Proposal: Support multiple rule instances from template rules#96
Open
TimoWiddauCC wants to merge 3 commits into
Open
Proposal: Support multiple rule instances from template rules#96TimoWiddauCC wants to merge 3 commits into
TimoWiddauCC wants to merge 3 commits into
Conversation
…fferent configurations - Add templateRuleKey to rule definition config - Add custom CLI objects to handle custom rules based on templates
|
Hi @felipebz, thanks for maintaining this project and for your ongoing work on zpa-cli 👍 We’re currently looking into integrating zpa-cli into our CI/CD pipelines, and this change would be really valuable for us. Supporting multiple regex rules based on the regex-template-rule would allow us to define several rules instead of being limited to a single regex rule today. Would you mind taking a look at this PR when you have a moment? It would help us a lot in moving forward with the integration. Thanks again for your work and support! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Issue
Currently, the ZPA CLI configuration supports configuration of a single instance for a rule only. The configuration key also needs to match the rule name for detection (related: #89). This limitation prevents users from defining multiple instances of the same rule with different configurations like for XPath rules.
Proposed solution
This PR introduces the
templateRuleKeyfield in the CLI configuration file. This allows users to create multiple rule instances from a single template rule with different parameters. This enables support for multiple rules with different configuration. The implementation is written to avoid changes to zpa-core. If zpa-core would be extended, some code here could be de-duplicated / removed again.Example
Users can now configure rule instances from a template like this:
{ "rules": { "CustomXPath_SelectStar": { "level": "minor", "templateRuleKey": "XPath", "parameters": { "xpathQuery": "//SELECT_COLUMN/MULTIPLICATION", "message": "SELECT * used in query" } }, "CustomXPath_SelectStar_SecondRule": { "level": "minor", "templateRuleKey": "zpa:XPath", "parameters": { "xpathQuery": "//SELECT_COLUMN/MULTIPLICATION", "message": "SELECT * used in query - second rule" } } } }