Skip to content

Commit

Permalink
Merge branch 'main' into session_start_and_end_events
Browse files Browse the repository at this point in the history
  • Loading branch information
breedx-splk authored Jul 30, 2024
2 parents 29035f9 + aea69f2 commit 9a996c6
Show file tree
Hide file tree
Showing 2 changed files with 35 additions and 19 deletions.
16 changes: 16 additions & 0 deletions .editorconfig
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
root = true

[*.{yaml,yml}]
indent_style = space
indent_size = 2
trim_trailing_whitespace = true
insert_final_newline = true

[*.rego]
indent_style = space
indent_size = 4
trim_trailing_whitespace = true
insert_final_newline = true

[Makefile]
indent_style = tab
38 changes: 19 additions & 19 deletions policies/registry.rego
Original file line number Diff line number Diff line change
Expand Up @@ -6,37 +6,37 @@ package before_resolution

# Helper to create attribute registry violations.
attr_registry_violation(violation_id, group_id, attr_id) = violation {
violation := {
"id": violation_id,
"type": "semantic_convention_policies",
"category": "attribute_registry_checks",
"group": group_id,
"attr": attr_id,
}
violation := {
"id": violation_id,
"type": "semantic_convention_policies",
"category": "attribute_registry_checks",
"group": group_id,
"attr": attr_id,
}
}

# We only allow attribute groups in the attribute registry.
deny[attr_registry_violation("attribute_registry_can_only_contain_attribute_groups", group.id, "")] {
group := input.groups[_]
startswith(group.id, "registry.")
group.type != "attribute_group"
group := input.groups[_]
startswith(group.id, "registry.")
group.type != "attribute_group"
}

# Any group that is NOT in the attribute registry that has an attribute id is
# in violation of not using the attribute registry.
deny[attr_registry_violation("attributes_must_be_defined_in_attribute_registry", group.id, attr.id)] {
group := input.groups[_]
not startswith(group.id, "registry.")
attr := group.attributes[_]
attr.id != null
group := input.groups[_]
not startswith(group.id, "registry.")
attr := group.attributes[_]
attr.id != null
}

# A registry `attribute_group` containing at least one `ref` attribute is
# considered invalid if it's not in the registry group.
deny[attr_registry_violation("attributes_in_registry_cannot_reference_each_other", group.id, attr.ref)] {
# TODO - this will need to be updated to support `embed` in the future.
group := input.groups[_]
startswith(group.id, "registry.")
attr := group.attributes[_]
attr.ref != null
# TODO - this will need to be updated to support `embed` in the future.
group := input.groups[_]
startswith(group.id, "registry.")
attr := group.attributes[_]
attr.ref != null
}

0 comments on commit 9a996c6

Please sign in to comment.