fix: dockerfile sample (#93)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

pkg/commands/scan/command_test.go

@@ -67,6 +67,12 @@ func Test_Execute(t *testing.T) {
 		policies: []string{"../../../testdata/escaped/policy.yaml"},
 		out:      "../../../testdata/escaped/out.txt",
 		wantErr:  false,
+	}, {
+		name:     "dockerfile",
+		payload:  "../../../testdata/dockerfile/input.json",
+		policies: []string{"../../../testdata/dockerfile/policy-check-external.yaml"},
+		out:      "../../../testdata/dockerfile/out.txt",
+		wantErr:  false,
 	}}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {

testdata/dockerfile/out.txt

@@ -0,0 +1,6 @@
+Loading policies ...
+Loading payload ...
+Pre processing ...
+Running ( evaluating 1 resource against 1 policy ) ...
+- check-dockerfile / no-external /  FAILED: HTTP calls are not allowed; curl / wget are not allowed
+Done

testdata/dockerfile/policy-check-external.yaml

@@ -4,17 +4,15 @@ metadata:
   name: check-dockerfile
 spec:
   rules:
-    - name: no-http
+    - name: no-external
       validate:
-        message: "HTTP calls are not allowed"
         assert:
           all:
-          - ~.(Stages[].Commands[].Args[].Value):
-              (contains(@, 'https://') || contains(@, 'http://')): false
-    - name: no-curl-wget
-      validate:
-        message: "curl / wget are not allowed"
-        assert:
-          all:
-          - ~.(Stages[].Commands[].CmdLine[]):
-              (contains(@, 'wget') || contains(@, 'curl')): false
+          - message: "HTTP calls are not allowed"
+            check:
+              ~.(Stages[].Commands[].Args[].Value):
+                (contains(@, 'https://') || contains(@, 'http://')): false
+          - message: "curl / wget are not allowed"
+            check:
+              ~.(Stages[].Commands[].CmdLine[]):
+                (contains(@, 'wget') || contains(@, 'curl')): false