DdZddlmZddlmZddlmZddlmZddlmZddlm Z ddl m Z dd l m Z dd l m Z dd lmZe j e j"e j$j&e j$j(Gd d e j*Zy)zEvaluate policy command.)absolute_import)division)unicode_literals)apis)platform_policy)base)flags)parsing)util)Errorc&eZdZdZedZdZy)EvaluateabEvaluate a Binary Authorization platform policy. ## EXAMPLES To evaluate a policy using its resource name: $ {command} projects/my-proj/platforms/gke/policies/my-policy --resource=$KUBERNETES_RESOURCE To evaluate the same policy using flags against an image: $ {command} my-policy --platform=gke --project=my-proj --image=$IMAGE cZtj|dtj|y)Nz to evaluate)r AddPlatformPolicyResourceArgAddEvaluationUnitArg)parsers 1lib/surface/container/binauthz/policy/evaluate.pyArgsz Evaluate.Args/s  &&v}= v&c|jjjj}|j dd}|dk7rt dj ||jrFtj|j}tjdj||d}nEtj|j}tjdj||d}|j t#j$dj&j(j*k7rd|_|S)N/gkezVFound unsupported platform '{}'. Currently only 'gke' platform policies are supported.v1F)CONCEPTSpolicy_resource_nameParse RelativeNamesplitr formatresourcer LoadResourceFilerClientrr GeneratePodSpecFromImagesimageverdictrGetMessagesModuleEvaluateGkePolicyResponseVerdictValueValuesEnum CONFORMANT exit_code)selfargs policy_ref platform_id resource_objresponsepod_specs rRunz Evaluate.Run4s3399;HHJJ""3'*Ke  $$*F;$7   }}--dmmrFs}&':E(?A>0D%%**D,=,=,C,CD2t||2E2r