Publication to PyPI

[fcollonval]

Hey this project looks awesome. I'm in particular interested in the Python binding and saw you already have a workflow to publish the package to PyPI. What would be missing to initiate such publication? May I help in anyway?

[anakrish]

Hey @fcollonval, Thanks for your interest in the project and offering to help.

What would be missing to initiate such publication?

Publishing packages from the Microsoft org requires onboarding onto the internal Microsoft publishing pipelines. The packages to be published are subject to a variety of security checks before being published. We currently don't have the bandwidth to onboard to the publishing pipelines.

May I help in anyway?

Sharing your use case would be helpful in making a case for allocating resources to onboard to the publishing pipelines.

[fcollonval]

Thanks for reaching out @anakrish

Sharing your use case would be helpful in making a case for allocating resources to onboard to the publishing pipelines.

We are interested to bring authorization validation closer to our services in our kubernetes deployment. As major services are Python based servers, we would like to use regorus to get an efficient library integration to rego policies instead of http requests to a sidecar server.

[anakrish]

Thanks for sharing your use case, @fcollonval. Let me see how best to get resources allocated for publishing.

[anakrish]

Related use case about binding (Java): https://github.com/microsoft/regorus/pull/158#issuecomment-1962327537

[zterek]

We also have a similar use case in a python-based server and would love to be able to just pull a package from PyPI.

[hobofan]

I'd also greatly appreciate published packages.

I have a similar use-case to @fcollonval , where we have a lot of policy checks in the servers to do fine-grained resource permissions, which is a lot faster if we do it in-memory with an embedded policy engine.

Because there were no published packages, I first reached for regopy, the Python bindings of https://github.com/microsoft/rego-cpp , as that was a lot easier to integrate into our build/packaging process. However there were multiple segfaults I ran into with it (under hard to predict circumstances), as well as much worse performance. That has now reached the point where I had to bite the bullet and build wheels myself.

[anakrish]

Thanks for sharing your use case @hobofan. I have shared your use case internally within the team as well. We are continuing to invest further in policy languages and there is quite a high likelihood that we might publish the bindings officially ourselves (the exact timelines aren't clear yet).