Example 1 with FileRule
use of com.walmartlabs.concord.policyengine.FileRule in project concord by walmartlabs.
the class FilePolicyApplier method apply.
@Override
public void apply(Payload payload, PolicyEngine policy) throws Exception {
ProcessKey processKey = payload.getProcessKey();
Path workDir = payload.getHeader(Payload.WORKSPACE_DIR);
CheckResult<FileRule, Path> result = policy.getFilePolicy().check(workDir);
result.getWarn().forEach(i -> {
policyWarn.inc();
logManager.warn(processKey, "Potentially restricted file '{}' (file policy: {})", workDir.relativize(i.getEntity()), i.getRule());
});
result.getDeny().forEach(i -> {
policyDeny.inc();
logManager.error(processKey, "File '{}' is forbidden by the file policy {}", workDir.relativize(i.getEntity()), i.getRule());
});
if (!result.getDeny().isEmpty()) {
throw new ProcessException(processKey, "Found forbidden files");
}
}
Also used :
Path(java.nio.file.Path)
ProcessException(com.walmartlabs.concord.server.process.ProcessException)
FileRule(com.walmartlabs.concord.policyengine.FileRule)
ProcessKey(com.walmartlabs.concord.server.sdk.ProcessKey)
Aggregations
FileRule (com.walmartlabs.concord.policyengine.FileRule)1
ProcessException (com.walmartlabs.concord.server.process.ProcessException)1
ProcessKey (com.walmartlabs.concord.server.sdk.ProcessKey)1
Path (java.nio.file.Path)1
