Command to validate/lint guardian policy #237
Labels
Comments
|
this relates to #128, having dry-run capability on creating policy can help to validate the policy config |
mabdh
changed the title
lifosmin
pushed a commit
to lifosmin/guardian
that referenced
this issue
Aug 31, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary
At the moment, guardian policy validation is done on creation. And any testing for the intricate steps require creating a policy and doing the whole appeal flow just to check policy steps.
We should have a command/api similar to
guardian policy validateorguardian policy lintso that one can run it and check if the policy file that they have created is valid. And if invalid, detailed error output to describe what is incorrect.Additional context
We might not be able to validate everything in policy without going through the appeal flow itself, but having something to validate at least a few things is better and we can always extend it later.
The text was updated successfully, but these errors were encountered: