Documentation
¶
Overview ¶
Package yaml parses a Rule from yaml bytes. It is kept separate from the public extension/platform package so that platform stays free of yaml library dependencies -- plugins constructing a Rule in Go code never import yaml, only the file loader does.
This package does **structural** parsing only (yaml syntax + unknown-field rejection). Semantic validation (valid MaxRisk enum, valid identity values, valid doublestar glob syntax) is centralised in internal/cmdpolicy.ValidateRule so a single contract is enforced regardless of whether the Rule came from yaml or from Plugin.Restrict.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Parse ¶
Parse decodes yaml bytes into a *platform.Rule. Unknown fields are rejected so an old binary cannot silently ignore new schema additions (forward-compat safeguard).
Semantic validation (MaxRisk taxonomy, identity values, glob syntax) is the caller's responsibility -- run the result through internal/cmdpolicy.ValidateRule before handing it to the engine.
Types ¶
This section is empty.