This repository holds integrations, examples, and proof-of-concepts that work with the Open Policy Agent (OPA) project.
- Kafka Authorization
- HTTP API Authorization (Spring Security)
- HTTP API Authorization (Linkerd)
- HTTP API Authorization (Python)
- HTTP API Authorization (Dart)
- HTTP API Authorization (Kong)
- SSH and sudo Authorization (PAM)
- Puppet Authorization
- Container Image Policy (Kubernetes and CoreOS Clair)
- Data Filtering (SQL)
- Data Filtering (Elasticsearch)
- Data Filtering (MongoDB)
- Data Filtering (Azure)
- Cloud Foundry Policies
- Decision Logger Plugin
- IPTables (Linux)
- IPTables (Envoy)
- JUnit Test Format Conversion
- Kubernetes Authorization
- Kubernetes Node Selector
- Kubernetes API Client
- Grafana Dashboard
- OpenAPI Specification for OPA
- SonarCloud Test Coverage Conversion
For a comprehensive list of integrations, see the OPA ecosystem page.
If you have built an integration, example, or proof-of-concept on top of OPA that you would like to release to the community, feel free to submit a Pull Request against this repository. Please create a new top-level directory containing:
- A README.md explaining what your integration does
- A Makefile to build your integration
Most integrations include a top-level Makefile with two targets:
build
- compiles/lints/tests the integrationpush
- builds the integration and publishes artifacts
Many of the integrations produce one or more Docker images. These Docker images can be pushed to the hub.docker.com/u/openpolicyagent repository (assuming you are authorized.)
The Makefile in this directory contains build
and push
targets to build and push all integrations.