Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

🔌 Plugin: Overview Open Policy Agent Policy #248

Closed
JoThomsen opened this issue Nov 3, 2021 · 15 comments
Closed

🔌 Plugin: Overview Open Policy Agent Policy #248

JoThomsen opened this issue Nov 3, 2021 · 15 comments
Labels
help wanted Extra attention is needed plugin

Comments

@JoThomsen
Copy link

JoThomsen commented Nov 3, 2021

Summary

The Open Policy Agent plugin should provide a tab where you can read the policy (Nice to have syntax highlighting).
The policies should also be indexed so that developers can explicitly search for them.

Context

The Open Policy Agent (OPA) is an open source, general-purpose policy engine that enables unified, context-aware policy enforcement across the entire stack.

https://github.com/open-policy-agent/opa

@JoThomsen JoThomsen changed the title Overview Open Policy Agent Policy [Plugin] Overview Open Policy Agent Policy Nov 3, 2021
@djamaile
Copy link

djamaile commented Nov 4, 2021

This would be really cool! Are you going to develop it?

@JoThomsen
Copy link
Author

I'm not sure yet, maybe together with our colleagues from the SDA SE :)

@egnwd
Copy link

egnwd commented Apr 11, 2022

This seems like something that might play nicely with the tech-insights plugin?

@JoThomsen
Copy link
Author

JoThomsen commented Apr 11, 2022

This seems like something that might play nicely with the tech-insights plugin?

Yes this could also be a good solution. Like a security card or something simular

@arul-opsverse
Copy link

+1 for this plugin. This will be very useful.

@seshank-db
Copy link

+1 for this

@Parsifal-M
Copy link

Hey! definitely +1, have you done any work on this? Would also like to maybe take a shot at it, let me know!

@regicsolutions
Copy link

regicsolutions commented Aug 16, 2023

Came across a React UI that could be converted to a backstage plugin which is documented further Here

image

image

Fugue also does a great job with simplifying the creation and management of new rules, the question-and-answer plugin may be a good starting point.

image

@benjdlambert benjdlambert added the help wanted Extra attention is needed label Aug 17, 2023
@benjdlambert
Copy link
Member

This sounds great, does anyone want to start creating a plugin for this? 🙏

@Parsifal-M
Copy link

This sounds great, does anyone want to start creating a plugin for this? 🙏

I could start looking into this, I am in the process now of actually wrapping up and writing some documentation for a few OPA-related plugins.

  • One will verify entity metadata in a card and display any "violations" (kind of like a nag banner)
  • One is a wrapper that wraps around the permission framework so you can use OPA for permissions
  • One is the backend plugin for the above --^ two

It would be nice to have something like the above, maybe it can also be tied together somehow... I will take some time and check it out!

@freben freben transferred this issue from backstage/backstage Apr 23, 2024
@freben
Copy link
Member

freben commented Apr 23, 2024

@Parsifal-M fyi this got moved over now to the community plugins repo!

@Parsifal-M
Copy link

@Parsifal-M fyi this got moved over now to the community plugins repo!

Awesome thanks @freben! Will post an update on it 👏

@Parsifal-M
Copy link

Hello OPA enthusiasts!

I realised that I did not post any updates on this!

Since way back when... I have been able to make a few cool OPA related plugins that I think if you are using OPA (or even if you are not but want to) would enjoy!

Im sure more will come soon! I am having quite a bit of fun experimenting on adding integrations between the two 👏

@Parsifal-M
Copy link

Parsifal-M commented May 8, 2024

Hello again!

Just a quick update, I am adding another front-end plugin for OPA that will display the policy an entity uses, you can find it here: https://github.com/Parsifal-M/backstage-opa-plugins/tree/feat/opa-policy-front-end (still a bit WIP) but it will look something like this:

image

The tricky part here is that the annotation you add will have to be a URL of the file location (until we can come up with a better solution) because usually you would host OPA as a sidecar/daemon or something so you can't simply fetch the policies via the API from your backstage instance.

Also it could be the case, or more usually I think you would have a repo that contains policies somewhere and not keep the policy file inside the same repo as the component/resource, so its a catch-all type approach 😓

EDIT: One thing that I was sadly not able to use is the CodeSnippet component that Backstage offers because rego does not exist in the Highlight version :(

LMK if you have any better ideas I am keen to collab on this!

Thanks!

@vinzscam
Copy link
Member

Amazing @Parsifal-M! I will close the issue as the plugin has been created. Feel free to suggest improvements directly in https://github.com/Parsifal-M/backstage-opa-plugins

@BethGriggs BethGriggs changed the title [Plugin] Overview Open Policy Agent Policy 🔌 Plugin: Overview Open Policy Agent Policy Sep 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
help wanted Extra attention is needed plugin
Projects
None yet
Development

No branches or pull requests

10 participants