From 4fcff132cccabe629734d9c479a85002d3ea2625 Mon Sep 17 00:00:00 2001 From: Maxi Wittich Date: Wed, 29 Jan 2025 13:39:22 +0100 Subject: [PATCH 1/2] chore(opa) bump to 1.0.0 in integration tests and docs --- ...imple-trino-cluster-authentication-opa-authorization-s3.yaml | 2 +- tests/test-definition.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/simple-trino-cluster-authentication-opa-authorization-s3.yaml b/examples/simple-trino-cluster-authentication-opa-authorization-s3.yaml index a741763e..31e57700 100644 --- a/examples/simple-trino-cluster-authentication-opa-authorization-s3.yaml +++ b/examples/simple-trino-cluster-authentication-opa-authorization-s3.yaml @@ -51,7 +51,7 @@ metadata: name: simple-opa spec: image: - productVersion: 0.66.0 + productVersion: 1.0.0 servers: roleGroups: default: {} diff --git a/tests/test-definition.yaml b/tests/test-definition.yaml index aa936b60..818dd857 100644 --- a/tests/test-definition.yaml +++ b/tests/test-definition.yaml @@ -31,7 +31,7 @@ dimensions: - 4.0.0 - name: opa values: - - 0.66.0 + - 1.0.0 - name: hdfs values: - 3.4.0 From cf4a6348c9d920e60113b008f9db22d9f509a9e4 Mon Sep 17 00:00:00 2001 From: Maxi Wittich Date: Wed, 29 Jan 2025 14:42:41 +0100 Subject: [PATCH 2/2] removing rego.v1 --- .../modules/trino/examples/usage-guide/opa-bundle-trino-cm.yaml | 2 -- ...imple-trino-cluster-authentication-opa-authorization-s3.yaml | 2 -- tests/templates/kuttl/opa-authorization/trino_policies.rego | 2 -- .../kuttl/opa-authorization/trino_rules/actual_permissions.rego | 2 -- .../opa-authorization/trino_rules/actual_permissions_test.rego | 1 - .../templates/kuttl/opa-authorization/trino_rules/policies.rego | 2 -- .../kuttl/opa-authorization/trino_rules/policies_test.rego | 1 - .../opa-authorization/trino_rules/requested_permissions.rego | 2 -- .../trino_rules/requested_permissions_test.rego | 1 - tests/templates/kuttl/opa-authorization/trino_rules/util.rego | 2 -- .../kuttl/opa-authorization/trino_rules/util_test.rego | 1 - .../kuttl/opa-authorization/trino_rules/verification.rego | 2 -- .../kuttl/opa-authorization/trino_rules/verification_test.rego | 1 - tests/templates/kuttl/smoke/09-install-opa.yaml.j2 | 2 -- 14 files changed, 23 deletions(-) diff --git a/docs/modules/trino/examples/usage-guide/opa-bundle-trino-cm.yaml b/docs/modules/trino/examples/usage-guide/opa-bundle-trino-cm.yaml index 5b6f8d4f..5e454ffd 100644 --- a/docs/modules/trino/examples/usage-guide/opa-bundle-trino-cm.yaml +++ b/docs/modules/trino/examples/usage-guide/opa-bundle-trino-cm.yaml @@ -9,8 +9,6 @@ data: trino.rego: | package trino - import rego.v1 - default allow = false # Allow non-batched access diff --git a/examples/simple-trino-cluster-authentication-opa-authorization-s3.yaml b/examples/simple-trino-cluster-authentication-opa-authorization-s3.yaml index 31e57700..76de5e50 100644 --- a/examples/simple-trino-cluster-authentication-opa-authorization-s3.yaml +++ b/examples/simple-trino-cluster-authentication-opa-authorization-s3.yaml @@ -66,8 +66,6 @@ data: trino.rego: | package trino - import rego.v1 - default allow = false # Allow non-batched access diff --git a/tests/templates/kuttl/opa-authorization/trino_policies.rego b/tests/templates/kuttl/opa-authorization/trino_policies.rego index b5cdc2f3..fa7d81c1 100644 --- a/tests/templates/kuttl/opa-authorization/trino_policies.rego +++ b/tests/templates/kuttl/opa-authorization/trino_policies.rego @@ -1,7 +1,5 @@ package trino_policies -import rego.v1 - policies := { "catalogs": [ { diff --git a/tests/templates/kuttl/opa-authorization/trino_rules/actual_permissions.rego b/tests/templates/kuttl/opa-authorization/trino_rules/actual_permissions.rego index 5ce26245..e2e80184 100644 --- a/tests/templates/kuttl/opa-authorization/trino_rules/actual_permissions.rego +++ b/tests/templates/kuttl/opa-authorization/trino_rules/actual_permissions.rego @@ -1,7 +1,6 @@ package trino import data.util -import rego.v1 # This file contains functions to determine the actual permissions # defined in the Trino policies for the given user and requested @@ -26,7 +25,6 @@ identity := input.context.identity # # Example: # package trino_policies -# import rego.v1 # extra_groups := data.stackable.opa.userinfo.v1.userInfoByUsername(input.context.identity.user).groups default extra_groups := [] diff --git a/tests/templates/kuttl/opa-authorization/trino_rules/actual_permissions_test.rego b/tests/templates/kuttl/opa-authorization/trino_rules/actual_permissions_test.rego index 35254c48..c7cc8122 100644 --- a/tests/templates/kuttl/opa-authorization/trino_rules/actual_permissions_test.rego +++ b/tests/templates/kuttl/opa-authorization/trino_rules/actual_permissions_test.rego @@ -1,7 +1,6 @@ package actual_permissions_test import data.trino -import rego.v1 # These tests check that all rules and functions return the expected # result for the given test identity and action. diff --git a/tests/templates/kuttl/opa-authorization/trino_rules/policies.rego b/tests/templates/kuttl/opa-authorization/trino_rules/policies.rego index fd68a889..a8a3d484 100644 --- a/tests/templates/kuttl/opa-authorization/trino_rules/policies.rego +++ b/tests/templates/kuttl/opa-authorization/trino_rules/policies.rego @@ -1,7 +1,6 @@ package trino import data.util -import rego.v1 # The final policies are a combination of policies offered by Stackable, # policies provided externally, and default policies. @@ -18,7 +17,6 @@ import rego.v1 # # Example: # package trino_policies -# import rego.v1 # policies := { # "catalogs": [ # { diff --git a/tests/templates/kuttl/opa-authorization/trino_rules/policies_test.rego b/tests/templates/kuttl/opa-authorization/trino_rules/policies_test.rego index a6807904..848ab8fc 100644 --- a/tests/templates/kuttl/opa-authorization/trino_rules/policies_test.rego +++ b/tests/templates/kuttl/opa-authorization/trino_rules/policies_test.rego @@ -1,7 +1,6 @@ package policies_test import data.trino -import rego.v1 # These tests check that all rule lists are concatenated as expected and # that defaults are applied if necessary. diff --git a/tests/templates/kuttl/opa-authorization/trino_rules/requested_permissions.rego b/tests/templates/kuttl/opa-authorization/trino_rules/requested_permissions.rego index 5a8bdc53..4a86af24 100644 --- a/tests/templates/kuttl/opa-authorization/trino_rules/requested_permissions.rego +++ b/tests/templates/kuttl/opa-authorization/trino_rules/requested_permissions.rego @@ -1,7 +1,5 @@ package trino -import rego.v1 - # This file contains the requested_permissions rule which returns a set # of required permissions for the given operation including the # requested resource. Operations with the same set of required diff --git a/tests/templates/kuttl/opa-authorization/trino_rules/requested_permissions_test.rego b/tests/templates/kuttl/opa-authorization/trino_rules/requested_permissions_test.rego index 4b4039f5..0d7214ad 100644 --- a/tests/templates/kuttl/opa-authorization/trino_rules/requested_permissions_test.rego +++ b/tests/templates/kuttl/opa-authorization/trino_rules/requested_permissions_test.rego @@ -1,7 +1,6 @@ package requested_permissions_test import data.trino -import rego.v1 # These tests check that the returned rules are well-formed. Typos and # copy-and-paste errors should be detected. It is intentionally not diff --git a/tests/templates/kuttl/opa-authorization/trino_rules/util.rego b/tests/templates/kuttl/opa-authorization/trino_rules/util.rego index 7ed70ef8..9b0978f4 100644 --- a/tests/templates/kuttl/opa-authorization/trino_rules/util.rego +++ b/tests/templates/kuttl/opa-authorization/trino_rules/util.rego @@ -2,8 +2,6 @@ # description: Utility package which extends the built-in functions package util -import rego.v1 - # METADATA # description: | # Matches the entire string against a regular expression. diff --git a/tests/templates/kuttl/opa-authorization/trino_rules/util_test.rego b/tests/templates/kuttl/opa-authorization/trino_rules/util_test.rego index 6b646e2d..87a4f695 100644 --- a/tests/templates/kuttl/opa-authorization/trino_rules/util_test.rego +++ b/tests/templates/kuttl/opa-authorization/trino_rules/util_test.rego @@ -1,7 +1,6 @@ package util_test import data.util -import rego.v1 test_match_entire if { util.match_entire(`a`, "a") diff --git a/tests/templates/kuttl/opa-authorization/trino_rules/verification.rego b/tests/templates/kuttl/opa-authorization/trino_rules/verification.rego index 688c2e65..a5d9568b 100644 --- a/tests/templates/kuttl/opa-authorization/trino_rules/verification.rego +++ b/tests/templates/kuttl/opa-authorization/trino_rules/verification.rego @@ -22,8 +22,6 @@ # - data.trino_policies.policies: schema.policies package trino -import rego.v1 - # METADATA # description: | # Entry point for OPA policies, configured in the Trino property diff --git a/tests/templates/kuttl/opa-authorization/trino_rules/verification_test.rego b/tests/templates/kuttl/opa-authorization/trino_rules/verification_test.rego index 87131b0c..71f0f9d2 100644 --- a/tests/templates/kuttl/opa-authorization/trino_rules/verification_test.rego +++ b/tests/templates/kuttl/opa-authorization/trino_rules/verification_test.rego @@ -1,7 +1,6 @@ package verification_test import data.trino -import rego.v1 # These unit tests cover all incremental definitions of the rules in # verification.rego. For testing the allow rule, operations were diff --git a/tests/templates/kuttl/smoke/09-install-opa.yaml.j2 b/tests/templates/kuttl/smoke/09-install-opa.yaml.j2 index 6bc80ba0..ac5a3b3c 100644 --- a/tests/templates/kuttl/smoke/09-install-opa.yaml.j2 +++ b/tests/templates/kuttl/smoke/09-install-opa.yaml.j2 @@ -25,8 +25,6 @@ data: trino.rego: | package trino - import rego.v1 - default allow = false allow if {