search

infobloxopen / seal

Apache License 2.0
16 stars 11 forks source link

added minimal examples/products for simplest troubleshooting #118

Closed wplu closed 3 years ago

wplu commented 3 years ago

DEMO:

~/src/github.com/infobloxopen/seal
# wlu@rm-ml-wlu: make products
./seal compile \
        -s docs/source/examples/products/products.all.swagger \
        -f docs/source/examples/products/products.all.seal \
        > docs/source/examples/products/products.all.rego.compiled
INFO[0000] logging level                                 logging.level=info
cat docs/source/examples/products/products.all.rego.compiled

package products.all
default allow = false
default deny = false
allow {
    seal_list_contains(seal_subject.groups, `everyone`)
    input.verb == `inspect`
    re_match(`products.inventory`, input.type)
}

# rego functions defined by seal

# Helper to get the token payload.
seal_subject = payload {
    [header, payload, signature] := io.jwt.decode(input.jwt)
}

# seal_list_contains returns true if elem exists in list
seal_list_contains(list, elem) {
    list[_] = elem
}

cp docs/source/examples/products/products.all.rego.compiled docs/source/examples/products/products.all.rego
# beware that check-rego.sh reformats the compiled rego files...
./docs/source/examples/check-rego.sh docs/source/examples/products
+ IMAGE=openpolicyagent/opa:latest
+ [[ -z docs/source/examples/products ]]
+ [[ ! -d docs/source/examples/products ]]
++ cd docs/source/examples/products
++ /bin/pwd
+ TOP=/Users/wlu/src/github.com/infobloxopen/seal/docs/source/examples/products
+ cd /Users/wlu/src/github.com/infobloxopen/seal/docs/source/examples/products
+ docker run -v /Users/wlu/src/github.com/infobloxopen/seal/docs/source/examples/products:/data -w /data openpolicyagent/opa:latest fmt -w .
+ case "$(basename $0)" in
++ basename ./docs/source/examples/check-rego.sh
+ docker run --rm -v /Users/wlu/src/github.com/infobloxopen/seal/docs/source/examples/products:/data -w /data openpolicyagent/opa:latest test -v products.all.rego products.all.test.rego products.all.mock.json
data.products.all.test_inspect: PASS (1.0705ms)
data.products.all.test_inspect_negative: PASS (570.8µs)
--------------------------------------------------------------------------------
PASS: 2/2
+ git diff --exit-code products.all.rego products.all.test.rego
git diff --exit-code docs/source/examples/products
### products example passed REGO OPA tests