evaluator

package
v0.48.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 3, 2025 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func PolicyVersion 

func PolicyVersion(version string, params EvalParams) string

Types

type CheckOpt 

type CheckOpt func(*CheckOptions)

CheckOpt defines options for engine Check calls.

func WithDefaultPolicyVersion 

func WithDefaultPolicyVersion(defaultPolicyVersion string) CheckOpt

WithDefaultPolicyVersion sets the default policy version for the engine.

func WithGlobals 

func WithGlobals(globals map[string]any) CheckOpt

WithGlobals sets the global variables for the engine.

func WithLenientScopeSearch 

func WithLenientScopeSearch() CheckOpt

WithLenientScopeSearch enables lenient scope search.

func WithNowFunc 

func WithNowFunc(nowFunc func() time.Time) CheckOpt

WithNowFunc sets the function for determining `now` during condition evaluation. The function should return the same timestamp every time it is invoked.

func WithTraceSink 

func WithTraceSink(tracerSink tracer.Sink) CheckOpt

type CheckOptions 

type CheckOptions struct {
	TracerSink tracer.Sink
	EvalParams EvalParams
}

func NewCheckOptions 

func NewCheckOptions(ctx context.Context, conf *Conf, opts ...CheckOpt) *CheckOptions

func (*CheckOptions) DefaultPolicyVersion 

func (co *CheckOptions) DefaultPolicyVersion() string

func (*CheckOptions) Globals 

func (co *CheckOptions) Globals() map[string]any

func (*CheckOptions) LenientScopeSearch 

func (co *CheckOptions) LenientScopeSearch() bool

func (*CheckOptions) NowFunc 

func (co *CheckOptions) NowFunc() func() time.Time

type Conf 

type Conf struct {
	// Globals are environment-specific variables to be made available to policy conditions.
	Globals map[string]any `yaml:"globals" conf:",example={\"environment\": \"staging\"}"`
	// DefaultPolicyVersion defines what version to assume if the request does not specify one.
	DefaultPolicyVersion string `yaml:"defaultPolicyVersion" conf:",example=\"default\""`
	// LenientScopeSearch configures the engine to ignore missing scopes and search upwards through the scope tree until it finds a usable policy.
	LenientScopeSearch bool `yaml:"lenientScopeSearch" conf:",example=false"`
	// PolicyLoaderTimeout is the timeout for loading policies from the policy store.
	PolicyLoaderTimeout time.Duration `yaml:"policyLoaderTimeout" conf:",example=2s"`
	NumWorkers          uint          `yaml:"numWorkers" conf:",ignore"`
}

Conf is optional configuration for engine.

func GetConf 

func GetConf() (*Conf, error)

func (*Conf) Key 

func (c *Conf) Key() string

func (*Conf) SetDefaults 

func (c *Conf) SetDefaults()

func (*Conf) Validate 

func (c *Conf) Validate() error

type EvalParams 

type EvalParams struct {
	Globals              map[string]any
	NowFunc              conditions.NowFunc
	DefaultPolicyVersion string
	LenientScopeSearch   bool
}

type Evaluator 

type Evaluator interface {
	Check(context.Context, []*enginev1.CheckInput, ...CheckOpt) ([]*enginev1.CheckOutput, error)
	Plan(context.Context, *enginev1.PlanResourcesInput, ...CheckOpt) (*enginev1.PlanResourcesOutput, error)
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.