rego

package
v0.0.0-...-a4f5910 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 22, 2024 License: MIT Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AnnoKindMatcher 

type AnnoKindMatcher struct {
	APIGroups []string `json:"apiGroups,omitempty"`
	Kinds     []string `json:"kinds,omitempty"`
}

func (AnnoKindMatcher) String 

func (akm AnnoKindMatcher) String() string

type ConvertedLegacyAnnotations 

type ConvertedLegacyAnnotations struct {
	Title       string         `json:"title,omitempty"`
	Description string         `json:"description,omitempty"`
	Custom      map[string]any `json:"custom,omitempty"`
}

ConvertedLegacyAnnotations holds OPA Metadata Annotations, which were converted from legacy style annotations

type KindMatcher 

type KindMatcher struct {
	APIGroup string
	Kinds    []string
}

KindMatcher is the matcher to generate `constraints.spec.match.kinds`

type KindMatchers 

type KindMatchers []KindMatcher

KindMatchers is a slice of KindMatcher

func (KindMatchers) String 

func (k KindMatchers) String() string

func (KindMatchers) ToSpec 

func (k KindMatchers) ToSpec() []any

ToSpec converts KindMatchers to a slice in format compatible with `spec.match.kinds` of a Constraint

type MatchExpressionMatcher 

type MatchExpressionMatcher struct {
	Key      string   `json:"key"`
	Operator string   `json:"operator"`
	Values   []string `json:"values,omitempty"`
}

MatchExpressionsMatcher is the matcher to generate `constraints.spec.match.labelSelector.matchExpressions`.

type MatchLabelsMatcher 

type MatchLabelsMatcher map[string]string

MatchLabelsMatcher is the matcher to generate `constraints.spec.match.labelSelector.matchLabels`.

func (MatchLabelsMatcher) String 

func (m MatchLabelsMatcher) String() string

type Matchers 

type Matchers struct {
	KindMatchers             KindMatchers
	MatchLabelsMatcher       MatchLabelsMatcher
	MatchExpressionsMatcher  []MatchExpressionMatcher
	NamespaceMatcher         []string
	ExcludedNamespaceMatcher []string
}

Matchers are all of the matchers that can be applied to constraints.

type MetaData 

type MetaData struct {
	Annotations map[string]string
	Labels      map[string]string
}

type Parameter 

type Parameter struct {
	Name        string
	Type        string
	IsArray     bool
	Description string
}

Parameter represents a parameter that the policy uses

type Rego 

type Rego struct {
	// contains filtered or unexported fields
}

Rego represents a parsed rego file.

func GetAllSeverities 

func GetAllSeverities(directory string) ([]Rego, error)

GetAllSeverities gets all of the rego files found in the given directory as well as any subdirectories. Only rego files that contain a valid severity will be returned.

func GetAllSeveritiesWithoutImports 

func GetAllSeveritiesWithoutImports(directory string) ([]Rego, error)

GetAllSeveritiesWithoutImports gets all of the Rego files found in the given directory as well as any subdirectories, but does not attempt to parse the imports.

func GetViolations 

func GetViolations(directory string) ([]Rego, error)

GetViolations gets all of the files found in the given directory as well as any subdirectories. Only rego files that have a severity of violation will be returned.

func (Rego) AnnotationExcludedNamespaceMatchers 

func (r Rego) AnnotationExcludedNamespaceMatchers() []string

func (Rego) AnnotationKindMatchers 

func (r Rego) AnnotationKindMatchers() []AnnoKindMatcher

func (Rego) AnnotationLabelSelectorMatcher 

func (r Rego) AnnotationLabelSelectorMatcher() *metav1.LabelSelector

func (Rego) AnnotationNamespaceMatchers 

func (r Rego) AnnotationNamespaceMatchers() []string

func (Rego) AnnotationParameters 

func (r Rego) AnnotationParameters() map[string]apiextensionsv1.JSONSchemaProps

func (Rego) Annotations 

func (r Rego) Annotations() map[string]string

Annotations returns the annotations found in the header comment of the rego file.

func (Rego) ConvertLegacyAnnotations 

func (r Rego) ConvertLegacyAnnotations() (*ConvertedLegacyAnnotations, error)

ConvertLegacyAnnotations converts legacy annotations to ConvertedLegacyAnnotations

func (Rego) Dependencies 

func (r Rego) Dependencies() []string

Dependencies returns all of the source for the rego files that this rego file depends on.

func (Rego) Description 

func (r Rego) Description() string

Description returns the entire description found in the header comment of the Rego file.

func (Rego) Enforcement 

func (r Rego) Enforcement() string

Enforcement returns the enforcement action in the header comment. Defaults to deny if no enforcement action is specified.

func (Rego) FullSource 

func (r Rego) FullSource() string

FullSource returns the original source code inside of the rego file including comments except the header

func (Rego) GetAnnotation 

func (r Rego) GetAnnotation(name string) (any, bool)

func (Rego) GetOpenAPISchemaProperties 

func (r Rego) GetOpenAPISchemaProperties() map[string]apiextensionsv1.JSONSchemaProps

func (Rego) HasMetadataAnnotations 

func (r Rego) HasMetadataAnnotations() bool

HasMetadataAnnotations checks whether rego file has OPA Metadata Annotations

func (Rego) Kind 

func (r Rego) Kind() string

Kind returns the Kubernetes Kind of the rego file. The kind of the rego file is determined by the name of the directory that the rego file exists in.

func (Rego) Labels 

func (r Rego) Labels() map[string]string

Labels returns the labels found in the header comment of the rego file.

func (Rego) LegacyConversionSource 

func (r Rego) LegacyConversionSource() string

LegacyConversionSource returns the original source code with comments except header, but doesn't trim any trailing whitespace

func (Rego) Matchers 

func (r Rego) Matchers() (Matchers, error)

Matchers returns all of the matchers found in the rego file.

func (Rego) Name 

func (r Rego) Name() string

Name returns the name of the rego file. The name of the rego file is its kind as lowercase.

func (Rego) Parameters 

func (r Rego) Parameters() []Parameter

Parameters returns the list of parsed parameters

func (Rego) Path 

func (r Rego) Path() string

Path returns the original path of the rego file.

func (Rego) PolicyID 

func (r Rego) PolicyID() string

PolicyID returns the identifier of the policy. The returned value will be a blank string if an id was not specified in the policy body.

func (Rego) Severity 

func (r Rego) Severity() Severity

Severity returns the severity of the rego file. When a rego file has multiple rules that are considered to be different severities, the first rule is chosen.

func (Rego) SkipConstraint 

func (r Rego) SkipConstraint() bool

SkipConstraint returns whether or not the generation of the Constraint should be skipped. It is only set to true when the @skip-constraint tag is present in the comment header block

func (Rego) SkipTemplate 

func (r Rego) SkipTemplate() bool

SkipTemplate returns whether or not the generation of the Template should be skipped. It is only set to true when the @skip-template tag is present in the comment header block

func (Rego) Source 

func (r Rego) Source() string

Source returns the original source code inside of the rego file without any comments.

func (Rego) Title 

func (r Rego) Title() string

Title returns the title found in the header comment of the rego file.

type Severity 

type Severity string

Severity describes the severity level of the rego file. 

const (
	Violation Severity = "Violation"
	Warning   Severity = "Warning"

	// PolicyIDVariable is the name of the variable that contains the policy identifier
	PolicyIDVariable = "policyID"
)

The defined severity levels represent the valid severity levels that a rego file can have.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.