-
Notifications
You must be signed in to change notification settings - Fork 35
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix broken caps, add tests to embedded
- Loading branch information
Charles Daniels
committed
Aug 23, 2024
1 parent
5b67ff2
commit 646a37d
Showing
15 changed files
with
135 additions
and
17 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
// This file is copied and modified from: | ||
// | ||
// https://github.com/open-policy-agent/opa/blob/main/ast/capabilities.go | ||
// | ||
// It is made available under the Apache 2 license, which you can view here: | ||
// | ||
// https://github.com/open-policy-agent/opa/blob/main/LICENSE | ||
// | ||
// The original license disclaimer is included below: | ||
// | ||
// Copyright 2021 The OPA Authors. All rights reserved. | ||
// Use of this source code is governed by an Apache2 | ||
// license that can be found in the LICENSE file. | ||
// | ||
// This file and the included helper methods allow Enterprise OPA's | ||
// capabilities files to be consumed as a Go package. This mirrors the way Open | ||
// Policy Agent does thing. | ||
|
||
// Package embedded handles embedding and access JSON files directly included in | ||
// Regal from it's source repository | ||
package embedded | ||
|
||
import ( | ||
"bytes" | ||
"embed" | ||
"fmt" | ||
"strings" | ||
|
||
"github.com/open-policy-agent/opa/ast" | ||
) | ||
|
||
//go:embed */*.json | ||
var FS embed.FS | ||
|
||
// LoadCapabilitiesVersion loads a JSON serialized capabilities structure from the specific version. | ||
func LoadCapabilitiesVersion(engine, version string) (*ast.Capabilities, error) { | ||
cvs, err := LoadCapabilitiesVersions(engine) | ||
if err != nil { | ||
return nil, err | ||
} | ||
|
||
for _, cv := range cvs { | ||
if cv == version { | ||
cont, err := FS.ReadFile("eopa/" + cv + ".json") | ||
if err != nil { | ||
return nil, err | ||
} | ||
|
||
return ast.LoadCapabilitiesJSON(bytes.NewReader(cont)) | ||
} | ||
|
||
} | ||
return nil, fmt.Errorf("(Regal embedded %s capabilities library) no capabilities version found %v", engine, version) | ||
} | ||
|
||
// LoadCapabilitiesVersions loads all capabilities versions | ||
func LoadCapabilitiesVersions(engine string) ([]string, error) { | ||
ents, err := FS.ReadDir(engine) | ||
if err != nil { | ||
return nil, err | ||
} | ||
|
||
capabilitiesVersions := make([]string, 0, len(ents)) | ||
for _, ent := range ents { | ||
capabilitiesVersions = append(capabilitiesVersions, strings.Replace(ent.Name(), ".json", "", 1)) | ||
} | ||
return capabilitiesVersions, nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
package embedded | ||
|
||
import "testing" | ||
|
||
func TestEmbeddedEOPA(t *testing.T) { | ||
// As of 2024-08-23, there are 57 capabilities files in the EOPA repo. | ||
// It follows that there should never be less than 54 valid | ||
// capabilities in the embedded database. This is really just a sanity | ||
// check to ensure the JSON files didn't get misplaced or something to | ||
// that effect. | ||
// | ||
// This also ensures that all of the embedded capabilities files are | ||
// valid JSON we can successfully marshal into *ast.Capabilities. | ||
|
||
versions, err := LoadCapabilitiesVersions("eopa") | ||
if err != nil { | ||
t.Fatal(err) | ||
} | ||
|
||
if len(versions) < 54 { | ||
t.Errorf("Expected at least 54 EOPA capabilities in the embedded database") | ||
} | ||
|
||
for _, v := range versions { | ||
caps, err := LoadCapabilitiesVersion("eopa", v) | ||
|
||
if err != nil { | ||
t.Errorf("error with eopa capabilities version %s: %v", v, err) | ||
} | ||
|
||
if len(caps.Builtins) < 1 { | ||
t.Errorf("eopa capabilities version %s has no builtins", v) | ||
} | ||
} | ||
|
||
} |
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.