From 86ff02754dbc88941d72e3742c546944c9ea40a5 Mon Sep 17 00:00:00 2001 From: Ramyad <62895311+ramyadmz@users.noreply.github.com> Date: Fri, 8 Nov 2024 11:46:42 -0800 Subject: [PATCH] FLEX-5397 - Modify Meta Parent Compiler to Conditionally Include `hide_skip_approvals` (#2813) * removed manual updates from meta parent policies * updated meta parent compiler & Rakefile * updated comments * Update hide_skip_approvals to boolean with false default * roll back local testing changes --- Rakefile | 7 ++++++- .../aws_meta_parent.pt.template | 3 ++- .../azure_meta_parent.pt.template | 3 ++- .../google_meta_parent.pt.template | 1 + .../meta_parent_policy_compiler.rb | 11 +++++++++++ 5 files changed, 22 insertions(+), 3 deletions(-) diff --git a/Rakefile b/Rakefile index 03df54e39b..f8f4aff3c6 100644 --- a/Rakefile +++ b/Rakefile @@ -48,11 +48,15 @@ task :generate_policy_list do recommendation_type = pp.parsed_info[:recommendation_type] publish = pp.parsed_info[:publish] deprecated = pp.parsed_info[:deprecated] + hide_skip_approvals = pp.parsed_info[:hide_skip_approvals] + # 'publish' defaults to true unless explicitly set to false # 'deprecated' defaults to false unless explicitly set to true publish = !(publish == 'false' || publish == false) deprecated = deprecated == 'true' || deprecated == true + # 'hide_skip_approvals' defaults to false unless explicitly set to true + hide_skip_approvals = hide_skip_approvals == 'true' || hide_skip_approvals == true end # Get version from long description @@ -86,7 +90,8 @@ task :generate_policy_list do "recommendation_type": recommendation_type, "updated_at": updated_at, "generally_recommended": generally_recommended, - "deprecated": deprecated + "deprecated": deprecated, + "hide_skip_approvals": hide_skip_approvals } end end diff --git a/tools/meta_parent_policy_compiler/aws_meta_parent.pt.template b/tools/meta_parent_policy_compiler/aws_meta_parent.pt.template index 4cf179a280..5c912922ff 100644 --- a/tools/meta_parent_policy_compiler/aws_meta_parent.pt.template +++ b/tools/meta_parent_policy_compiler/aws_meta_parent.pt.template @@ -9,7 +9,8 @@ info( provider: "AWS", version: "__PLACEHOLDER_FOR_CHILD_POLICY_VERSION__", # This version of the Meta Parent Policy Template should match the version of the Child Policy Template as it appears in the Catalog for best reliability publish: "__PLACEHOLDER_FOR_CHILD_POLICY_PUBLISH__", - deprecated: "__PLACEHOLDER_FOR_CHILD_POLICY_DEPRECATED__" + deprecated: "__PLACEHOLDER_FOR_CHILD_POLICY_DEPRECATED__", + hide_skip_approvals: "__PLACEHOLDER_FOR_CHILD_POLICY_HIDE_SKIP_APPROVALS__" ) ############################################################################## diff --git a/tools/meta_parent_policy_compiler/azure_meta_parent.pt.template b/tools/meta_parent_policy_compiler/azure_meta_parent.pt.template index 7882441b01..be621785f7 100644 --- a/tools/meta_parent_policy_compiler/azure_meta_parent.pt.template +++ b/tools/meta_parent_policy_compiler/azure_meta_parent.pt.template @@ -9,7 +9,8 @@ info( provider: "Azure", version: "__PLACEHOLDER_FOR_CHILD_POLICY_VERSION__", # This version of the Meta Parent Policy Template should match the version of the Child Policy Template as it appears in the Catalog for best reliability publish: "__PLACEHOLDER_FOR_CHILD_POLICY_PUBLISH__", - deprecated: "__PLACEHOLDER_FOR_CHILD_POLICY_DEPRECATED__" + deprecated: "__PLACEHOLDER_FOR_CHILD_POLICY_DEPRECATED__", + hide_skip_approvals: "__PLACEHOLDER_FOR_CHILD_POLICY_HIDE_SKIP_APPROVALS__" ) ############################################################################## diff --git a/tools/meta_parent_policy_compiler/google_meta_parent.pt.template b/tools/meta_parent_policy_compiler/google_meta_parent.pt.template index 4cf08936ac..b6d971405c 100644 --- a/tools/meta_parent_policy_compiler/google_meta_parent.pt.template +++ b/tools/meta_parent_policy_compiler/google_meta_parent.pt.template @@ -10,6 +10,7 @@ info( version: "__PLACEHOLDER_FOR_CHILD_POLICY_VERSION__", # This version of the Meta Parent Policy Template should match the version of the Child Policy Template as it appears in the Catalog for best reliability publish: "__PLACEHOLDER_FOR_CHILD_POLICY_PUBLISH__", deprecated: "__PLACEHOLDER_FOR_CHILD_POLICY_DEPRECATED__" + hide_skip_approvals: "__PLACEHOLDER_FOR_CHILD_POLICY_HIDE_SKIP_APPROVALS__" ) ############################################################################## diff --git a/tools/meta_parent_policy_compiler/meta_parent_policy_compiler.rb b/tools/meta_parent_policy_compiler/meta_parent_policy_compiler.rb index 4c81749c26..53722a2127 100644 --- a/tools/meta_parent_policy_compiler/meta_parent_policy_compiler.rb +++ b/tools/meta_parent_policy_compiler/meta_parent_policy_compiler.rb @@ -186,6 +186,10 @@ def compile_meta_parent_policy(file_path) deprecated_scan = pt.scan(/deprecated: "(.*?)"/) deprecated = "false" deprecated = deprecated_scan[0][0] if !deprecated_scan.empty? + # get the hide_skip_approvals string if it exists, defaulting to false if not present + hide_skip_approvals_scan = pt.scan(/hide_skip_approvals: "(.*?)"/) + hide_skip_approvals = "" + hide_skip_approvals = hide_skip_approvals_scan[0][0] if !hide_skip_approvals_scan.empty? # print("Name: #{name}\n") # print("Description: #{description}\n") # print("\n###########################\n") @@ -425,6 +429,13 @@ def compile_meta_parent_policy(file_path) output_pt = output_pt.gsub("__PLACEHOLDER_FOR_CHILD_POLICY_VERSION__", version) output_pt = output_pt.gsub("__PLACEHOLDER_FOR_CHILD_POLICY_PUBLISH__", publish) output_pt = output_pt.gsub("__PLACEHOLDER_FOR_CHILD_POLICY_DEPRECATED__", deprecated) + if !hide_skip_approvals.empty? + output_pt = output_pt.gsub("__PLACEHOLDER_FOR_CHILD_POLICY_HIDE_SKIP_APPROVALS__", hide_skip_approvals) + else + # Remove the entire line containing hide_skip_approvals + output_pt = output_pt.gsub(/^\s*,?\s*hide_skip_approvals: "__PLACEHOLDER_FOR_CHILD_POLICY_HIDE_SKIP_APPROVALS__",?\s*\n/, "") + output_pt = output_pt.gsub(/,\s*\)/, "\n)") + end # Attempt to identify the URL to the child policy template file on github using the file_path provided # This would only work if the pt file is located under the `policy_templates` repo directory # If it is not, then the URL will be incorrect