search

kubewarden / policy-server

Webhook server that evaluates WebAssembly policies to validate Kubernetes requests
https://kubewarden.io
Apache License 2.0
138 stars 18 forks source link

Abstract the policy downloader to a subcrate #41

Closed ereslibre closed 3 years ago

ereslibre commented 3 years ago

In the spirit of https://github.com/chimera-kube/policy-server/tree/aac1a0ee3382ebb32a15baa090065702693ab5d9/crates, add a new crate that contains the logic of downloading a Wasm module from an OCI artifact, regular HTTP server or from the local filesystem, currently inside the policy-server main crate: https://github.com/chimera-kube/policy-server/tree/aac1a0ee3382ebb32a15baa090065702693ab5d9/src/wasm_fetcher.

This would allow both the policy-server and the policy-testdrive (and optionally other components) consume this crate and allow to pull OCI Wasm artifacts. As an immediate result, users of policy-testdrive don't need to pre-fetch the Wasm module locally: they could just provide a http(s)://, registry:// or file:// scheme to an existing Wasm artifact.

ereslibre commented 3 years ago

Initial work on https://github.com/kubewarden/policy-server/pull/56