def validate()

in 03-no-iac/analyze.py [0:0]

• 36 lines of code
• 8 McCabe index (conditional complexity)

def validate():
    this_scripts_directory = os.path.dirname(os.path.realpath(__file__))
    policies_directory = os.path.join(this_scripts_directory, 'policies')

    results = defaultdict()

    print(f'{colors.OKBLUE}Starting analysis of {policies_directory}..')
    print()

    for root, dirs, files in os.walk(policies_directory, topdown=True):
        for file in files:
            full_policy_filename = os.path.join(root, file)
            with open(full_policy_filename, 'r') as file:
                policy_document = json.load(file)

                findings = []
                findings.extend(validate_policy(file.name, policy_document))
                findings.extend(get_access_preview_findings(file.name, policy_document))

            results[full_policy_filename] = findings

    should_exit_with_non_zero_code = False

    for filename, findings in results.items():
        print(f'{colors.OKBLUE}{filename}')
        for finding in findings:
            finding_type = finding['findingType']
            if finding_type == 'ERROR' or finding_type == 'SECURITY_WARNING':
                should_exit_with_non_zero_code = True
                print(f'{colors.FAIL}{finding}')
                print()
            else:
                print(f'{colors.WARNING}{finding}')
                print()

        print(colors.RESET)

    print(f'{colors.OKBLUE}ERRORS: {get_count(results, "ERROR")}')
    print(f'{colors.OKBLUE}SECURITY_WARNINGS: {get_count(results, "SECURITY_WARNING")}')
    print(f'{colors.OKBLUE}WARNINGS: {get_count(results, "WARNING")}')
    print(f'{colors.OKBLUE}SUGGESTIONS: {get_count(results, "SUGGESTION")}')

    if should_exit_with_non_zero_code:
        print(f'{colors.FAIL}FAILED: ERROR or SECURITY_WARNING findings.')
        print(colors.RESET)
        sys.exit(1)