tests: add an hcl case: tag verification: make sure all aws resources…

… are tagged Signed-off-by: boranx <boran.seref@gmail.com>
open-policy-agent · Jun 6, 2024 · 5e34346 · 5e34346
1 parent 0ad4913
commit 5e34346
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 6 deletions.
diff --git a/examples/hcl2/policy/deny.rego b/examples/hcl2/policy/deny.rego
@@ -33,10 +33,10 @@ missing_tags(resource) = {tag | tag := required_tags[_]; not resource.tags[tag]}
 
 deny[msg] {
 	some aws_resource, name
-    resource := input.resource[aws_resource][name] # all resources
+	resource := input.resource[aws_resource][name] # all resources
 	startswith(aws_resource, "aws_") # only AWS resources
-    missing := missing_tags(resource)
-    count(missing) > 0
+	missing := missing_tags(resource)
+	count(missing) > 0
 
-    msg = sprintf("AWS resource: \"%s\" named \"%s\" is missing required tags: %v", [aws_resource, name, missing])
+	msg = sprintf("AWS resource: \"%s\" named \"%s\" is missing required tags: %v", [aws_resource, name, missing])
 }
diff --git a/examples/hcl2/policy/deny_test.rego b/examples/hcl2/policy/deny_test.rego
@@ -44,4 +44,4 @@ test_fails_with_AWS_resource_is_missing_required_tags {
 		}
 	`)
 	deny["AWS resource: \"aws_s3_bucket\" named \"invalid\" is missing required tags: {\"owner\"}"] with input as cfg
-}
+}
diff --git a/examples/hcl2/terraform.tf b/examples/hcl2/terraform.tf
@@ -26,4 +26,4 @@ resource "aws_s3_bucket" "valid" {
     environment = "prod"
     owner = "devops"
   }
-}
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -44,4 +44,4 @@ test_fails_with_AWS_resource_is_missing_required_tags { @@
     		}
     	`)
     	deny["AWS resource: \"aws_s3_bucket\" named \"invalid\" is missing required tags: {\"owner\"}"] with input as cfg
-    }
+    }