Brandon Choe
12/01/2023, 1:39 AM# yaml-language-server: $schema=<https://api.cerbos.dev/latest/cerbos/policy/v1/Policy.schema.json>
apiVersion: api.cerbos.dev/v1
description: Common variables
exportVariables:
name: common_variables
definitions:
foo: "bar"
Dennis (Cerbos)
Dennis (Cerbos)
Brandon Choe
12/01/2023, 1:44 AMfailed to get check for [machine.default]: policy compilation error: 11 compilation errors:\ncommon_variables.yaml: Invalid expression in variable 'MACHINE_ACCESS_RESTRICTED' (failed to compile `RESTRICTED` [undeclared reference to 'RESTRICTED' (in container '')])
Brandon Choe
12/01/2023, 1:44 AM# yaml-language-server: $schema=<https://api.cerbos.dev/latest/cerbos/policy/v1/Policy.schema.json>
apiVersion: api.cerbos.dev/v1
description: Common variables
exportVariables:
name: common_variables
definitions:
MACHINE_ACCESS_RESTRICTED: "RESTRICTED"
Brandon Choe
12/01/2023, 1:45 AMBrandon Choe
12/01/2023, 1:45 AMDennis (Cerbos)
Brandon Choe
12/01/2023, 1:49 AMfailed to get check for [machine.default]: policy compilation error: 10 compilation errors:\ncommon_variables.yaml: Invalid expression in variable 'MACHINE_ACCESS_RESTRICTED' (failed to compile `RESTRICTED` [undeclared reference to 'RESTRICTED' (in container '')])
Dennis (Cerbos)
RESTRICTED
as the name of another variable. 🤔Brandon Choe
12/01/2023, 1:55 AMDennis (Cerbos)
string("RESTRICTED")
Dennis (Cerbos)
MACHINE_ACCESS_RESTRICTED: string("RESTRICTED")
Brandon Choe
12/01/2023, 1:58 AMBrandon Choe
12/01/2023, 1:58 AMDennis (Cerbos)
Andrew Haines (Cerbos)
RESTRICTED
which won't compile.
To get a valid CEL expression that evaluates to the desired string, you can also wrap it with parentheses ("RESTRICTED")
, double the quotes '"RESTRICTED"'
, or use the YAML block scalar syntax
MACHINE_ACCESS_RESTRICTED: >
"RESTRICTED"
Brandon Choe
12/04/2023, 6:47 PM