首頁 探索 說明
登入
akillibulut
/
porter
镜像来自 https://github.com/porter-dev/porter
2
0
複刻 0
Files 問題管理 0 Wiki
分支: node-version
分支列表 標籤列表
porter
/
internal
/
opa
/
policies
/
nginx
/
nginx_version.rego

nginx_version.rego 690 B
永久連結 文件歷史 原始文件

12345678910111213141516171819202122232425 
  1. package nginx.version
    2. 

  2. 

  3. import future.keywords
    4. 

  4. 

  5. POLICY_ID := "nginx_version"
    6. 

  6. 

  7. POLICY_VERSION := "v0.0.1"
    8. 

  8. 

  9. POLICY_SEVERITY := "high"
    10. 

  10. 

  11. latest_stable_version := "4.0.18"
    12. 

  12. 

  13. POLICY_TITLE := sprintf("The NGINX version should be at least v%s", [latest_stable_version])
    14. 

  14. 

  15. POLICY_SUCCESS_MESSAGE := sprintf("Success: NGINX version is up-to-date", [])
    16. 

  16. 

  17. trimmedVersion := trim_left(input.version, "v")
    18. 

  18. 

  19. # semver.compare returns -1 if latest_stable_version < trimmedVersion
    20. 

  20. allow if semver.compare(latest_stable_version, trimmedVersion) <= 0
    21. 

  21. 

  22. FAILURE_MESSAGE contains msg if {
    23. 

  23. 	not allow
    24. 

  24. 	msg := sprintf("Failed: latest stable version is %s, but you are on %s", [latest_stable_version, trimmedVersion])
    25. 

  25. }
    26.