Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Duplicate violations #116

Open
briantkennedy opened this issue Feb 20, 2020 · 0 comments
Open

Duplicate violations #116

briantkennedy opened this issue Feb 20, 2020 · 0 comments

Comments

@briantkennedy
Copy link
Member

briantkennedy commented Feb 20, 2020
edited
Loading

For the following input, FCV emits four duplicate violations when using the world readable constraint template. Oddly enough, when adding this same data to the policy-library testcases, duplicate violations are not surfaced. My guess is that the issue is appearing due to the FCV Constraint Framework target rego, the Constraint Framework rego, or the rego rewriter.

{
  "name": "//storage.googleapis.com/test_all_authenticated_users",
  "asset_type": "storage.googleapis.com/Bucket",
  "iam_policy": {
    "version": 1,
    "etag": "BwWKsK1c7h0=",
    "bindings": [
      {
        "role": "roles/storage.legacyBucketOwner",
        "members": [
          "projectEditor:xyz",
          "projectOwner:xyz"
        ]
      },
      {
        "role": "roles/storage.legacyBucketReader",
        "members": [
          "projectViewer:xyz"
        ]
      },
      {
        "role": "roles/storage.objectViewer",
        "members": [
          "allAuthenticatedUsers"
        ]
      }
    ]
  },
  "ancestors": [
    "projects/1234",
    "folders/1234",
    "organizations/12345"
  ]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@briantkennedy