RubyGems - sfn - Versions diffs - 3.0.30 → 3.0.32 - Mend

sfn 3.0.30 → 3.0.32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (84) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +6 -0
data/bin/sfn +16 -14
data/lib/chef/knife/knife_plugin_seed.rb +12 -12
data/lib/sfn.rb +17 -17
data/lib/sfn/api_provider.rb +3 -3
data/lib/sfn/api_provider/google.rb +2 -2
data/lib/sfn/api_provider/terraform.rb +2 -2
data/lib/sfn/cache.rb +9 -9
data/lib/sfn/callback.rb +6 -6
data/lib/sfn/callback/aws_assume_role.rb +5 -5
data/lib/sfn/callback/aws_mfa.rb +8 -6
data/lib/sfn/callback/stack_policy.rb +15 -15
data/lib/sfn/command.rb +37 -36
data/lib/sfn/command/conf.rb +12 -12
data/lib/sfn/command/create.rb +9 -9
data/lib/sfn/command/describe.rb +6 -6
data/lib/sfn/command/destroy.rb +8 -8
data/lib/sfn/command/diff.rb +31 -31
data/lib/sfn/command/events.rb +6 -6
data/lib/sfn/command/export.rb +8 -8
data/lib/sfn/command/graph.rb +21 -21
data/lib/sfn/command/graph/aws.rb +34 -34
data/lib/sfn/command/graph/provider.rb +1 -1
data/lib/sfn/command/graph/terraform.rb +41 -41
data/lib/sfn/command/import.rb +17 -17
data/lib/sfn/command/init.rb +15 -15
data/lib/sfn/command/inspect.rb +16 -16
data/lib/sfn/command/lint.rb +6 -6
data/lib/sfn/command/list.rb +2 -2
data/lib/sfn/command/plan.rb +227 -0
data/lib/sfn/command/print.rb +4 -4
data/lib/sfn/command/promote.rb +2 -2
data/lib/sfn/command/update.rb +19 -144
data/lib/sfn/command/validate.rb +17 -13
data/lib/sfn/command_module.rb +6 -5
data/lib/sfn/command_module/base.rb +8 -8
data/lib/sfn/command_module/callbacks.rb +5 -5
data/lib/sfn/command_module/planning.rb +151 -0
data/lib/sfn/command_module/stack.rb +34 -34
data/lib/sfn/command_module/template.rb +50 -50
data/lib/sfn/config.rb +46 -44
data/lib/sfn/config/conf.rb +3 -3
data/lib/sfn/config/create.rb +9 -9
data/lib/sfn/config/describe.rb +7 -7
data/lib/sfn/config/destroy.rb +1 -1
data/lib/sfn/config/diff.rb +3 -3
data/lib/sfn/config/events.rb +9 -9
data/lib/sfn/config/export.rb +5 -5
data/lib/sfn/config/graph.rb +10 -10
data/lib/sfn/config/import.rb +4 -4
data/lib/sfn/config/init.rb +1 -1
data/lib/sfn/config/inspect.rb +16 -16
data/lib/sfn/config/lint.rb +5 -5
data/lib/sfn/config/list.rb +6 -6
data/lib/sfn/config/plan.rb +28 -0
data/lib/sfn/config/print.rb +5 -5
data/lib/sfn/config/promote.rb +4 -4
data/lib/sfn/config/update.rb +18 -18
data/lib/sfn/config/validate.rb +30 -30
data/lib/sfn/lint.rb +5 -5
data/lib/sfn/lint/definition.rb +3 -3
data/lib/sfn/lint/rule.rb +3 -3
data/lib/sfn/lint/rule_set.rb +2 -2
data/lib/sfn/monkey_patch.rb +2 -2
data/lib/sfn/monkey_patch/stack.rb +27 -27
data/lib/sfn/monkey_patch/stack/azure.rb +1 -1
data/lib/sfn/monkey_patch/stack/google.rb +5 -5
data/lib/sfn/planner.rb +4 -4
data/lib/sfn/planner/aws.rb +114 -70
data/lib/sfn/provider.rb +13 -13
data/lib/sfn/utils.rb +10 -10
data/lib/sfn/utils/debug.rb +2 -2
data/lib/sfn/utils/json.rb +1 -1
data/lib/sfn/utils/object_storage.rb +3 -3
data/lib/sfn/utils/output.rb +4 -4
data/lib/sfn/utils/path_selector.rb +15 -15
data/lib/sfn/utils/ssher.rb +4 -4
data/lib/sfn/utils/stack_exporter.rb +16 -16
data/lib/sfn/utils/stack_parameter_scrubber.rb +6 -6
data/lib/sfn/utils/stack_parameter_validator.rb +22 -22
data/lib/sfn/version.rb +1 -1
data/sfn.gemspec +32 -32
metadata +16 -13

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8f2149802418fbce7d68ca416ec068c7190ac03050250fb8a0b9ad4fd35e4424
-  data.tar.gz: fc2970e2d4ca0b5e6548adbbf54c3026d6961c11d15def65f508a6a91fc4990d
+  metadata.gz: d5ef50f2d7f97d037caa0dba225d36df2238fe9c623f73bca12f08d0b9ee533b
+  data.tar.gz: 516415927b2095dc864e5870102d8e6f4a4ad3cc200ca39894e6fcea4133356f
 SHA512:
-  metadata.gz: fb43de6444a47fa5e5b2a9ffd9d5e40c4ba2074b9c3bcfc2530e43956a9482f9ef9ae87ea66e4f992b7f131c18a32c90c9bb389a1d2d3eecf5eba4c82e5149d5
-  data.tar.gz: 67e9c1731ffddd88ab2e8706abcf590c18091b83a3bfae63cbbbee4c78b3d507df57db762927d0a36ca5e1041ae3397179d1a7f404b9b8154022f395ab70c6ac
+  metadata.gz: f79cf6d75b20388f1c2c6b0cd7db4e455727645e552f27b4cb91515dcbed14a786bca3f49cac216058f5ac2616c9bebb9996ec7956bd717c86043c9857d5aad1
+  data.tar.gz: 26dd49179b59bf5e38688ef8d718ad3677a95939d69e0409f89cd06c1c0f1bb6597489c80d3a6893d6cb43431ed38ed5170cc4074295b337854e77df46046820

data/CHANGELOG.md CHANGED

@@ -1,3 +1,9 @@
+# v3.0.32
+* [enhancement] Store AWS STS information on failure
+* [enhancement] Show parameter name when validation fails (#273)
+* [fix] Allow template validation without processing (#279)
+* [feature] Add initial implementation of plan command (#281)
 # v3.0.30
 * [fix] Comma delimited parameter type parsing (#270)
 * [fix] Constant deprecations

data/bin/sfn CHANGED

@@ -1,9 +1,9 @@
 #!/usr/bin/env ruby
-require 'bogo-cli'
-require 'sfn'
+require "bogo-cli"
+require "sfn"
-if(defined?(Bundler))
+if defined?(Bundler)
   begin
     Bundler.require(:sfn)
   rescue Bundler::GemfileNotFound
@@ -12,23 +12,21 @@ if(defined?(Bundler))
 end
 Bogo::Cli::Setup.define do
-  on :v, :version, 'Print version ' do
+  on :v, :version, "Print version " do
     puts "sfn - SparkleFormation CLI - [Version: #{Sfn::VERSION}]"
     exit
   end
   Sfn::Config.constants.map do |konst|
     const = Sfn::Config.const_get(konst)
-    if(const.is_a?(Class) && const.ancestors.include?(Bogo::Config))
+    if const.is_a?(Class) && const.ancestors.include?(Bogo::Config)
       const
     end
   end.compact.sort_by(&:to_s).each do |klass|
-    klass_name = klass.name.split('::').last.downcase
+    klass_name = klass.name.split("::").last.downcase
     command klass_name do
-      if(klass.const_defined?(:DESCRIPTION))
+      if klass.const_defined?(:DESCRIPTION)
         description klass.const_get(:DESCRIPTION)
       end
@@ -36,12 +34,12 @@ Bogo::Cli::Setup.define do
         on_name = info[:boolean] ? info[:long] : "#{info[:long]}="
         opts = Hash.new.tap do |o|
           o[:default] = info[:default] if info.has_key?(:default)
-          if(info[:multiple])
+          if info[:multiple]
             o[:as] = Array
             o[:delimiter] = nil
           end
         end
-        if(info[:short])
+        if info[:short]
           on info[:short], on_name, info[:description], opts
         else
           on on_name, info[:description], opts
@@ -49,10 +47,14 @@ Bogo::Cli::Setup.define do
       end
       run do |opts, args|
-        Bogo::Utility.constantize(klass.to_s.sub('Config', 'Command')).new(opts, args).execute!
+        command = Bogo::Utility.constantize(klass.to_s.sub("Config", "Command")).new(opts, args)
+        begin
+          command.execute!
+        rescue Bogo::Ui::ConfirmationDeclined
+          command.ui.error "Confirmation declined!"
+          exit 1
+        end
       end
     end
   end
 end

data/lib/chef/knife/knife_plugin_seed.rb CHANGED

@@ -1,14 +1,14 @@
 begin
-  kcfn = Gem::Specification.find_by_name('knife-cloudformation')
+  kcfn = Gem::Specification.find_by_name("knife-cloudformation")
   $stderr.puts "[WARN]: Deprecated gem detected: #{kcfn.name} [V: #{kcfn.version}]"
-  $stderr.puts '[WARN]: Uninstall gem to prevent any conflicts (`gem uninstall knife-cloudformation -a`)'
+  $stderr.puts "[WARN]: Uninstall gem to prevent any conflicts (`gem uninstall knife-cloudformation -a`)"
 rescue Gem::LoadError => e
   # ignore
 end
 unless defined?(Chef::Knife::CloudformationCreate)
-  require 'sfn'
-  require 'bogo'
+  require "sfn"
+  require "bogo"
   Chef::Config[:knife][:cloudformation] = {
     :options => {},
@@ -17,7 +17,7 @@ unless defined?(Chef::Knife::CloudformationCreate)
   }
   Chef::Config[:knife][:sparkleformation] = Chef::Config[:knife][:cloudformation]
-  VALID_PREFIX = ['cloudformation', 'sparkleformation']
+  VALID_PREFIX = ["cloudformation", "sparkleformation"]
   Sfn::Config.constants.map do |konst|
     const = Sfn::Config.const_get(konst)
@@ -26,7 +26,7 @@ unless defined?(Chef::Knife::CloudformationCreate)
     end
   end.compact.sort_by(&:to_s).each do |klass|
     VALID_PREFIX.each do |prefix|
-      klass_name = klass.name.split('::').last
+      klass_name = klass.name.split("::").last
       command_class = "#{prefix.capitalize}#{klass_name}"
       knife_klass = Class.new(Chef::Knife)
@@ -54,7 +54,7 @@ unless defined?(Chef::Knife::CloudformationCreate)
           end
           base = knife.to_smash
           keys = VALID_PREFIX.dup
-          cmd_config = keys.unshift(keys.delete(snake(self.class.name.split('::').last).to_s.split('_').first)).map do |k|
+          cmd_config = keys.unshift(keys.delete(snake(self.class.name.split("::").last).to_s.split("_").first)).map do |k|
             base[k]
           end.compact.first || {}
           cmd_config = cmd_config.to_smash
@@ -64,8 +64,8 @@ unless defined?(Chef::Knife::CloudformationCreate)
           end
           # Split up options provided multiple arguments
           reconfig.map! do |k, v|
-            if v.is_a?(String) && v.include?(',')
-              v = v.split(',').map(&:strip)
+            if v.is_a?(String) && v.include?(",")
+              v = v.split(",").map(&:strip)
             end
             [k, v]
           end
@@ -82,7 +82,7 @@ unless defined?(Chef::Knife::CloudformationCreate)
       knife_klass.instance_variable_set(:@name, "Chef::Knife::#{command_class}")
       knife_klass.instance_variable_set(
         :@sfn_class,
-        Bogo::Utility.constantize(klass.name.sub('Config', 'Command'))
+        Bogo::Utility.constantize(klass.name.sub("Config", "Command"))
       )
       knife_klass.banner "knife #{prefix} #{Bogo::Utility.snake(klass_name)}"
@@ -91,9 +91,9 @@ unless defined?(Chef::Knife::CloudformationCreate)
           short = "-#{info[:short]}"
           long = "--[no-]#{info[:long]}"
         else
-          val = 'VALUE'
+          val = "VALUE"
           if info[:multiple]
-            val << '[,VALUE]'
+            val << "[,VALUE]"
           end
           short = "-#{info[:short]} #{val}"
           long = "--#{info[:long]} #{val}"

data/lib/sfn.rb CHANGED

@@ -1,20 +1,20 @@
-require 'sfn/version'
-require 'miasma'
-require 'bogo'
-require 'sparkle_formation'
+require "sfn/version"
+require "miasma"
+require "bogo"
+require "sparkle_formation"
 module Sfn
-  autoload :ApiProvider, 'sfn/api_provider'
-  autoload :Callback, 'sfn/callback'
-  autoload :Provider, 'sfn/provider'
-  autoload :Cache, 'sfn/cache'
-  autoload :Config, 'sfn/config'
-  autoload :Export, 'sfn/export'
-  autoload :Utils, 'sfn/utils'
-  autoload :MonkeyPatch, 'sfn/monkey_patch'
-  autoload :Knife, 'sfn/knife'
-  autoload :Command, 'sfn/command'
-  autoload :CommandModule, 'sfn/command_module'
-  autoload :Planner, 'sfn/planner'
-  autoload :Lint, 'sfn/lint'
+  autoload :ApiProvider, "sfn/api_provider"
+  autoload :Callback, "sfn/callback"
+  autoload :Provider, "sfn/provider"
+  autoload :Cache, "sfn/cache"
+  autoload :Config, "sfn/config"
+  autoload :Export, "sfn/export"
+  autoload :Utils, "sfn/utils"
+  autoload :MonkeyPatch, "sfn/monkey_patch"
+  autoload :Knife, "sfn/knife"
+  autoload :Command, "sfn/command"
+  autoload :CommandModule, "sfn/command_module"
+  autoload :Planner, "sfn/planner"
+  autoload :Lint, "sfn/lint"
 end

data/lib/sfn/api_provider.rb CHANGED

@@ -1,8 +1,8 @@
-require 'sfn'
+require "sfn"
 module Sfn
   module ApiProvider
-    autoload :Google, 'sfn/api_provider/google'
-    autoload :Terraform, 'sfn/api_provider/terraform'
+    autoload :Google, "sfn/api_provider/google"
+    autoload :Terraform, "sfn/api_provider/terraform"
   end
 end

data/lib/sfn/api_provider/google.rb CHANGED

@@ -1,4 +1,4 @@
-require 'sfn'
+require "sfn"
 module Sfn
   module ApiProvider
@@ -43,7 +43,7 @@ module Sfn
       # @return [TrueClass, FalseClass]
       def function_set_parameter?(val)
         if val
-          val.start_with?('$(') || val.start_with?('{{')
+          val.start_with?("$(") || val.start_with?("{{")
         end
       end

data/lib/sfn/api_provider/terraform.rb CHANGED

@@ -1,4 +1,4 @@
-require 'sfn'
+require "sfn"
 module Sfn
   module ApiProvider
@@ -43,7 +43,7 @@ module Sfn
       # @return [TrueClass, FalseClass]
       def function_set_parameter?(val)
         if val
-          val.start_with?('${')
+          val.start_with?("${")
         end
       end

data/lib/sfn/cache.rb CHANGED

@@ -1,6 +1,6 @@
-require 'digest/sha2'
-require 'thread'
-require 'sfn'
+require "digest/sha2"
+require "thread"
+require "sfn"
 module Sfn
   # Data caching helper
@@ -16,9 +16,9 @@ module Sfn
         case type
         when :redis
           begin
-            require 'redis-objects'
+            require "redis-objects"
           rescue LoadError
-            $stderr.puts 'The `redis-objects` gem is required for Cache support!'
+            $stderr.puts "The `redis-objects` gem is required for Cache support!"
             raise
           end
           @_pid = Process.pid
@@ -168,7 +168,7 @@ module Sfn
       when :lock
         Redis::Lock.new(full_name, {:expiration => 60, :timeout => 0.1}.merge(args))
       when :stamped
-        Stamped.new(full_name.sub("#{key}_", '').to_sym, get_redis_storage(:value, full_name), self)
+        Stamped.new(full_name.sub("#{key}_", "").to_sym, get_redis_storage(:value, full_name), self)
       else
         raise TypeError.new("Unsupported caching data type encountered: #{data_type}")
       end
@@ -193,7 +193,7 @@ module Sfn
                               when :lock
                                 LocalLock.new(full_name, {:expiration => 60, :timeout => 0.1}.merge(args))
                               when :stamped
-                                Stamped.new(full_name.sub("#{key}_", '').to_sym, get_local_storage(:value, full_name), self)
+                                Stamped.new(full_name.sub("#{key}_", "").to_sym, get_local_storage(:value, full_name), self)
                               else
                                 raise TypeError.new("Unsupported caching data type encountered: #{data_type}")
                               end
@@ -227,7 +227,7 @@ module Sfn
     # @param val [Object]
     # @note this will never work, thus you should never use it
     def []=(key, val)
-      raise 'Setting backend data is not allowed'
+      raise "Setting backend data is not allowed"
     end
     # Check if cache time has expired
@@ -263,7 +263,7 @@ module Sfn
           yield
         end
       rescue => e
-        if e.class.to_s.end_with?('Timeout')
+        if e.class.to_s.end_with?("Timeout")
           raise if raise_on_locked
         else
           raise

data/lib/sfn/callback.rb CHANGED

@@ -1,11 +1,11 @@
-require 'sfn'
+require "sfn"
 module Sfn
   # Interface for injecting custom functionality
   class Callback
-    autoload :AwsAssumeRole, 'sfn/callback/aws_assume_role'
-    autoload :AwsMfa, 'sfn/callback/aws_mfa'
-    autoload :StackPolicy, 'sfn/callback/stack_policy'
+    autoload :AwsAssumeRole, "sfn/callback/aws_assume_role"
+    autoload :AwsMfa, "sfn/callback/aws_mfa"
+    autoload :StackPolicy, "sfn/callback/stack_policy"
     # @return [Bogo::Ui]
     attr_reader :ui
@@ -40,10 +40,10 @@ module Sfn
       ui.info("#{msg}... ", :nonewline)
       begin
         result = yield
-        ui.puts ui.color('complete!', :green, :bold)
+        ui.puts ui.color("complete!", :green, :bold)
         result
       rescue => e
-        ui.puts ui.color('error!', :red, :bold)
+        ui.puts ui.color("error!", :red, :bold)
         ui.error "Reason - #{e}"
         raise
       end

data/lib/sfn/callback/aws_assume_role.rb CHANGED

@@ -1,4 +1,4 @@
-require 'sfn'
+require "sfn"
 module Sfn
   class Callback
@@ -31,14 +31,14 @@ module Sfn
       def after(*_)
         if enabled?
           if api.connection.aws_sts_role_arn && api.connection.aws_sts_token
-            path = config.fetch(:aws_assume_role, :cache_file, '.sfn-aws')
+            path = config.fetch(:aws_assume_role, :cache_file, ".sfn-aws")
             FileUtils.touch(path)
             File.chmod(0600, path)
             values = load_stored_values(path)
             STS_STORE_ITEMS.map do |key|
               values[key] = api.connection.data[key]
             end
-            File.open(path, 'w') do |file|
+            File.open(path, "w") do |file|
               file.puts MultiJson.dump(values)
             end
           end
@@ -47,14 +47,14 @@ module Sfn
       # @return [TrueClass, FalseClass]
       def enabled?
-        config.fetch(:aws_assume_role, :status, 'enabled').to_s == 'enabled'
+        config.fetch(:aws_assume_role, :status, "enabled").to_s == "enabled"
       end
       # Load stored configuration data into the api connection
       #
       # @return [TrueClass, FalseClass]
       def load_stored_session
-        path = config.fetch(:aws_assume_role, :cache_file, '.sfn-aws')
+        path = config.fetch(:aws_assume_role, :cache_file, ".sfn-aws")
         if File.exists?(path)
           values = load_stored_values(path)
           STS_STORE_ITEMS.each do |key|

data/lib/sfn/callback/aws_mfa.rb CHANGED

@@ -1,4 +1,4 @@
-require 'sfn'
+require "sfn"
 module Sfn
   class Callback
@@ -32,30 +32,32 @@ module Sfn
       def after(*_)
         if enabled?
           if api.connection.aws_sts_session_token
-            path = config.fetch(:aws_mfa, :cache_file, '.sfn-aws')
+            path = config.fetch(:aws_mfa, :cache_file, ".sfn-aws")
             FileUtils.touch(path)
             File.chmod(0600, path)
             values = load_stored_values(path)
             SESSION_STORE_ITEMS.map do |key|
               values[key] = api.connection.data[key]
             end
-            File.open(path, 'w') do |file|
+            File.open(path, "w") do |file|
               file.puts MultiJson.dump(values)
             end
           end
         end
       end
+      alias_method :failed, :after
       # @return [TrueClass, FalseClass]
       def enabled?
-        config.fetch(:aws_mfa, :status, 'enabled').to_s == 'enabled'
+        config.fetch(:aws_mfa, :status, "enabled").to_s == "enabled"
       end
       # Load stored configuration data into the api connection
       #
       # @return [TrueClass, FalseClass]
       def load_stored_session
-        path = config.fetch(:aws_mfa, :cache_file, '.sfn-aws')
+        path = config.fetch(:aws_mfa, :cache_file, ".sfn-aws")
         if File.exists?(path)
           values = load_stored_values(path)
           SESSION_STORE_ITEMS.each do |key|
@@ -93,7 +95,7 @@ module Sfn
       #
       # @return [String]
       def prompt_for_code
-        result = ui.ask 'AWS MFA code', :valid => /^\d{6}$/
+        result = ui.ask "AWS MFA code", :valid => /^\d{6}$/
         result.strip
       end
     end

data/lib/sfn/callback/stack_policy.rb CHANGED

@@ -1,4 +1,4 @@
-require 'sfn'
+require "sfn"
 module Sfn
   class Callback
@@ -6,11 +6,11 @@ module Sfn
       # Policy to apply prior to stack deletion
       DEFENSELESS_POLICY = {
-        'Statement' => [{
-          'Effect' => 'Allow',
-          'Action' => 'Update:*',
-          'Resource' => '*',
-          'Principal' => '*',
+        "Statement" => [{
+          "Effect" => "Allow",
+          "Action" => "Update:*",
+          "Resource" => "*",
+          "Principal" => "*",
         }],
       }
@@ -29,14 +29,14 @@ module Sfn
       #
       # @param args [Hash]
       def submit_policy(args)
-        ui.info 'Submitting stack policy documents'
+        ui.info "Submitting stack policy documents"
         stack = args[:api_stack]
         ([stack] + stack.nested_stacks).compact.each do |p_stack|
           run_action "Applying stack policy to #{ui.color(p_stack.name, :yellow)}" do
             save_stack_policy(p_stack)
           end
         end
-        ui.info 'Stack policy documents successfully submitted!'
+        ui.info "Stack policy documents successfully submitted!"
       end
       alias_method :after_create, :submit_policy
@@ -46,8 +46,8 @@ module Sfn
       #
       # @param args [Hash]
       def before_update(args)
-        if config.get(:stack_policy, :update).to_s == 'defenseless'
-          ui.warn 'Disabling all stack policies for update.'
+        if config.get(:stack_policy, :update).to_s == "defenseless"
+          ui.warn "Disabling all stack policies for update."
           stack = args[:api_stack]
           ([stack] + stack.nested_stacks).compact.each do |p_stack|
             @policies[p_stack.name] = DEFENSELESS_POLICY
@@ -64,7 +64,7 @@ module Sfn
       # @param info [Hash]
       def template(info)
         if info[:sparkle_stack]
-          @policies.set(info.fetch(:stack_name, 'unknown'),
+          @policies.set(info.fetch(:stack_name, "unknown"),
                         info[:sparkle_stack].generate_policy)
         end
       end
@@ -89,12 +89,12 @@ module Sfn
           end
         end
         result = p_stack.api.request(
-          :path => '/',
+          :path => "/",
           :method => :post,
           :form => Smash.new(
-            'Action' => 'SetStackPolicy',
-            'StackName' => p_stack.id,
-            'StackPolicyBody' => MultiJson.dump(stack_policy),
+            "Action" => "SetStackPolicy",
+            "StackName" => p_stack.id,
+            "StackPolicyBody" => MultiJson.dump(stack_policy),
           ),
         )
       end