Draft markdown generation from rules metadata

.gitattributes

@@ -1 +1,2 @@
 *.cfn linguist-language=YAML
+*.tfplan linguist-language=JSON

.github/workflows/main.yml

@@ -3,13 +3,11 @@ on: [pull_request, push]
 jobs:
   test:
     runs-on: ubuntu-latest
-    name: OPA test
+    name: Test
     steps:
     - uses: actions/checkout@v2
     - uses: actions/setup-go@v2
-    - run: |
-        go get github.com/open-policy-agent/opa
-        go install github.com/open-policy-agent/opa
-    - run: echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
-    - run: opa test lib rules examples tests
-    - run: ./scripts/check-naming.sh
+      with:
+        go-version: '^1.16'
+    - run: make test
+    - run: cd rego && ./scripts/check-naming.sh

.gitignore

@@ -1,3 +1,12 @@
 .terraform/
 .DS_Store
 venv/
+pkg/rego/lib
+pkg/rego/rules
+regula
+regula-*
+!regula/
+.vscode/
+.scratch/
+.regula-history
+build/

.gitmodules

@@ -0,0 +1,9 @@
+[submodule "providers/terraform-provider-google"]
+	path = providers/terraform-provider-google
+	url = https://github.com/hashicorp/terraform-provider-google.git
+[submodule "providers/terraform-provider-aws"]
+	path = providers/terraform-provider-aws
+	url = https://github.com/hashicorp/terraform-provider-aws.git
+[submodule "pkg/loader/tf_test/example-terraform-modules"]
+	path = pkg/loader/tf_test/example-terraform-modules
+	url = https://github.com/jaspervdj-luminal/example-terraform-modules.git

Dockerfile

@@ -1,31 +1,11 @@
-FROM python:3.9.2-alpine3.13
-
-# We need bash for the main regula script since it uses arrays.
-# We need git to support terraform modules
-RUN apk add --update bash git && rm -rf /var/cache/apk/*
-
-# Install OPA.
-ARG OPA_VERSION=0.26.0
-RUN wget -O '/usr/local/bin/opa' \
-        "https://github.com/open-policy-agent/opa/releases/download/v${OPA_VERSION}/opa_linux_amd64" &&\
-    chmod +x '/usr/local/bin/opa'
-
-# Install terraform.
-ARG TERRAFORM_VERSION=0.14.7
-ENV TF_IN_AUTOMATION=true
-RUN wget -O "/tmp/terraform-${TERRAFORM_VERSION}.zip" \
-        "https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip" && \
-    unzip -d '/usr/local/bin' "/tmp/terraform-${TERRAFORM_VERSION}.zip" &&\
-    rm "/tmp/terraform-${TERRAFORM_VERSION}.zip"
-
-# Install cfn-flip
-ARG CFNFLIP_VERSION=1.2.3
-RUN pip install "cfn-flip==${CFNFLIP_VERSION}"
-
-# Update regula files
-RUN mkdir -p /opt/regula
-COPY lib /opt/regula/lib
-COPY rules /opt/regula/rules
-COPY bin/regula /usr/local/bin
-
-ENTRYPOINT ["regula", "-d", "/opt/regula"]
+FROM golang:1.16-alpine as builder
+ARG version
+ARG gitcommit
+WORKDIR /build
+COPY . .
+ENV ldflags "-X \"github.com/fugue/regula/pkg/version.Version=${version}\" -X \"github.com/fugue/regula/pkg/version.GitCommit=${gitcommit}\""
+RUN go build -ldflags="${ldflags} -s -w"
+
+FROM alpine:latest
+COPY --from=builder /build/regula /usr/local/bin
+ENTRYPOINT [ "regula" ]

Makefile

@@ -0,0 +1,94 @@
+BINARY = regula
+INSTALLED_BINARY = /usr/local/bin/$(BINARY)
+GO_SOURCE = $(shell find cmd pkg -type f -name '*.go')
+CLI_SOURCE = $(GO_SOURCE) $(wildcard cmd/*.txt) go.mod go.sum
+# MOCKS_SOURCE = $(shell grep -L 'go:generate mockgen' $(GO_SOURCE))
+MOCKS = $(wildcard pkg/mocks/*.go)
+REGO_LIB_SOURCE = $(shell find rego/lib -type f -name '*.rego')
+REGO_RULES_SOURCE = $(shell find rego/rules -type f -name '*.rego')
+VERSION = $(shell cat VERSION)
+GITCOMMIT = $(shell git rev-parse --short HEAD 2> /dev/null || true)
+define LDFLAGS
+    -X \"github.com/fugue/regula/pkg/version.Version=$(VERSION)\" \
+    -X \"github.com/fugue/regula/pkg/version.GitCommit=$(GITCOMMIT)\"
+endef
+CLI_BUILD = go build -ldflags="$(LDFLAGS) -s -w"
+GO_BIN_DIR= $(shell go env GOPATH)/bin
+GOLINT = $(GO_BIN_DIR)/golint
+MOCKGEN = $(GO_BIN_DIR)/mockgen
+COPIED_REGO_LIB = pkg/rego/lib
+COPIED_REGO_RULES = pkg/rego/rules
+
+$(COPIED_REGO_LIB): $(REGO_LIB_SOURCE)
+	rm -rf ./$(COPIED_REGO_LIB)
+	cp -R rego/lib $(COPIED_REGO_LIB)
+
+$(COPIED_REGO_RULES): $(REGO_RULES_SOURCE)
+	rm -rf ./$(COPIED_REGO_RULES)
+	cp -R rego/rules $(COPIED_REGO_RULES)
+
+$(GOLINT):
+	go install golang.org/x/lint/golint
+
+$(MOCKGEN):
+	go install github.com/golang/mock/[email protected]
+
+$(BINARY): $(CLI_SOURCE) $(COPIED_REGO_LIB) $(COPIED_REGO_RULES)
+	$(CLI_BUILD) -v -o $@
+
+$(BINARY)-linux-amd64: $(SOURCE)
+	GOOS=linux GOARCH=amd64 $(CLI_BUILD) -o $@
+
+$(BINARY)-darwin-amd64: $(SOURCE)
+	GOOS=darwin GOARCH=amd64 $(CLI_BUILD) -o $@
+
+$(INSTALLED_BINARY): $(BINARY)
+	cp $(BINARY) $(INSTALLED_BINARY)
+
+# $(MOCKS): $(MOCKGEN) $(MOCKS_SOURCE)
+# 	PATH=$(GO_BIN_DIR):$(PATH) go generate ./...
+
+release: $(BINARY)-linux-amd64 $(BINARY)-darwin-amd64
+
+.PHONY: install
+install: $(INSTALLED_BINARY)
+
+# .PHONY: mocks
+# mocks: $(MOCKS)
+
+.PHONY: clean
+clean:
+	rm -f coverage.out
+	rm -f $(BINARY) $(BINARY)-linux-amd64 $(BINARY)-darwin-amd64
+
+.PHONY: test
+test: $(COPIED_REGO_LIB) $(COPIED_REGO_RULES)
+	go test -v -cover ./...
+
+.PHONY: coverage
+coverage:
+	go test ./... -coverprofile=coverage.out
+	go tool cover -html=coverage.out
+
+.PHONY: lint
+lint:
+	$(GOLINT) ./...
+	go vet ./...
+
+.PHONY: docker
+docker: $(COPIED_REGO_LIB) $(COPIED_REGO_RULES)
+	rm -rf build
+	mkdir -p build
+	cp -R pkg build
+	cp -R cmd build
+	cp go.mod build
+	cp go.sum build
+	cp main.go build
+	cp Dockerfile build
+	cd build
+	docker build \
+		--build-arg version=$(VERSION) \
+		--build-arg gitcommit=$(GITCOMMIT) \
+		--tag fugue/regula:$(VERSION) \
+		--tag fugue/regula:latest \
+		.

VERSION

@@ -0,0 +1 @@
+1.0.0