From 7bf1a91c65bb9e73075cfd66d11ad46c0edc059e Mon Sep 17 00:00:00 2001
From: Masayoshi Mizutani <masayoshi.mizutani@dr-ubie.com>
Date: Sun, 6 Aug 2023 07:47:01 +0900
Subject: [PATCH] merge json files

---
 .github/workflows/audit.yml | 9 ++++++---
 .gitignore                  | 2 ++
 README.md                   | 1 +
 policy.rego                 | 4 ++++
 4 files changed, 13 insertions(+), 3 deletions(-)
 create mode 100644 .gitignore
 create mode 100644 README.md

diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
index 9e63e9c..db81211 100644
--- a/.github/workflows/audit.yml
+++ b/.github/workflows/audit.yml
@@ -22,9 +22,12 @@ jobs:
           aws-region: ap-northeast-1
 
       - name: Dump instances
-        run: mkdir -p instances && aws ec2 describe-instances > instances/data.json
+        run: aws ec2 describe-instances > instances.json
       - name: Dump security groups
-        run: mkdir -p security_groups && aws ec2 describe-security-groups > security_groups/data.json
+        run: aws ec2 describe-security-groups > security_groups.json
+      - name: Merge json
+        run: |-
+          jq -n '{instances: input, security_groups: input}' instances.json security_groups.json > input.json
       - uses: docker://openpolicyagent/opa:0.55.0
         with:
-          args: "eval -f pretty -b ./ --fail-defined data.ex6.failed"
+          args: "eval -f pretty -I input.json -b ./ --fail-defined data.ex6.failed"
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..b033559
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+.env
+*.json
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..a574b7d
--- /dev/null
+++ b/README.md
@@ -0,0 +1 @@
+# Security Camp 2023 sample GtiHub Actions
\ No newline at end of file
diff --git a/policy.rego b/policy.rego
index b30ca79..c180a69 100644
--- a/policy.rego
+++ b/policy.rego
@@ -1,2 +1,6 @@
 package ex6
 
+failed[msg] {
+    print(input)
+    false
+}