rego

Documentation

Index

• Variables
• type Arg
  • func AddExternalDataClientCertWatcher(clientCertWatcher *certwatcher.CertWatcher) Arg
  • func AddExternalDataProviderCache(providerCache *externaldata.ProviderCache) Arg
  • func AddExternalDataProviderResponseCache(providerResponseCache *externaldata.ProviderResponseCache) Arg
  • func Defaults() Arg
  • func DisableBuiltins(builtins ...string) Arg
  • func EnableExternalDataClientAuth() Arg
  • func Externs(externs ...string) Arg
  • func GatherStats() Arg
  • func PrintEnabled(enabled bool) Arg
  • func PrintHook(hook print.Hook) Arg
  • func Storage(s map[string]storage.Store) Arg
  • func Tracing(enabled bool) Arg
• type Compilers
• type Driver
  • func New(args ...Arg) (*Driver, error)
  • func (d *Driver) AddConstraint(ctx context.Context, constraint *unstructured.Unstructured) error
  • func (d *Driver) AddData(ctx context.Context, target string, path storage.Path, data interface{}) error
  • func (d *Driver) AddTemplate(ctx context.Context, templ *templates.ConstraintTemplate) error
  • func (d *Driver) Dump(ctx context.Context) (string, error)
  • func (d *Driver) GetDescriptionForStat(statName string) (string, error)
  • func (d *Driver) Name() string
  • func (d *Driver) Query(ctx context.Context, target string, constraints []*unstructured.Unstructured, ...) (*drivers.QueryResponse, error)
  • func (d *Driver) RemoveConstraint(ctx context.Context, constraint *unstructured.Unstructured) error
  • func (d *Driver) RemoveData(ctx context.Context, target string, path storage.Path) error
  • func (d *Driver) RemoveTemplate(ctx context.Context, templ *templates.ConstraintTemplate) error

Variables

var ErrNoRego = errors.New("Could not extract Rego from the constraint template")

Types

type Arg

type Arg func(*Driver) error

func AddExternalDataClientCertWatcher

func AddExternalDataClientCertWatcher(clientCertWatcher *certwatcher.CertWatcher) Arg

func AddExternalDataProviderCache

func AddExternalDataProviderCache(providerCache *externaldata.ProviderCache) Arg

func AddExternalDataProviderResponseCache

func AddExternalDataProviderResponseCache(providerResponseCache *externaldata.ProviderResponseCache) Arg

func Defaults

func Defaults() Arg

func DisableBuiltins

func DisableBuiltins(builtins ...string) Arg

func EnableExternalDataClientAuth

func EnableExternalDataClientAuth() Arg

func Externs

func Externs(externs ...string) Arg

Externs sets the fields under `data` that Rego in ConstraintTemplates can access. If unset, all fields can be accessed. Only fields recognized by the system can be enabled.

func GatherStats

func GatherStats() Arg

GatherStats starts collecting various stats around the underlying engine's calls.

func PrintEnabled

func PrintEnabled(enabled bool) Arg

func PrintHook

func PrintHook(hook print.Hook) Arg

func Storage

func Storage(s map[string]storage.Store) Arg

func Tracing

func Tracing(enabled bool) Arg

type Compilers

type Compilers struct {
	// contains filtered or unexported fields
}

Compilers is a threadsafe store of Compilers for ConstraintTemplates.

type Driver

type Driver struct {
	// contains filtered or unexported fields
}

Driver is a threadsafe Rego environment for compiling Rego in ConstraintTemplates, registering Constraints, and executing queries.

func New

func New(args ...Arg) (*Driver, error)

New constructs a new Driver and registers the built-in external_data function to OPA.

func (*Driver) AddConstraint

func (d *Driver) AddConstraint(ctx context.Context, constraint *unstructured.Unstructured) error

AddConstraint adds Constraint to Rego storage. Future calls to Query will be evaluated against Constraint if the Constraint's key is passed.

func (*Driver) AddData

func (d *Driver) AddData(ctx context.Context, target string, path storage.Path, data interface{}) error

AddData adds data to Rego storage at data.inventory.path.

func (*Driver) AddTemplate

func (d *Driver) AddTemplate(ctx context.Context, templ *templates.ConstraintTemplate) error

AddTemplate adds templ to Driver. Normalizes modules into usable forms for use in queries.

func (*Driver) Dump

func (d *Driver) Dump(ctx context.Context) (string, error)

func (*Driver) GetDescriptionForStat

func (d *Driver) GetDescriptionForStat(statName string) (string, error)

func (*Driver) Name

func (d *Driver) Name() string

Name returns the name of the driver.

func (*Driver) Query

func (d *Driver) Query(ctx context.Context, target string, constraints []*unstructured.Unstructured, review interface{}, opts ...reviews.ReviewOpt) (*drivers.QueryResponse, error)

func (*Driver) RemoveConstraint

func (d *Driver) RemoveConstraint(ctx context.Context, constraint *unstructured.Unstructured) error

RemoveConstraint removes Constraint from Rego storage. Future calls to Query will not be evaluated against the constraint. Queries which specify the constraint's key will silently not evaluate the Constraint.

func (*Driver) RemoveData

func (d *Driver) RemoveData(ctx context.Context, target string, path storage.Path) error

RemoveData deletes data from Rego storage at data.inventory.path.

func (*Driver) RemoveTemplate

func (d *Driver) RemoveTemplate(ctx context.Context, templ *templates.ConstraintTemplate) error

RemoveTemplate removes all Compilers and Constraints for templ. Returns nil if templ does not exist.