Documentation ¶
Index ¶
- Constants
- Variables
- func Escape(ident string) (string, bool)
- func FieldTypeMap(path string, t *DeclType) map[string]*DeclType
- func Unescape(escaped string) (string, bool)
- type DeclField
- type DeclType
- func NewListType(elem *DeclType, maxItems int64) *DeclType
- func NewMapType(key, elem *DeclType, maxProperties int64) *DeclType
- func NewObjectType(name string, fields map[string]*DeclField) *DeclType
- func NewSimpleTypeWithMinSize(name string, celType *cel.Type, zeroVal ref.Val, minSize int64) *DeclType
- func (t *DeclType) CelType() *cel.Type
- func (t *DeclType) DefaultValue() ref.Val
- func (t *DeclType) ExprType() (*exprpb.Type, error)
- func (t *DeclType) FindField(name string) (*DeclField, bool)
- func (t *DeclType) HasTrait(trait int) bool
- func (t *DeclType) IsList() bool
- func (t *DeclType) IsMap() bool
- func (t *DeclType) IsObject() bool
- func (t *DeclType) MaybeAssignTypeName(name string) *DeclType
- func (t *DeclType) String() string
- func (t *DeclType) TypeName() string
- type DynValue
- func (dv *DynValue) ConvertToNative(typeDesc reflect.Type) (interface{}, error)
- func (dv *DynValue) DeclType() *DeclType
- func (dv *DynValue) Equal(other ref.Val) ref.Val
- func (dv *DynValue) ExprValue() ref.Val
- func (dv *DynValue) SetValue(value interface{}) error
- func (dv *DynValue) Type() ref.Type
- func (dv *DynValue) Value() interface{}
- type EncodeStyle
- type Error
- type ErrorType
- type Field
- type ListValue
- func (lv *ListValue) Add(other ref.Val) ref.Val
- func (lv *ListValue) Append(entry *DynValue)
- func (lv *ListValue) Contains(val ref.Val) ref.Val
- func (lv *ListValue) ConvertToNative(typeDesc reflect.Type) (interface{}, error)
- func (lv *ListValue) ConvertToType(t ref.Type) ref.Val
- func (lv *ListValue) Equal(other ref.Val) ref.Val
- func (lv *ListValue) Get(idx ref.Val) ref.Val
- func (lv *ListValue) Iterator() traits.Iterator
- func (lv *ListValue) Size() ref.Val
- func (lv *ListValue) Type() ref.Type
- func (lv *ListValue) Value() interface{}
- type MapValue
- func (sv MapValue) AddField(field *Field)
- func (m *MapValue) Contains(key ref.Val) ref.Val
- func (sv MapValue) ConvertToNative(typeDesc reflect.Type) (interface{}, error)
- func (m *MapValue) ConvertToObject(declType *DeclType) *ObjectValue
- func (m *MapValue) ConvertToType(t ref.Type) ref.Val
- func (m *MapValue) Equal(other ref.Val) ref.Val
- func (m *MapValue) Find(name ref.Val) (ref.Val, bool)
- func (m *MapValue) Get(key ref.Val) ref.Val
- func (sv MapValue) GetField(name string) (*Field, bool)
- func (sv MapValue) IsSet(key ref.Val) ref.Val
- func (m *MapValue) Iterator() traits.Iterator
- func (m *MapValue) Size() ref.Val
- func (m *MapValue) Type() ref.Type
- func (m *MapValue) Value() interface{}
- type MultilineStringValue
- type ObjectValue
- func (sv ObjectValue) AddField(field *Field)
- func (sv ObjectValue) ConvertToNative(typeDesc reflect.Type) (interface{}, error)
- func (o *ObjectValue) ConvertToType(t ref.Type) ref.Val
- func (o *ObjectValue) Equal(other ref.Val) ref.Val
- func (o *ObjectValue) Get(name ref.Val) ref.Val
- func (sv ObjectValue) GetField(name string) (*Field, bool)
- func (sv ObjectValue) IsSet(key ref.Val) ref.Val
- func (o *ObjectValue) Type() ref.Type
- func (o *ObjectValue) Value() interface{}
- type PlainTextValue
- type Registry
- type Resolver
- type RuleTypes
- func (rt *RuleTypes) EnvOptions(tp ref.TypeProvider) ([]cel.EnvOption, error)
- func (rt *RuleTypes) FindDeclType(typeName string) (*DeclType, bool)
- func (rt *RuleTypes) FindFieldType(typeName, fieldName string) (*ref.FieldType, bool)
- func (rt *RuleTypes) FindType(typeName string) (*exprpb.Type, bool)
- func (rt *RuleTypes) NativeToValue(val interface{}) ref.Val
- func (rt *RuleTypes) TypeNames() []string
- type URL
Constants ¶
const ( // DefaultMaxRequestSizeBytes is the size of the largest request that will be accepted DefaultMaxRequestSizeBytes = int64(3 * 1024 * 1024) // MaxDurationSizeJSON // OpenAPI duration strings follow RFC 3339, section 5.6 - see the comment on maxDatetimeSizeJSON MaxDurationSizeJSON = 32 // MaxDatetimeSizeJSON // OpenAPI datetime strings follow RFC 3339, section 5.6, and the longest possible // such string is 9999-12-31T23:59:59.999999999Z, which has length 30 - we add 2 // to allow for quotation marks MaxDatetimeSizeJSON = 32 // MinDurationSizeJSON // Golang allows a string of 0 to be parsed as a duration, so that plus 2 to account for // quotation marks makes 3 MinDurationSizeJSON = 3 // JSONDateSize is the size of a date serialized as part of a JSON object // RFC 3339 dates require YYYY-MM-DD, and then we add 2 to allow for quotation marks JSONDateSize = 12 // MinDatetimeSizeJSON is the minimal length of a datetime formatted as RFC 3339 // RFC 3339 datetimes require a full date (YYYY-MM-DD) and full time (HH:MM:SS), and we add 3 for // quotation marks like always in addition to the capital T that separates the date and time MinDatetimeSizeJSON = 21 // MinStringSize is the size of literal "" MinStringSize = 2 // MinBoolSize is the length of literal true MinBoolSize = 4 // MinNumberSize is the length of literal 0 MinNumberSize = 1 )
Variables ¶
var ( // AnyType is equivalent to the CEL 'protobuf.Any' type in that the value may have any of the // types supported. AnyType = NewSimpleTypeWithMinSize("any", cel.AnyType, nil, 1) // BoolType is equivalent to the CEL 'bool' type. BoolType = NewSimpleTypeWithMinSize("bool", cel.BoolType, types.False, MinBoolSize) // BytesType is equivalent to the CEL 'bytes' type. BytesType = NewSimpleTypeWithMinSize("bytes", cel.BytesType, types.Bytes([]byte{}), MinStringSize) // DoubleType is equivalent to the CEL 'double' type which is a 64-bit floating point value. DoubleType = NewSimpleTypeWithMinSize("double", cel.DoubleType, types.Double(0), MinNumberSize) // DurationType is equivalent to the CEL 'duration' type. DurationType = NewSimpleTypeWithMinSize("duration", cel.DurationType, types.Duration{Duration: time.Duration(0)}, MinDurationSizeJSON) // DateType is equivalent to the CEL 'date' type. DateType = NewSimpleTypeWithMinSize("date", cel.TimestampType, types.Timestamp{Time: time.Time{}}, JSONDateSize) // DynType is the equivalent of the CEL 'dyn' concept which indicates that the type will be // determined at runtime rather than compile time. DynType = NewSimpleTypeWithMinSize("dyn", cel.DynType, nil, 1) // IntType is equivalent to the CEL 'int' type which is a 64-bit signed int. IntType = NewSimpleTypeWithMinSize("int", cel.IntType, types.IntZero, MinNumberSize) // NullType is equivalent to the CEL 'null_type'. NullType = NewSimpleTypeWithMinSize("null_type", cel.NullType, types.NullValue, 4) // StringType is equivalent to the CEL 'string' type which is expected to be a UTF-8 string. // StringType values may either be string literals or expression strings. StringType = NewSimpleTypeWithMinSize("string", cel.StringType, types.String(""), MinStringSize) // TimestampType corresponds to the well-known protobuf.Timestamp type supported within CEL. // Note that both the OpenAPI date and date-time types map onto TimestampType, so not all types // labeled as Timestamp will necessarily have the same MinSerializedSize. TimestampType = NewSimpleTypeWithMinSize("timestamp", cel.TimestampType, types.Timestamp{Time: time.Time{}}, JSONDateSize) // UintType is equivalent to the CEL 'uint' type. UintType = NewSimpleTypeWithMinSize("uint", cel.UintType, types.Uint(0), 1) // ListType is equivalent to the CEL 'list' type. ListType = NewListType(AnyType, noMaxLength) // MapType is equivalent to the CEL 'map' type. MapType = NewMapType(AnyType, AnyType, noMaxLength) )
var ( URLObject = decls.NewObjectType("kubernetes.URL") URLType = cel.ObjectType("kubernetes.URL") )
Functions ¶
func Escape ¶
Escape escapes ident and returns a CEL identifier (of the form '[a-zA-Z_][a-zA-Z0-9_]*'), or returns false if the ident does not match the supported input format of `[a-zA-Z_.-/][a-zA-Z0-9_.-/]*`. Escaping Rules:
- '__' escapes to '__underscores__'
- '.' escapes to '__dot__'
- '-' escapes to '__dash__'
- '/' escapes to '__slash__'
- Identifiers that exactly match a CEL RESERVED keyword escape to '__{keyword}__'. The keywords are: "true", "false", "null", "in", "as", "break", "const", "continue", "else", "for", "function", "if", "import", "let", loop", "package", "namespace", "return".
func FieldTypeMap ¶
FieldTypeMap constructs a map of the field and object types nested within a given type.
Types ¶
type DeclField ¶
type DeclField struct { Name string Type *DeclType Required bool // contains filtered or unexported fields }
DeclField describes the name, ordinal, and optionality of a field declaration within a type.
func NewDeclField ¶
func (*DeclField) DefaultValue ¶
DefaultValue returns the zero value associated with the field.
func (*DeclField) EnumValues ¶
EnumValues returns the set of values that this field may take.
type DeclType ¶
type DeclType struct { fmt.Stringer // Fields contains a map of escaped CEL identifier field names to field declarations. Fields map[string]*DeclField KeyType *DeclType ElemType *DeclType TypeParam bool Metadata map[string]string MaxElements int64 // MinSerializedSize represents the smallest possible size in bytes that // the DeclType could be serialized to in JSON. MinSerializedSize int64 // contains filtered or unexported fields }
DeclType represents the universal type descriptor for OpenAPIv3 types.
func NewListType ¶
NewListType returns a parameterized list type with a specified element type.
func NewMapType ¶
NewMapType returns a parameterized map type with the given key and element types.
func NewObjectType ¶
NewObjectType creates an object type with a qualified name and a set of field declarations.
func (*DeclType) DefaultValue ¶
DefaultValue returns the CEL ref.Val representing the default value for this object type, if one exists.
func (*DeclType) HasTrait ¶
HasTrait implements the CEL ref.Type interface making this type declaration suitable for use within the CEL evaluator.
func (*DeclType) IsList ¶
IsList returns whether the declaration is a `list` type which defines a parameterized element type, but not a parameterized key type or fields.
func (*DeclType) IsMap ¶
IsMap returns whether the declaration is a 'map' type which defines parameterized key and element types, but not fields.
func (*DeclType) IsObject ¶
IsObject returns whether the declartion is an 'object' type which defined a set of typed fields.
func (*DeclType) MaybeAssignTypeName ¶
MaybeAssignTypeName attempts to set the DeclType name to a fully qualified name, if the type is of `object` type.
The DeclType must return true for `IsObject` or this assignment will error.
type DynValue ¶
type DynValue struct { ID int64 EncodeStyle EncodeStyle // contains filtered or unexported fields }
DynValue is a dynamically typed value used to describe unstructured content. Whether the value has the desired type is determined by where it is used within the Instance or Template, and whether there are schemas which might enforce a more rigid type definition.
func NewDynValue ¶
NewDynValue returns a DynValue that corresponds to a parse node id and value.
func NewEmptyDynValue ¶
func NewEmptyDynValue() *DynValue
NewEmptyDynValue returns the zero-valued DynValue.
func (*DynValue) ConvertToNative ¶
ConvertToNative is an implementation of the CEL ref.Val method used to adapt between CEL types and Go-native types.
The default behavior of this method is to first convert to a CEL type which has a well-defined set of conversion behaviors and proxy to the CEL ConvertToNative method for the type.
type EncodeStyle ¶
type EncodeStyle int
EncodeStyle is a hint for string encoding of parsed values.
const ( // BlockValueStyle is the default string encoding which preserves whitespace and newlines. BlockValueStyle EncodeStyle = iota // FlowValueStyle indicates that the string is an inline representation of complex types. FlowValueStyle // FoldedValueStyle is a multiline string with whitespace and newlines trimmed to a single // a whitespace. Repeated newlines are replaced with a single newline rather than a single // whitespace. FoldedValueStyle // LiteralStyle is a multiline string that preserves newlines, but trims all other whitespace // to a single character. LiteralStyle )
type Error ¶
Error is an implementation of the 'error' interface, which represents a XValidation error.
type ErrorType ¶
type ErrorType string
ErrorType is a machine readable value providing more detail about why a XValidation is invalid.
const ( // ErrorTypeRequired is used to report withNullable values that are not // provided (e.g. empty strings, null values, or empty arrays). See // Required(). ErrorTypeRequired ErrorType = "RuleRequired" // ErrorTypeInvalid is used to report malformed values ErrorTypeInvalid ErrorType = "RuleInvalid" // ErrorTypeInternal is used to report other errors that are not related // to user input. See InternalError(). ErrorTypeInternal ErrorType = "InternalError" )
type ListValue ¶
type ListValue struct { Entries []*DynValue // contains filtered or unexported fields }
ListValue contains a list of dynamically typed entries.
func NewListValue ¶
func NewListValue() *ListValue
NewListValue returns an empty ListValue instance.
func (*ListValue) Contains ¶
Contains returns whether the input `val` is equal to an element in the list.
If any pair-wise comparison between the input value and the list element is an error, the operation will return an error.
func (*ListValue) ConvertToNative ¶
ConvertToNative is an implementation of the CEL ref.Val method used to adapt between CEL types and Go-native array-like types.
func (*ListValue) ConvertToType ¶
ConvertToType converts the ListValue to another CEL type.
func (*ListValue) Equal ¶
Equal returns true if two lists are of the same size, and the values at each index are also equal.
func (*ListValue) Get ¶
Get returns the value at the given index.
If the index is negative or greater than the size of the list, an error is returned.
func (*ListValue) Iterator ¶
Iterator produces a traits.Iterator suitable for use in CEL comprehension macros.
type MapValue ¶
type MapValue struct {
// contains filtered or unexported fields
}
MapValue declares an object with a set of named fields whose values are dynamically typed.
func (MapValue) AddField ¶
func (sv MapValue) AddField(field *Field)
AddField appends a MapField to the MapValue and indexes the field by name.
func (MapValue) ConvertToNative ¶
ConvertToNative converts the MapValue type to a native go types.
func (*MapValue) ConvertToObject ¶
func (m *MapValue) ConvertToObject(declType *DeclType) *ObjectValue
ConvertToObject produces an ObjectValue from the MapValue with the associated schema type.
The conversion is shallow and the memory shared between the Object and Map as all references to the map are expected to be replaced with the Object reference.
func (*MapValue) ConvertToType ¶
ConvertToType converts the MapValue to another CEL type, if possible.
func (*MapValue) Equal ¶
Equal returns true if the maps are of the same size, have the same keys, and the key-values from each map are equal.
func (*MapValue) Iterator ¶
Iterator produces a traits.Iterator which walks over the map keys.
The Iterator is frequently used within comprehensions.
type MultilineStringValue ¶
MultilineStringValue is a multiline string value which has been parsed in a way which omits whitespace as well as a raw form which preserves whitespace.
type ObjectValue ¶
type ObjectValue struct {
// contains filtered or unexported fields
}
ObjectValue is a struct with a custom schema type which indicates the fields and types associated with the structure.
func NewObjectValue ¶
func NewObjectValue(sType *DeclType) *ObjectValue
NewObjectValue creates a struct value with a schema type and returns the empty ObjectValue.
func (ObjectValue) AddField ¶
func (sv ObjectValue) AddField(field *Field)
AddField appends a MapField to the MapValue and indexes the field by name.
func (ObjectValue) ConvertToNative ¶
ConvertToNative converts the MapValue type to a native go types.
func (*ObjectValue) ConvertToType ¶
func (o *ObjectValue) ConvertToType(t ref.Type) ref.Val
ConvertToType is an implementation of the CEL ref.Val interface method.
func (*ObjectValue) Equal ¶
func (o *ObjectValue) Equal(other ref.Val) ref.Val
Equal returns true if the two object types are equal and their field values are equal.
func (*ObjectValue) Get ¶
func (o *ObjectValue) Get(name ref.Val) ref.Val
Get returns the value of the specified field.
If the field is set, its value is returned. If the field is not set, the default value for the field is returned thus allowing for safe-traversal and preserving proto-like field traversal semantics for Open API Schema backed types.
func (ObjectValue) IsSet ¶
IsSet returns whether the given field, which is defined, has also been set.
func (*ObjectValue) Type ¶
func (o *ObjectValue) Type() ref.Type
Type returns the CEL type value of the object.
func (*ObjectValue) Value ¶
func (o *ObjectValue) Value() interface{}
Value returns the Go-native representation of the object.
type PlainTextValue ¶
type PlainTextValue string
PlainTextValue is a text string literal which must not be treated as an expression.
type Registry ¶
type Registry struct {
// contains filtered or unexported fields
}
Registry defines a repository of environment, schema, template, and type definitions.
Registry instances are concurrency-safe.
func NewRegistry ¶
NewRegistry create a registry for keeping track of environments and types from a base cel.Env expression environment.
type Resolver ¶
type Resolver interface { // FindType returns a DeclType instance corresponding to the given fully-qualified name, if // present. FindType(name string) (*DeclType, bool) }
Resolver declares methods to find policy templates and related configuration objects.
type RuleTypes ¶
type RuleTypes struct { ref.TypeProvider // contains filtered or unexported fields }
RuleTypes extends the CEL ref.TypeProvider interface and provides an Open API Schema-based type-system.
func NewRuleTypes ¶
NewRuleTypes returns an Open API Schema-based type-system which is CEL compatible.
func (*RuleTypes) EnvOptions ¶
EnvOptions returns a set of cel.EnvOption values which includes the declaration set as well as a custom ref.TypeProvider.
Note, the standard declaration set includes 'rule' which is defined as the top-level rule-schema type if one is configured.
If the RuleTypes value is nil, an empty []cel.EnvOption set is returned.
func (*RuleTypes) FindDeclType ¶
FindDeclType returns the CPT type description which can be mapped to a CEL type.
func (*RuleTypes) FindFieldType ¶
FindFieldType returns a field type given a type name and field name, if found.
Note, the type name for an Open API Schema type is likely to be its qualified object path. If, in the future an object instance rather than a type name were provided, the field resolution might more accurately reflect the expected type model. However, in this case concessions were made to align with the existing CEL interfaces.
func (*RuleTypes) FindType ¶
FindType attempts to resolve the typeName provided from the rule's rule-schema, or if not from the embedded ref.TypeProvider.
FindType overrides the default type-finding behavior of the embedded TypeProvider.
Note, when the type name is based on the Open API Schema, the name will reflect the object path where the type definition appears.
func (*RuleTypes) NativeToValue ¶
NativeToValue is an implementation of the ref.TypeAdapater interface which supports conversion of rule values to CEL ref.Val instances.
type URL ¶
URL provides a CEL representation of a URL.
func (URL) ConvertToNative ¶
ConvertToNative implements ref.Val.ConvertToNative.
func (URL) ConvertToType ¶
ConvertToType implements ref.Val.ConvertToType.