You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
deny_deployments_without_probes will always exist. It will either contain violation messages (non-empty set) or not contain violation messages (empty set).
You need to assert against the size of the set or assert if a specific violation exists in the set.
Alternatively, and what I personally do, you could refactor out the main logic of your policy into another rule and have your deny_... block just call that rule and handle all of the messaging.
For example:
deny[msg] {
not my_policy
msg :="my policy violated"
}
my_policy {
// main policy definition
}
This also enables you to focus your tests purely on the policy and allows you to test for not my_policy
probes.rego
probes_test.rego
Output:
I don't understand what is wrong, any help?
The text was updated successfully, but these errors were encountered: