Documentation ¶
Index ¶
- Constants
- type Cache
- type Metadata
- type RegoCache
- type Service
- func (s *Service) Evaluate(ctx context.Context, req *policy.EvaluateRequest) (*policy.EvaluateResult, error)
- func (s *Service) ExportBundle(ctx context.Context, req *policy.ExportBundleRequest) (*policy.ExportBundleResult, io.ReadCloser, error)
- func (s *Service) ImportBundle(ctx context.Context, _ *policy.ImportBundlePayload, payload io.ReadCloser) (any, error)
- func (s *Service) ListPolicies(ctx context.Context, req *policy.PoliciesRequest) (*policy.PoliciesResult, error)
- func (s *Service) Lock(ctx context.Context, req *policy.LockRequest) error
- func (s *Service) PolicyPublicKey(ctx context.Context, req *policy.PolicyPublicKeyRequest) (any, error)
- func (s *Service) SubscribeForPolicyChange(ctx context.Context, req *policy.SubscribeRequest) (any, error)
- func (s *Service) Unlock(ctx context.Context, req *policy.UnlockRequest) error
- func (s *Service) Validate(ctx context.Context, req *policy.EvaluateRequest) (*policy.EvaluateResult, error)
- type Signer
- type Storage
- type ZipFile
Constants ¶
const ( BundleFilename = "policy_bundle.zip" BundleSignatureFilename = "signature.raw" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
func (*Service) Evaluate ¶
func (s *Service) Evaluate(ctx context.Context, req *policy.EvaluateRequest) (*policy.EvaluateResult, error)
Evaluate executes a policy with the given input.
Note: The policy must follow strict conventions so that such generic evaluation function could work: package declaration inside the policy must be exactly the same as 'group.policy'. For example: Evaluating the URL: `.../policies/mygroup/example/1.0/evaluation` will return results correctly, only if the package declaration inside the policy is: `package mygroup.example`.
func (*Service) ExportBundle ¶
func (s *Service) ExportBundle(ctx context.Context, req *policy.ExportBundleRequest) (*policy.ExportBundleResult, io.ReadCloser, error)
func (*Service) ImportBundle ¶
func (s *Service) ImportBundle(ctx context.Context, _ *policy.ImportBundlePayload, payload io.ReadCloser) (any, error)
ImportBundle imports a signed policy bundle.
func (*Service) ListPolicies ¶
func (s *Service) ListPolicies(ctx context.Context, req *policy.PoliciesRequest) (*policy.PoliciesResult, error)
func (*Service) PolicyPublicKey ¶
func (s *Service) PolicyPublicKey(ctx context.Context, req *policy.PolicyPublicKeyRequest) (any, error)
PolicyPublicKey returns the public key in JWK format which must be used to verify a signed policy bundle.
func (*Service) SubscribeForPolicyChange ¶
func (*Service) Validate ¶
func (s *Service) Validate(ctx context.Context, req *policy.EvaluateRequest) (*policy.EvaluateResult, error)
Validate executes a policy with given input and then validates the output against a predefined JSON schema.
type Storage ¶
type Storage interface { Policy(ctx context.Context, repository, group, name, version string) (*storage.Policy, error) SavePolicy(ctx context.Context, policy *storage.Policy) error SetPolicyLock(ctx context.Context, repository, group, name, version string, lock bool) error GetPolicies(ctx context.Context, locked *bool) ([]*storage.Policy, error) AddPolicyChangeSubscribers(subscribers ...storage.PolicyChangeSubscriber) ListenPolicyDataChanges(ctx context.Context) error CreateSubscriber(ctx context.Context, subscriber *storage.Subscriber) (*storage.Subscriber, error) Close(ctx context.Context) GetData(ctx context.Context, key string) (any, error) SetData(ctx context.Context, key string, data map[string]interface{}) error DeleteData(ctx context.Context, key string) error }
Directories ¶
Path | Synopsis |
---|---|
policydatafakes
Code generated by counterfeiter.
|
Code generated by counterfeiter. |
Code generated by counterfeiter.
|
Code generated by counterfeiter. |