You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
package p
import data.foo
import data.foo
a :=any([foo])
I would expect opa check --strict to report two violations — the shadowing of an import, and the use of the deprecated any function. However, only the first encountered error seems to be reported:
❯ opa check --strict p.rego
1 error occurred: p.rego:4: rego_compile_error: import must not shadow import data.foo
Removing the shadowing and now the compiler will flag the deprecated function:
❯ opa check --strict p.rego
1 error occurred: p.rego:5: rego_type_error: deprecated built-in function calls in expression: any
Using multiple deprecated functions seem to flag all of them:
❯ opa check --strict p.rego
2 errors occurred:
p.rego:5: rego_type_error: deprecated built-in function calls in expression: any
p.rego:6: rego_type_error: deprecated built-in function calls in expression: all
But introducting another violation in the policy, and we're back to reporting only one:
package p
import data.foo
a :=any([foo])
b :=all([true])
f(x) {
input.foo
}
From a cursory look: the compiler is "hardcoded" to bail out after any given compilation step with errors. What is collected as errors are thus only the errors from a single compilation step, and not the compilation as a whole — strict mode or not.
@johanfylling mentioned that it could be problematic to continue after a failed compilation step, as then you could get cascading errors caused by errors in previous compilation steps. From what I can see, this should not be the case for the strictness checks, so perhaps they could be run / reported separately. There is however no separation of those from the other steps, nor a distinct type used for those kind of errors.
Not going to work on this, just thought it could be useful for someone who do later 🙂
Given the following policy:
I would expect
opa check --strict
to report two violations — the shadowing of an import, and the use of the deprecatedany
function. However, only the first encountered error seems to be reported:Removing the shadowing and now the compiler will flag the deprecated function:
Using multiple deprecated functions seem to flag all of them:
But introducting another violation in the policy, and we're back to reporting only one:
Expected behavior is that all violations up to the value of
--max-errors
(default 10) are reported.The text was updated successfully, but these errors were encountered: