This release contains improvements to monitoring and an assortment of fixes and improvements.
Monitoring
Surface unauthorized request count from OPA HTTP API authz handler via Status API
Currently when OPA's HTTP server rejects requests per
the authz policy,
this is not accounted for via the management APIs.
This change adds that count in the metric registry that is
part of the Status API for more visibility.
Previously in 5732,
we updated the decision log plugin to
surface errors via the Status API. However, in that change
certain events like encoder errors and log drops due to
buffer size limits had no metrics associated with them.
This change adds more metrics for these events so that they
can be surfaced via the Status API.
This change updates the client debug log to include
the full HTTP response in case of non-200 status codes.
Recording the response in the logs can help to provide
more information to debug error scenarios.
Wasm: Add native support for object.union_n built-in function (authored by @Azanul)
Fixes
ast: Properly set the reported location of unused variables in strict-mode errors. (#5662) authored by @boranx
fmt: report wrong arity for built-in functions. (#5646) authored by @Trolloldem
topdown: http.send(): Ensuring intra-query caching consistency. (#5736) authored by @johanfylling
Performance improvements to decision logging.
Specifically, by removing superfluous json encoding roundtrip and double work in AST conversion of to-be-logged events. (authored by @srenatus)
This release contains improvements to monitoring and an assortment of fixes and improvements.
Monitoring
Surface unauthorized request count from OPA HTTP API authz handler via Status API
Currently when OPA's HTTP server rejects requests per
the authz policy,
this is not accounted for via the management APIs.
This change adds that count in the metric registry that is
part of the Status API for more visibility.
Previously in 5732,
we updated the decision log plugin to
surface errors via the Status API. However, in that change
certain events like encoder errors and log drops due to
buffer size limits had no metrics associated with them.
This change adds more metrics for these events so that they
can be surfaced via the Status API.
This change updates the client debug log to include
the full HTTP response in case of non-200 status codes.
Recording the response in the logs can help to provide
more information to debug error scenarios.
Wasm: Add native support for object.union_n built-in function (authored by @Azanul)
Fixes
ast: Properly set the reported location of unused variables in strict-mode errors. (#5662) authored by @boranx
fmt: report wrong arity for built-in functions. (#5646) authored by @Trolloldem
topdown: http.send(): Ensuring intra-query caching consistency. (#5736) authored by @johanfylling
Performance improvements to decision logging.
Specifically, by removing superfluous json encoding roundtrip and double work in AST conversion of to-be-logged events. (authored by @srenatus)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps github.com/open-policy-agent/opa from 0.50.2 to 0.51.0.
Release notes
Sourced from github.com/open-policy-agent/opa's releases.
... (truncated)
Changelog
Sourced from github.com/open-policy-agent/opa's changelog.
... (truncated)
Commits
1f52ea1
Prepare v0.51.0 release (#5804)007a0f2
Update _index.mdc858397
plugins: Surface more decision log errors via status API06a55f6
build(deps): bump github.com/go-logr/logr from 1.2.3 to 1.2.4 (#5800)7abe178
[docs] Fix dashboard height issue (#5799)2d1583e
Add Quali Torque to the ecosystem page (#5794)2b2cb12
[docs] Address anchor linking issue (#5795)fee3563
topdown: http.send(): Ensuring intra-query caching concistency (#5738)9e28c5e
Surface unauthorized response count from OPA API authz handler76e5fda
fmt: report wrong arity for built-in functionsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)