Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rego context aware #364

Merged
merged 4 commits into from
Oct 25, 2023
Merged

rego context aware #364

merged 4 commits into from
Oct 25, 2023

Conversation

flavio
Copy link
Member

@flavio flavio commented Oct 23, 2023

This PR allows Rego policies to be context aware.

No change to the API of the crate is done. No special action must be done by the consumers of this library.

Fixes: #353

@flavio flavio requested a review from a team as a code owner October 23, 2023 14:48
@flavio flavio force-pushed the rego-context-aware branch from 93407bc to 6accdd3 Compare October 24, 2023 09:28
@flavio flavio self-assigned this Oct 24, 2023
flavio added 3 commits October 24, 2023 17:19
@flavio
refactor: move burrego runtime to dedicated module
c35955c 
This allows a better organization of the code

Signed-off-by: Flavio Castelli <fcastelli@suse.com>
@flavio
test: add fixtures for context aware
3f21445 
Add some fixtures to be used by Rego policies making use of context
aware data

Signed-off-by: Flavio Castelli <fcastelli@suse.com>
@flavio
feat: add new callback request
5113ecf 
Allow to obtain the plural name of a Kubernetes resource via a callback
query.

This is required to enable OPA policies to be context aware.

Signed-off-by: Flavio Castelli <fcastelli@suse.com>
@flavio flavio force-pushed the rego-context-aware branch from 6accdd3 to f5cac78 Compare October 24, 2023 15:22
@flavio
Copy link
Member Author

flavio commented Oct 24, 2023

I've rebased against the main branch to include the changes introduced by @fabriziosestito

viccuad
viccuad approved these changes Oct 25, 2023
View reviewed changes
Copy link
Member

@viccuad viccuad left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Nice :).

Added some docstrings quibbles, feel free to batch them in a single commit through the UI.

fabriziosestito
fabriziosestito approved these changes Oct 25, 2023
View reviewed changes
Copy link
Contributor

@fabriziosestito fabriziosestito left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! thanks

@flavio flavio force-pushed the rego-context-aware branch from f5cac78 to 49d5726 Compare October 25, 2023 12:18
@flavio
feat: allow Rego policies to be context aware
2c19206 
Allow Rego policies, both OPA and Gatekeeper ones, to leverage
Kubernetes data at evaluation time.

This change doesn't break the API of policy-evaluator, nor requires any
special action by the consumers of this crate.

Signed-off-by: Flavio Castelli <fcastelli@suse.com>
@flavio flavio force-pushed the rego-context-aware branch from 5104232 to 2c19206 Compare October 25, 2023 12:21
@flavio flavio merged commit 22d424a into kubewarden:main Oct 25, 2023
4 checks passed
@flavio flavio deleted the rego-context-aware branch October 25, 2023 12:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@viccuad viccuad viccuad approved these changes

@fabriziosestito fabriziosestito fabriziosestito approved these changes

Assignees

@flavio flavio

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add context-aware data to Rego policies
3 participants
@flavio @fabriziosestito @viccuad