package regopolicyinterpreter
import "github.com/Microsoft/hcsshim/internal/regopolicyinterpreter"
Index ¶
- func ModuleID(issuer string, feed string) string
- type LogLevel
- type RegoModule
- type RegoPolicyInterpreter
- func NewRegoPolicyInterpreter(code string, inputData map[string]interface{}) (*RegoPolicyInterpreter, error)
- func (r *RegoPolicyInterpreter) AddModule(id string, module *RegoModule)
- func (r *RegoPolicyInterpreter) Compile() error
- func (r *RegoPolicyInterpreter) DisableLogging() error
- func (r *RegoPolicyInterpreter) EnableLogging(path string, level LogLevel) error
- func (r *RegoPolicyInterpreter) GetData(key string) (interface{}, error)
- func (r *RegoPolicyInterpreter) GetMetadata(name string, key string) (interface{}, error)
- func (r *RegoPolicyInterpreter) IsModuleActive(id string) bool
- func (r *RegoPolicyInterpreter) Query(rule string, input map[string]interface{}) (RegoQueryResult, error)
- func (r *RegoPolicyInterpreter) RawQuery(rule string, input map[string]interface{}) (rego.ResultSet, error)
- func (r *RegoPolicyInterpreter) RemoveModule(id string)
- func (r *RegoPolicyInterpreter) SetLogLevel(level LogLevel)
- func (r *RegoPolicyInterpreter) UpdateData(key string, value interface{}) error
- type RegoQueryResult
- func (r RegoQueryResult) Bool(key string) (bool, error)
- func (r RegoQueryResult) Float(key string) (float64, error)
- func (r RegoQueryResult) Int(key string) (int, error)
- func (r RegoQueryResult) IsEmpty() bool
- func (r RegoQueryResult) Object(key string) (map[string]interface{}, error)
- func (r RegoQueryResult) String(key string) (string, error)
- func (r RegoQueryResult) Union(other RegoQueryResult) RegoQueryResult
- func (r RegoQueryResult) Value(key string) (interface{}, error)
Functions ¶
func ModuleID ¶
ModuleID computes a unique ID for a Module from its issuer and feed.
Types ¶
type LogLevel ¶
type LogLevel int
const ( LogNone LogLevel = iota // Logs the output of Rego print() statements in the policy LogInfo // Logs the result objects returned from each query LogResults // Logs the full metadata state after each query LogMetadata )
type RegoModule ¶
type RegoModule struct { // The Rego namespace of the module Namespace string // The feed from which the module was obtained Feed string // The issuer of the module Issuer string // The module Rego code Code string }
func (RegoModule) ID ¶
func (f RegoModule) ID() string
ID is the unique ID of a module.
type RegoPolicyInterpreter ¶
type RegoPolicyInterpreter struct {
// contains filtered or unexported fields
}
func NewRegoPolicyInterpreter ¶
func NewRegoPolicyInterpreter(code string, inputData map[string]interface{}) (*RegoPolicyInterpreter, error)
NewRegoPolicyInterpreter creates a new RegoPolicyInterpreter, using the code provided. inputData is the Rego data which should be used as the initial state of the interpreter. A deep copy is performed on it such that it will not be modified.
func (*RegoPolicyInterpreter) AddModule ¶
func (r *RegoPolicyInterpreter) AddModule(id string, module *RegoModule)
AddModule adds the specified module to the interpreter such that it will be loaded along with the policy during query execution. The provided id should be used to refer to it for other methods. This will also invalidate the compliation artifact (i.e. Compile must be called again)
func (*RegoPolicyInterpreter) Compile ¶
func (r *RegoPolicyInterpreter) Compile() error
Compile compiles the policy and its modules. This will increase the speed of policy execution.
func (*RegoPolicyInterpreter) DisableLogging ¶
func (r *RegoPolicyInterpreter) DisableLogging() error
DisableLogging disables logging and closes the underlying log file.
func (*RegoPolicyInterpreter) EnableLogging ¶
func (r *RegoPolicyInterpreter) EnableLogging(path string, level LogLevel) error
EnableLogging enables logging to the provided path at the specified level.
func (*RegoPolicyInterpreter) GetData ¶
func (r *RegoPolicyInterpreter) GetData(key string) (interface{}, error)
GetData attempts to retrieve and return a copy of the data value with the specified key.
func (*RegoPolicyInterpreter) GetMetadata ¶
func (r *RegoPolicyInterpreter) GetMetadata(name string, key string) (interface{}, error)
GetMetadata retrieves a copy of a single metadata item from the policy.
func (*RegoPolicyInterpreter) IsModuleActive ¶
func (r *RegoPolicyInterpreter) IsModuleActive(id string) bool
IsModuleActive returns whether the specified module is currently active, i.e. being loaded along with the policy.
func (*RegoPolicyInterpreter) Query ¶
func (r *RegoPolicyInterpreter) Query(rule string, input map[string]interface{}) (RegoQueryResult, error)
Query queries the policy with the given rule and input data and returns the result.
func (*RegoPolicyInterpreter) RawQuery ¶
func (r *RegoPolicyInterpreter) RawQuery(rule string, input map[string]interface{}) (rego.ResultSet, error)
func (*RegoPolicyInterpreter) RemoveModule ¶
func (r *RegoPolicyInterpreter) RemoveModule(id string)
RemoveModule removes the specified module such that it will no longer be loaded. This will also invalidate the compliation artifact (i.e. Compile must be called again)
func (*RegoPolicyInterpreter) SetLogLevel ¶
func (r *RegoPolicyInterpreter) SetLogLevel(level LogLevel)
SetLogLevel sets the logging level. To actually produce a log, however, EnableLogging must be called first.
func (*RegoPolicyInterpreter) UpdateData ¶
func (r *RegoPolicyInterpreter) UpdateData(key string, value interface{}) error
UpdateData will perform an update to a value which is already within the data A deep copy will be performed on the value.
type RegoQueryResult ¶
type RegoQueryResult map[string]interface{}
The result from a policy query
func (RegoQueryResult) Bool ¶
func (r RegoQueryResult) Bool(key string) (bool, error)
Bool attempts to interpret a result value as a boolean.
func (RegoQueryResult) Float ¶
func (r RegoQueryResult) Float(key string) (float64, error)
Float attempts to interpret the result value as a floating point number.
func (RegoQueryResult) Int ¶
func (r RegoQueryResult) Int(key string) (int, error)
Int attempts to interpret the result value as an integer.
func (RegoQueryResult) IsEmpty ¶
func (r RegoQueryResult) IsEmpty() bool
IsEmpty tests if the query result is empty.
func (RegoQueryResult) Object ¶
func (r RegoQueryResult) Object(key string) (map[string]interface{}, error)
Object attempts to interpret the result value as an object
func (RegoQueryResult) String ¶
func (r RegoQueryResult) String(key string) (string, error)
String attempts to interpret the result value as a string.
func (RegoQueryResult) Union ¶
func (r RegoQueryResult) Union(other RegoQueryResult) RegoQueryResult
Union creates a new result object which is the union of this result with another result, in which the results of the other will take precedence.
func (RegoQueryResult) Value ¶
func (r RegoQueryResult) Value(key string) (interface{}, error)
Value returns the raw value from a Rego query result.
Source Files ¶
- Version
- v0.12.9 (latest)
- Published
- Oct 30, 2024
- Platform
- linux/amd64
- Imports
- 13 packages
- Last checked
- 14 hours ago –
Tools for package owners.