opa: github.com/open-policy-agent/opa/bundle Index | Files

package bundle

import "github.com/open-policy-agent/opa/bundle"

Package bundle implements bundle loading.

Index

Package Files

bundle.go file.go store.go

Constants

const (
    RegoExt  = ".rego"
    WasmFile = "/policy.wasm"
)

Common file extensions and file names.

func Activate Uses

func Activate(opts *ActivateOpts) error

Activate the bundle(s) by loading into the given Store. This will load policies, data, and record the manifest in storage. The compiler provided will have had the polices compiled on it.

func ActivateLegacy Uses

func ActivateLegacy(opts *ActivateOpts) error

ActivateLegacy calls Activate for the bundles but will also write their manifest to the older unnamed store location. Deprecated: Use Activate with named bundles instead.

func Deactivate Uses

func Deactivate(opts *DeactivateOpts) error

Deactivate the bundle(s). This will erase associated data, policies, and the manifest entry from the store.

func EraseManifestFromStore Uses

func EraseManifestFromStore(ctx context.Context, store storage.Store, txn storage.Transaction, name string) error

EraseManifestFromStore will remove the manifest from storage. This function is called when the bundle is deactivated.

func LegacyEraseManifestFromStore Uses

func LegacyEraseManifestFromStore(ctx context.Context, store storage.Store, txn storage.Transaction) error

LegacyEraseManifestFromStore will erase the bundle manifest from the older single (unnamed) bundle manifest location. Deprecated: Use WriteManifestToStore and named bundles instead.

func LegacyReadRevisionFromStore Uses

func LegacyReadRevisionFromStore(ctx context.Context, store storage.Store, txn storage.Transaction) (string, error)

LegacyReadRevisionFromStore will read the bundle manifest revision from the older single (unnamed) bundle manifest location. Deprecated: Use ReadBundleRevisionFromStore and named bundles instead.

func LegacyWriteManifestToStore Uses

func LegacyWriteManifestToStore(ctx context.Context, store storage.Store, txn storage.Transaction, manifest Manifest) error

LegacyWriteManifestToStore will write the bundle manifest to the older single (unnamed) bundle manifest location. Deprecated: Use WriteManifestToStore and named bundles instead.

func ManifestStoragePath Uses

func ManifestStoragePath(name string) storage.Path

ManifestStoragePath is the storage path used for the given named bundle manifest.

func ReadBundleNamesFromStore Uses

func ReadBundleNamesFromStore(ctx context.Context, store storage.Store, txn storage.Transaction) ([]string, error)

ReadBundleNamesFromStore will return a list of bundle names which have had their metadata stored.

func ReadBundleRevisionFromStore Uses

func ReadBundleRevisionFromStore(ctx context.Context, store storage.Store, txn storage.Transaction, name string) (string, error)

ReadBundleRevisionFromStore returns the revision in the specified bundle. If the bundle is not activated, this function will return storage NotFound error.

func ReadBundleRootsFromStore Uses

func ReadBundleRootsFromStore(ctx context.Context, store storage.Store, txn storage.Transaction, name string) ([]string, error)

ReadBundleRootsFromStore returns the roots in the specified bundle. If the bundle is not activated, this function will return storage NotFound error.

func RootPathsContain Uses

func RootPathsContain(roots []string, path string) bool

RootPathsContain takes a set of bundle root paths and returns true if the path is contained.

func RootPathsOverlap Uses

func RootPathsOverlap(pathA string, pathB string) bool

RootPathsOverlap takes in two bundle root paths and returns true if they overlap.

func Write Uses

func Write(w io.Writer, bundle Bundle) error

Write is deprecated. Use NewWriter instead.

func WriteManifestToStore Uses

func WriteManifestToStore(ctx context.Context, store storage.Store, txn storage.Transaction, name string, manifest Manifest) error

WriteManifestToStore will write the manifest into the storage. This function is called when the bundle is activated.

type ActivateOpts Uses

type ActivateOpts struct {
    Ctx          context.Context
    Store        storage.Store
    Txn          storage.Transaction
    Compiler     *ast.Compiler
    Metrics      metrics.Metrics
    Bundles      map[string]*Bundle     // Optional
    ExtraModules map[string]*ast.Module // Optional
    // contains filtered or unexported fields
}

ActivateOpts defines options for the Activate API call.

type Bundle Uses

type Bundle struct {
    Manifest Manifest
    Data     map[string]interface{}
    Modules  []ModuleFile
    Wasm     []byte
}

Bundle represents a loaded bundle. The bundle can contain data and policies.

func Merge Uses

func Merge(bundles []*Bundle) (*Bundle, error)

Merge accepts a set of bundles and merges them into a single result bundle. If there are any conflicts during the merge (e.g., with roots) an error is returned. The result bundle will have an empty revision except in the special case where a single bundle is provided (and in that case the bundle is just returned unmodified.) Merge currently returns an error if multiple bundles are provided and any of those bundles contain wasm modules (because wasm module merging is not implemented.)

func (Bundle) Copy Uses

func (b Bundle) Copy() Bundle

Copy returns a deep copy of the bundle.

func (Bundle) Equal Uses

func (b Bundle) Equal(other Bundle) bool

Equal returns true if this bundle's contents equal the other bundle's contents.

func (*Bundle) ParsedModules Uses

func (b *Bundle) ParsedModules(bundleName string) map[string]*ast.Module

ParsedModules returns a map of parsed modules with names that are unique and human readable for the given a bundle name.

type DeactivateOpts Uses

type DeactivateOpts struct {
    Ctx         context.Context
    Store       storage.Store
    Txn         storage.Transaction
    BundleNames map[string]struct{}
}

DeactivateOpts defines options for the Deactivate API call

type Descriptor Uses

type Descriptor struct {
    // contains filtered or unexported fields
}

Descriptor contains information about a file and can be used to read the file contents.

func (*Descriptor) Close Uses

func (d *Descriptor) Close() error

Close the file, on some Loader implementations this might be a no-op. It should *always* be called regardless of file.

func (*Descriptor) Path Uses

func (d *Descriptor) Path() string

Path returns the path of the file.

func (*Descriptor) Read Uses

func (d *Descriptor) Read(dest io.Writer, n int64) (int64, error)

Read will read all the contents from the file the Descriptor refers to into the dest writer up n bytes. Will return an io.EOF error if EOF is encountered before n bytes are read.

func (*Descriptor) URL Uses

func (d *Descriptor) URL() string

URL returns the url of the file.

type DirectoryLoader Uses

type DirectoryLoader interface {
    // NextFile must return io.EOF if there is no next value. The returned
    // descriptor should *always* be closed when no longer needed.
    NextFile() (*Descriptor, error)
}

DirectoryLoader defines an interface which can be used to load files from a directory by iterating over each one in the tree.

func NewDirectoryLoader Uses

func NewDirectoryLoader(root string) DirectoryLoader

NewDirectoryLoader returns a basic DirectoryLoader implementation that will load files from a given root directory path.

func NewTarballLoader Uses

func NewTarballLoader(r io.Reader) DirectoryLoader

NewTarballLoader is deprecated. Use NewTarballLoaderWithBaseURL instead.

func NewTarballLoaderWithBaseURL Uses

func NewTarballLoaderWithBaseURL(r io.Reader, baseURL string) DirectoryLoader

NewTarballLoaderWithBaseURL returns a new DirectoryLoader that reads files out of a gzipped tar archive. The file URLs will be prefixed with the baseURL.

type Manifest Uses

type Manifest struct {
    Revision string    `json:"revision"`
    Roots    *[]string `json:"roots,omitempty"`
}

Manifest represents the manifest from a bundle. The manifest may contain metadata such as the bundle revision.

func (*Manifest) AddRoot Uses

func (m *Manifest) AddRoot(r string)

AddRoot adds r to the roots of m. This function is idempotent.

func (Manifest) Copy Uses

func (m Manifest) Copy() Manifest

Copy returns a deep copy of the manifest.

func (Manifest) Equal Uses

func (m Manifest) Equal(other Manifest) bool

Equal returns true if m is semantically equivalent to other.

func (*Manifest) Init Uses

func (m *Manifest) Init()

Init initializes the manifest. If you instantiate a manifest manually, call Init to ensure that the roots are set properly.

func (Manifest) String Uses

func (m Manifest) String() string

type ModuleFile Uses

type ModuleFile struct {
    URL    string
    Path   string
    Raw    []byte
    Parsed *ast.Module
}

ModuleFile represents a single module contained a bundle.

type Reader Uses

type Reader struct {
    // contains filtered or unexported fields
}

Reader contains the reader to load the bundle from.

func NewCustomReader Uses

func NewCustomReader(loader DirectoryLoader) *Reader

NewCustomReader returns a new Reader configured to use the specified DirectoryLoader.

func NewReader Uses

func NewReader(r io.Reader) *Reader

NewReader is deprecated. Use NewCustomReader instead.

func (*Reader) IncludeManifestInData Uses

func (r *Reader) IncludeManifestInData(includeManifestInData bool) *Reader

IncludeManifestInData sets whether the manifest metadata should be included in the bundle's data.

func (*Reader) Read Uses

func (r *Reader) Read() (Bundle, error)

Read returns a new Bundle loaded from the reader.

func (*Reader) WithBaseDir Uses

func (r *Reader) WithBaseDir(dir string) *Reader

WithBaseDir sets a base directory for file paths of loaded Rego modules. This will *NOT* affect the loaded path of data files.

func (*Reader) WithMetrics Uses

func (r *Reader) WithMetrics(m metrics.Metrics) *Reader

WithMetrics sets the metrics object to be used while loading bundles

type Writer Uses

type Writer struct {
    // contains filtered or unexported fields
}

Writer implements bundle serialization.

func NewWriter Uses

func NewWriter(w io.Writer) *Writer

NewWriter returns a bundle writer that writes to w.

func (*Writer) DisableFormat Uses

func (w *Writer) DisableFormat(yes bool) *Writer

DisableFormat configures the writer to just write out raw bytes instead of formatting modules before serialization.

func (*Writer) UseModulePath Uses

func (w *Writer) UseModulePath(yes bool) *Writer

UseModulePath configures the writer to use the module file path instead of the module file URL during serialization. This is for backwards compatibility.

func (*Writer) Write Uses

func (w *Writer) Write(bundle Bundle) error

Write writes the bundle to the writer's output stream.

Package bundle imports 22 packages (graph) and is imported by 25 packages. Updated 2020-05-18. Refresh now. Tools for package owners.