mirror of
https://github.com/openai/codex.git
synced 2026-05-01 11:52:10 +03:00
55 lines
1.4 KiB
Rust
55 lines
1.4 KiB
Rust
use std::fs;
|
|
use std::path::Path;
|
|
use std::path::PathBuf;
|
|
|
|
use anyhow::Context;
|
|
use anyhow::Result;
|
|
use clap::Parser;
|
|
use codex_execpolicy2::PolicyParser;
|
|
|
|
/// CLI for evaluating exec policies
|
|
#[derive(Parser)]
|
|
#[command(name = "codex-execpolicy2")]
|
|
enum Cli {
|
|
/// Evaluate a command against a policy.
|
|
Check {
|
|
#[arg(short, long, value_name = "PATH")]
|
|
policy: PathBuf,
|
|
|
|
/// Command tokens to check.
|
|
#[arg(
|
|
value_name = "COMMAND",
|
|
required = true,
|
|
trailing_var_arg = true,
|
|
allow_hyphen_values = true
|
|
)]
|
|
command: Vec<String>,
|
|
},
|
|
}
|
|
|
|
fn main() -> Result<()> {
|
|
let cli = Cli::parse();
|
|
match cli {
|
|
Cli::Check { policy, command } => cmd_check(policy, command),
|
|
}
|
|
}
|
|
|
|
fn cmd_check(policy_path: PathBuf, args: Vec<String>) -> Result<()> {
|
|
let policy = load_policy(&policy_path)?;
|
|
|
|
let eval = policy.check(&args);
|
|
let json = serde_json::to_string_pretty(&eval)?;
|
|
println!("{json}");
|
|
Ok(())
|
|
}
|
|
|
|
fn load_policy(policy_path: &Path) -> Result<codex_execpolicy2::Policy> {
|
|
let policy_file_contents = fs::read_to_string(policy_path)
|
|
.with_context(|| format!("failed to read policy at {}", policy_path.display()))?;
|
|
let policy_identifier = policy_path.to_string_lossy();
|
|
Ok(PolicyParser::parse(
|
|
policy_identifier.as_ref(),
|
|
&policy_file_contents,
|
|
)?)
|
|
}
|