drivers

package

v0.0.0-...-c2efb00 Latest Latest Go to latest Published: Apr 11, 2024 License: Apache-2.0 Imports: 10 Imported by: 9

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/open-policy-agent/frameworks

Links

Open Source Insights

Documentation ¶

Index ¶

func KeyMap(constraints []*unstructured.Unstructured) map[ConstraintKey]*unstructured.Unstructured
func ToResult(constraints map[ConstraintKey]*unstructured.Unstructured, r rego.Result) (*types.Result, error)
func ToResults(constraints map[ConstraintKey]*unstructured.Unstructured, ...) ([]*types.Result, error)
type ConstraintKey
- func ConstraintKeyFrom(constraint *unstructured.Unstructured) ConstraintKey
- func (k ConstraintKey) StoragePath() storage.Path
type Driver
type QueryCfg
type QueryOpt
- func Stats(enabled bool) QueryOpt
- func Tracing(enabled bool) QueryOpt
type QueryResponse

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func KeyMap ¶

func KeyMap(constraints []*unstructured.Unstructured) map[ConstraintKey]*unstructured.Unstructured

func ToResult ¶

func ToResult(constraints map[ConstraintKey]*unstructured.Unstructured, r rego.Result) (*types.Result, error)

func ToResults ¶

func ToResults(constraints map[ConstraintKey]*unstructured.Unstructured, resultSet rego.ResultSet) ([]*types.Result, error)

Types ¶

type ConstraintKey ¶

type ConstraintKey struct {
	Kind string `json:"kind"`
	Name string `json:"name"`
}

ConstraintKey uniquely identifies a Constraint.

func ConstraintKeyFrom ¶

func ConstraintKeyFrom(constraint *unstructured.Unstructured) ConstraintKey

ConstraintKeyFrom returns a unique identifier corresponding to Constraint.

func (ConstraintKey) StoragePath ¶

func (k ConstraintKey) StoragePath() storage.Path

StoragePath returns a unique path in Rego storage for Constraint's parameters. Constraints have a single set of parameters shared among all targets, so a target-specific path is not required.

type Driver ¶

type Driver interface {
	// Name returns the name of the driver, used to uniquely identify a driver
	// and in errors returned to the user.
	Name() string

	// AddTemplate compiles a Template's code to be specified by
	// Constraints and referenced in Query. Replaces the existing Template if it
	// already exists.
	AddTemplate(ctx context.Context, ct *templates.ConstraintTemplate) error
	// RemoveTemplate removes the Template from the Driver, and any Constraints.
	// Does not return an error if the Template does not exist.
	RemoveTemplate(ctx context.Context, ct *templates.ConstraintTemplate) error

	// AddConstraint adds a Constraint to Driver for a particular Template. Future
	// calls to Query may reference the added Constraint. Replaces the existing
	// Constraint if it already exists.
	AddConstraint(ctx context.Context, constraint *unstructured.Unstructured) error
	// RemoveConstraint removes a Constraint from Driver. Future calls to Query
	// may not reference the removed Constraint.
	// Does not return error if the Constraint does not exist.
	RemoveConstraint(ctx context.Context, constraint *unstructured.Unstructured) error

	// AddData caches data to be used for referential Constraints. Replaces data
	// if it already exists at the specified path. This is a deprecated method that
	// will only be called for the "Rego" driver.
	AddData(ctx context.Context, target string, path storage.Path, data interface{}) error
	// RemoveData removes cached data, so the data at the specified path can no
	// longer be used in referential Constraints. This is a deprecated method that
	// will only be called for the "Rego" driver.
	RemoveData(ctx context.Context, target string, path storage.Path) error

	// Query runs the passed target's Constraints against review.
	// Returns a QueryResponse type.
	// Returns an error if there was a problem executing the Query.
	Query(ctx context.Context, target string, constraints []*unstructured.Unstructured, review interface{}, opts ...QueryOpt) (*QueryResponse, error)

	// Dump outputs the entire state of compiled Templates, added Constraints, and
	// cached data used for referential Constraints.
	Dump(ctx context.Context) (string, error)

	// GetDescriptionForStat returns the description for a given stat name
	// or errors out for an unknown stat.
	GetDescriptionForStat(statName string) (string, error)
}

A Driver implements Rego query execution of Templates and Constraints.

type QueryCfg ¶

type QueryCfg struct {
	TracingEnabled bool
	StatsEnabled   bool
}

type QueryOpt ¶

type QueryOpt func(*QueryCfg)

QueryOpt specifies optional arguments for Query driver calls.

func Stats ¶

func Stats(enabled bool) QueryOpt

Stats(true) enables the driver to return evaluation stats for a single query. If stats is enabled for the Driver at construction time, then Stats(false) does not disable Stats for this single query.

func Tracing ¶

func Tracing(enabled bool) QueryOpt

Tracing enables Rego tracing for a single query. If tracing is enabled for the Driver, Tracing(false) does not disable Tracing.

type QueryResponse ¶

type QueryResponse struct {
	Results      []*types.Result
	Trace        *string
	StatsEntries []*instrumentation.StatsEntry
}

QueryResponse encapsulates the values returned on Query: - Results includes a Result for each violated Constraint. - Trace is the evaluation trace on Query if specified in query options or enabled at Driver creation. - StatsEntries include any Stats that the engine gathered on Query.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
fake
schema
k8scel
schema
transform
rego
schema

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL