_compare_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/selectattr_search_operator/extensions/policy/selectattr_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/selectattr_search_operator/extensions/policy/selectattr_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/selectattr_search_operator/input_fail.json: -------------------------------------------------------------------------------- 1 | { 2 | "test_val": "name" 3 | } -------------------------------------------------------------------------------- /tests/unit/integration/selectattr_search_operator/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/selectattr_search_operator/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/selectattr_search_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/selectattr_search_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/integration/str_equal_operator/extensions/policy/equal_operator_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/str_equal_operator/extensions/policy/equal_operator_test.rego -------------------------------------------------------------------------------- /tests/unit/integration/str_equal_operator/input_fail.json: -------------------------------------------------------------------------------- 1 | { 2 | "test_val": 1 3 | } -------------------------------------------------------------------------------- /tests/unit/integration/str_equal_operator/input_pass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/str_equal_operator/input_pass.json -------------------------------------------------------------------------------- /tests/unit/integration/str_equal_operator/policybook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/integration/str_equal_operator/policybook.yml -------------------------------------------------------------------------------- /tests/unit/policybooks/policies_with_multiple_conditions.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/policybooks/policies_with_multiple_conditions.yml -------------------------------------------------------------------------------- /tests/unit/policybooks/policies_with_multiple_conditions2.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/policybooks/policies_with_multiple_conditions2.yml -------------------------------------------------------------------------------- /tests/unit/policybooks/policies_with_multiple_conditions3.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/policybooks/policies_with_multiple_conditions3.yml -------------------------------------------------------------------------------- /tests/unit/policybooks/policies_with_multiple_conditions4.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/policybooks/policies_with_multiple_conditions4.yml -------------------------------------------------------------------------------- /tests/unit/test_ast.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/test_ast.py -------------------------------------------------------------------------------- /tests/unit/test_policybook_e2e.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/test_policybook_e2e.py -------------------------------------------------------------------------------- /tests/unit/test_transpiler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible/ansible-policy/HEAD/tests/unit/test_transpiler.py --------------------------------------------------------------------------------