0

有没有办法包含基于正则表达式的“依赖”配置文件的控件?如果没有,有没有办法包含所有控件,并用固定值覆盖所有控件的影响?

代码应如下所示,其中“controlname”是需要以某种方式确定的变量:

include_controls 'depends-profile' do
  if controlname.match(/some regex/)    
     control *controlname*
     impact 1.0
  end
end

目标是避免必须单独添加所有控件。

一点挖掘给了我这个:

   include_controls 'dependent-profile' do
      list_of_controls = @conf['profile'].runner_context.rules.keys
      list_of_controls.map { |path| path.gsub(@conf['profile'].profile_name+'/','') }
      list_of_controls.each do |controlname|
          if controlname.match(/some regex/)
             control controlname do        # include and overwrite impact
                impact 0.1
             end
          end
          if controlname.match(/some other regex/)
             control controlname           # just include
          end
      end
   end

任何想法如何以一种简洁且面向未来的方式实现这一目标?

4

1 回答 1

0

解决方案可能如下所示:

include_controls '<dependent-profile>' do

  # Scan through all the controls we pulled in
  profile_context.all_controls.each do |c|

    # Grab the control name from control c
    handled_control_name = c.instance_variable_get(:@__rule_id)

    # If it matches the regex 
    if handled_control_name =~ /<myRegex>/

      # Overwrite the impact and tags
      control handled_control_name do
        impact 'critical'
        tag 'myTag'
      end

    end
  end
end
于 2021-03-26T12:03:25.337 回答