def eval_compliance()

in AWSConfig/AWS-Config-OPA/lambda_sources/function/opa_lambda.py [0:0]

• 20 lines of code
• 5 McCabe index (conditional complexity)

    def eval_compliance(self, policy_file_path) -> bool:
        try:
            command = 'opa eval -d {} -i {} {}'.format(policy_file_path,
                                                       self.input_file_path,
                                                       self.query)
            logger.debug('OPA eval command: {}'.format(command))
            output = run_process(command)
            for result in output['result']:
                for _ in result['expressions']:
                    logger.debug('OPA output query: {}'.format(_['text']))
                    if '"{}"'.format(_['text']) == self.query:
                        compliance = _['value']
                        logger.debug(
                            'OPA output compliance: {}'.format(compliance)
                        )
                        logger.info('OPA compliance evaluated successfully')
                        return compliance
        except Exception as e:
            logger.error(e)
            raise