You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When you select expressions inside of VS Code and run OPA: Evaluate Selection, the VS Code plugin is running a query against the policy. For example, if you select x := {"a": "b"} and evaluate it, the plugin essentially runs...
opa eval -b <workspace-dir> 'x := {"a": "b"}'
And then it prints the result.
In this case, the query is x := {"a": "b"}. That query is syntactically and semantically valid. On the other hand, if you only select t := x while syntactically valid, it's not semantically valid as there's no assignment to the variable x (which makes it unsafe). See https://www.openpolicyagent.org/docs/latest/faq/#safety for more info on the safety concept.
As you discovered you can select individual expressions as well as rule names. You can also select multiple expressions. If you select both lines in the rule body, the query should evaluate. In that case, the equivalent opa eval invocation would be (essentially):
I am finding that I can examine some variables and not others when I used the key binding OPA: Evaluate Selection.
if
x := {"a":"b"}
is selected and OPA: Evaluate Selection is run, I getIf
t := x
is selected and OPA: Evaluate Selection is run, I get: rego_unsafe_var_error: var x is unsafe
If I select
example[t]
, and OPA: Evaluate Selection is run, I getI don't understand why I get the var is unsafe message. Is this a bug?
The text was updated successfully, but these errors were encountered: