27 lines
1 KiB
Raku
27 lines
1 KiB
Raku
use JSON::Fast;
|
|
|
|
my $plan = from-json "example-plan.json".IO.slurp;
|
|
my $resource-changes = $plan<resource_changes>;
|
|
my %required-tags = "foo" => ["bar", "buzz"];
|
|
|
|
# There's no reason to expect that non-managed resources will be needed.
|
|
# However, Sentinel policies often have this as a parameter
|
|
# .grep is Raku's 'filter' method: https://docs.raku.org/routine/grep
|
|
sub get-resource-type (@resource-list, Str $resource-type, Str $mode="managed") {
|
|
@resource-list.grep: { $_<mode> eq $mode && $_<type> eq $resource-type }
|
|
}
|
|
|
|
# This will ultimately need to parse rule text and perform operations based on that. Example rule:
|
|
# all aws_ebs_volume resources have required tag "foo" with required value "bar"
|
|
sub read-rule (Str $rule-text) {
|
|
|
|
}
|
|
|
|
sub check-tags ($resource, %required_tags) {
|
|
return True if %required_tags.grep($resource<change><after><tags_all><foo>); # or $resource.change.after.tags<foo> eq "bar";
|
|
}
|
|
|
|
my @aws-ebs-volumes = get-resource-type($resource-changes, "aws_ebs_volume");
|
|
|
|
say @aws-ebs-volumes.grep: { check-tags($_, %required-tags) };
|