diff --git a/design/design.go b/design/design.go
index fd374e5ab73bc794b97ae288f0ed22f8978d88d9..323e5b72211f49b8d224ec9f22c72ae876da974f 100644
--- a/design/design.go
+++ b/design/design.go
@@ -10,7 +10,7 @@ var _ = API("policy", func() {
Description("Policy Server")
Host("development", func() {
Description("Local development server")
- URI("http://localhost:8080")
+ URI("http://localhost:8081")
})
})
})
@@ -24,6 +24,7 @@ var _ = Service("policy", func() {
Result(EvaluateResult)
HTTP(func() {
POST("/policy/{group}/{policyName}/{version}/evaluation")
+ Body("input")
Response(StatusOK)
})
})
diff --git a/design/types.go b/design/types.go
index a0820bff93317f074f9259501af54828726ef20e..3c83c2c64b5e35d1746b72ce1dbdbc9d4192ff44 100644
--- a/design/types.go
+++ b/design/types.go
@@ -4,11 +4,11 @@ package design
import . "goa.design/goa/v3/dsl"
var EvaluateRequest = Type("EvaluateRequest", func() {
- Field(1, "group", String, "Policy group")
- Field(2, "policyName", String, "Policy name")
- Field(3, "version", String, "Policy version")
- Field(4, "data", Any, "Data passed as input to the policy execution runtime")
- Required("group", "policyName", "version", "data")
+ Field(1, "group", String, "Policy group.")
+ Field(2, "policyName", String, "Policy name.")
+ Field(3, "version", String, "Policy version.")
+ Field(4, "input", Any, "Input data passed to the policy execution runtime.")
+ Required("group", "policyName", "version", "input")
})
var EvaluateResult = Type("EvaluateResult", func() {
@@ -17,15 +17,15 @@ var EvaluateResult = Type("EvaluateResult", func() {
})
var LockRequest = Type("LockRequest", func() {
- Field(1, "group", String, "Policy group")
- Field(2, "policyName", String, "Policy name")
- Field(3, "version", String, "Policy version")
+ Field(1, "group", String, "Policy group.")
+ Field(2, "policyName", String, "Policy name.")
+ Field(3, "version", String, "Policy version.")
Required("group", "policyName", "version")
})
var UnlockRequest = Type("UnlockRequest", func() {
- Field(1, "group", String, "Policy group")
- Field(2, "policyName", String, "Policy name")
- Field(3, "version", String, "Policy version")
+ Field(1, "group", String, "Policy group.")
+ Field(2, "policyName", String, "Policy name.")
+ Field(3, "version", String, "Policy version.")
Required("group", "policyName", "version")
})
diff --git a/gen/http/cli/policy/cli.go b/gen/http/cli/policy/cli.go
index 2f770acae427087ce3ddc84daf65f4289e580817..895aaa1760a5f7231224704a7050339bf635f4bd 100644
--- a/gen/http/cli/policy/cli.go
+++ b/gen/http/cli/policy/cli.go
@@ -32,9 +32,7 @@ policy (evaluate|lock|unlock)
// UsageExamples produces an example of a valid invocation of the CLI tool.
func UsageExamples() string {
return os.Args[0] + ` health liveness` + "\n" +
- os.Args[0] + ` policy evaluate --body '{
- "data": "Id odio aperiam voluptatem molestias corrupti sunt."
- }' --group "Ipsum nihil quo." --policy-name "Repellat velit omnis." --version "Vitae qui."` + "\n" +
+ os.Args[0] + ` policy evaluate --body "Similique quisquam optio." --group "Repellat velit omnis." --policy-name "Vitae qui." --version "Provident fugiat at cupiditate."` + "\n" +
""
}
@@ -58,19 +56,19 @@ func ParseEndpoint(
policyEvaluateFlags = flag.NewFlagSet("evaluate", flag.ExitOnError)
policyEvaluateBodyFlag = policyEvaluateFlags.String("body", "REQUIRED", "")
- policyEvaluateGroupFlag = policyEvaluateFlags.String("group", "REQUIRED", "Policy group")
- policyEvaluatePolicyNameFlag = policyEvaluateFlags.String("policy-name", "REQUIRED", "Policy name")
- policyEvaluateVersionFlag = policyEvaluateFlags.String("version", "REQUIRED", "Policy version")
+ policyEvaluateGroupFlag = policyEvaluateFlags.String("group", "REQUIRED", "Policy group.")
+ policyEvaluatePolicyNameFlag = policyEvaluateFlags.String("policy-name", "REQUIRED", "Policy name.")
+ policyEvaluateVersionFlag = policyEvaluateFlags.String("version", "REQUIRED", "Policy version.")
policyLockFlags = flag.NewFlagSet("lock", flag.ExitOnError)
- policyLockGroupFlag = policyLockFlags.String("group", "REQUIRED", "Policy group")
- policyLockPolicyNameFlag = policyLockFlags.String("policy-name", "REQUIRED", "Policy name")
- policyLockVersionFlag = policyLockFlags.String("version", "REQUIRED", "Policy version")
+ policyLockGroupFlag = policyLockFlags.String("group", "REQUIRED", "Policy group.")
+ policyLockPolicyNameFlag = policyLockFlags.String("policy-name", "REQUIRED", "Policy name.")
+ policyLockVersionFlag = policyLockFlags.String("version", "REQUIRED", "Policy version.")
policyUnlockFlags = flag.NewFlagSet("unlock", flag.ExitOnError)
- policyUnlockGroupFlag = policyUnlockFlags.String("group", "REQUIRED", "Policy group")
- policyUnlockPolicyNameFlag = policyUnlockFlags.String("policy-name", "REQUIRED", "Policy name")
- policyUnlockVersionFlag = policyUnlockFlags.String("version", "REQUIRED", "Policy version")
+ policyUnlockGroupFlag = policyUnlockFlags.String("group", "REQUIRED", "Policy group.")
+ policyUnlockPolicyNameFlag = policyUnlockFlags.String("policy-name", "REQUIRED", "Policy name.")
+ policyUnlockVersionFlag = policyUnlockFlags.String("version", "REQUIRED", "Policy version.")
)
healthFlags.Usage = healthUsage
healthLivenessFlags.Usage = healthLivenessUsage
@@ -244,14 +242,12 @@ func policyEvaluateUsage() {
Evaluate executes a policy with the given 'data' as input.
-body JSON:
- -group STRING: Policy group
- -policy-name STRING: Policy name
- -version STRING: Policy version
+ -group STRING: Policy group.
+ -policy-name STRING: Policy name.
+ -version STRING: Policy version.
Example:
- %[1]s policy evaluate --body '{
- "data": "Id odio aperiam voluptatem molestias corrupti sunt."
- }' --group "Ipsum nihil quo." --policy-name "Repellat velit omnis." --version "Vitae qui."
+ %[1]s policy evaluate --body "Similique quisquam optio." --group "Repellat velit omnis." --policy-name "Vitae qui." --version "Provident fugiat at cupiditate."
`, os.Args[0])
}
@@ -259,12 +255,12 @@ func policyLockUsage() {
fmt.Fprintf(os.Stderr, `%[1]s [flags] policy lock -group STRING -policy-name STRING -version STRING
Lock a policy so that it cannot be evaluated.
- -group STRING: Policy group
- -policy-name STRING: Policy name
- -version STRING: Policy version
+ -group STRING: Policy group.
+ -policy-name STRING: Policy name.
+ -version STRING: Policy version.
Example:
- %[1]s policy lock --group "Repudiandae dolore quod." --policy-name "Aut ut fuga quae eius minus." --version "Architecto quibusdam ab."
+ %[1]s policy lock --group "In illum est et hic." --policy-name "Deleniti non nihil dolor aut sed." --version "Incidunt unde consequatur voluptas dolorem nisi temporibus."
`, os.Args[0])
}
@@ -272,11 +268,11 @@ func policyUnlockUsage() {
fmt.Fprintf(os.Stderr, `%[1]s [flags] policy unlock -group STRING -policy-name STRING -version STRING
Unlock a policy so it can be evaluated again.
- -group STRING: Policy group
- -policy-name STRING: Policy name
- -version STRING: Policy version
+ -group STRING: Policy group.
+ -policy-name STRING: Policy name.
+ -version STRING: Policy version.
Example:
- %[1]s policy unlock --group "Omnis quasi aut consequuntur." --policy-name "Tempore minus." --version "Quis quos qui earum velit illum."
+ %[1]s policy unlock --group "Aliquam atque voluptatum ut dolorem." --policy-name "Aut facere veniam repudiandae id." --version "Aut minus alias."
`, os.Args[0])
}
diff --git a/gen/http/openapi.json b/gen/http/openapi.json
index 488e432520f2553f7461bd93837d50fd7a0a9be0..b5984d3e4ea0da00dbc8096509d6e4125d42c9e9 100644
--- a/gen/http/openapi.json
+++ b/gen/http/openapi.json
@@ -1 +1 @@
-{"swagger":"2.0","info":{"title":"Policy Service","description":"The policy service exposes HTTP API for executing policies.","version":""},"host":"localhost:8080","consumes":["application/json","application/xml","application/gob"],"produces":["application/json","application/xml","application/gob"],"paths":{"/liveness":{"get":{"tags":["health"],"summary":"Liveness health","operationId":"health#Liveness","responses":{"200":{"description":"OK response."}},"schemes":["http"]}},"/policy/{group}/{policyName}/{version}/evaluation":{"post":{"tags":["policy"],"summary":"Evaluate policy","description":"Evaluate executes a policy with the given 'data' as input.","operationId":"policy#Evaluate","parameters":[{"name":"group","in":"path","description":"Policy group","required":true,"type":"string"},{"name":"policyName","in":"path","description":"Policy name","required":true,"type":"string"},{"name":"version","in":"path","description":"Policy version","required":true,"type":"string"},{"name":"EvaluateRequestBody","in":"body","required":true,"schema":{"$ref":"#/definitions/PolicyEvaluateRequestBody","required":["data"]}}],"responses":{"200":{"description":"OK response.","schema":{"$ref":"#/definitions/PolicyEvaluateResponseBody","required":["result"]}}},"schemes":["http"]}},"/policy/{group}/{policyName}/{version}/lock":{"post":{"tags":["policy"],"summary":"Lock policy","description":"Lock a policy so that it cannot be evaluated.","operationId":"policy#Lock","parameters":[{"name":"group","in":"path","description":"Policy group","required":true,"type":"string"},{"name":"policyName","in":"path","description":"Policy name","required":true,"type":"string"},{"name":"version","in":"path","description":"Policy version","required":true,"type":"string"}],"responses":{"200":{"description":"OK response."}},"schemes":["http"]},"delete":{"tags":["policy"],"summary":"Unlock policy","description":"Unlock a policy so it can be evaluated again.","operationId":"policy#Unlock","parameters":[{"name":"group","in":"path","description":"Policy group","required":true,"type":"string"},{"name":"policyName","in":"path","description":"Policy name","required":true,"type":"string"},{"name":"version","in":"path","description":"Policy version","required":true,"type":"string"}],"responses":{"200":{"description":"OK response."}},"schemes":["http"]}},"/readiness":{"get":{"tags":["health"],"summary":"Readiness health","operationId":"health#Readiness","responses":{"200":{"description":"OK response."}},"schemes":["http"]}}},"definitions":{"PolicyEvaluateRequestBody":{"title":"PolicyEvaluateRequestBody","type":"object","properties":{"data":{"type":"string","description":"Data passed as input to the policy execution runtime","example":"Aut minus alias.","format":"binary"}},"example":{"data":"At eos facilis molestias in voluptas rem."},"required":["data"]},"PolicyEvaluateResponseBody":{"title":"PolicyEvaluateResponseBody","type":"object","properties":{"result":{"type":"string","description":"Arbitrary JSON response.","example":"Aliquam atque voluptatum ut dolorem.","format":"binary"}},"example":{"result":"Aut facere veniam repudiandae id."},"required":["result"]}}}
\ No newline at end of file
+{"swagger":"2.0","info":{"title":"Policy Service","description":"The policy service exposes HTTP API for executing policies.","version":""},"host":"localhost:8081","consumes":["application/json","application/xml","application/gob"],"produces":["application/json","application/xml","application/gob"],"paths":{"/liveness":{"get":{"tags":["health"],"summary":"Liveness health","operationId":"health#Liveness","responses":{"200":{"description":"OK response."}},"schemes":["http"]}},"/policy/{group}/{policyName}/{version}/evaluation":{"post":{"tags":["policy"],"summary":"Evaluate policy","description":"Evaluate executes a policy with the given 'data' as input.","operationId":"policy#Evaluate","parameters":[{"name":"group","in":"path","description":"Policy group.","required":true,"type":"string"},{"name":"policyName","in":"path","description":"Policy name.","required":true,"type":"string"},{"name":"version","in":"path","description":"Policy version.","required":true,"type":"string"},{"name":"any","in":"body","description":"Input data passed to the policy execution runtime.","required":true,"schema":{"type":"string","format":"binary"}}],"responses":{"200":{"description":"OK response.","schema":{"$ref":"#/definitions/PolicyEvaluateResponseBody","required":["result"]}}},"schemes":["http"]}},"/policy/{group}/{policyName}/{version}/lock":{"post":{"tags":["policy"],"summary":"Lock policy","description":"Lock a policy so that it cannot be evaluated.","operationId":"policy#Lock","parameters":[{"name":"group","in":"path","description":"Policy group.","required":true,"type":"string"},{"name":"policyName","in":"path","description":"Policy name.","required":true,"type":"string"},{"name":"version","in":"path","description":"Policy version.","required":true,"type":"string"}],"responses":{"200":{"description":"OK response."}},"schemes":["http"]},"delete":{"tags":["policy"],"summary":"Unlock policy","description":"Unlock a policy so it can be evaluated again.","operationId":"policy#Unlock","parameters":[{"name":"group","in":"path","description":"Policy group.","required":true,"type":"string"},{"name":"policyName","in":"path","description":"Policy name.","required":true,"type":"string"},{"name":"version","in":"path","description":"Policy version.","required":true,"type":"string"}],"responses":{"200":{"description":"OK response."}},"schemes":["http"]}},"/readiness":{"get":{"tags":["health"],"summary":"Readiness health","operationId":"health#Readiness","responses":{"200":{"description":"OK response."}},"schemes":["http"]}}},"definitions":{"PolicyEvaluateResponseBody":{"title":"PolicyEvaluateResponseBody","type":"object","properties":{"result":{"type":"string","description":"Arbitrary JSON response.","example":"At eos facilis molestias in voluptas rem.","format":"binary"}},"example":{"result":"Ab accusantium ut ut aliquid sint animi."},"required":["result"]}}}
\ No newline at end of file
diff --git a/gen/http/openapi.yaml b/gen/http/openapi.yaml
index 9b1b80e7cbecd453341b3519a52d7c274388710c..60990b84a7a9ebe2751a44abe450aa6e7b9f0bde 100644
--- a/gen/http/openapi.yaml
+++ b/gen/http/openapi.yaml
@@ -3,7 +3,7 @@ info:
title: Policy Service
description: The policy service exposes HTTP API for executing policies.
version: ""
-host: localhost:8080
+host: localhost:8081
consumes:
- application/json
- application/xml
@@ -34,26 +34,26 @@ paths:
parameters:
- name: group
in: path
- description: Policy group
+ description: Policy group.
required: true
type: string
- name: policyName
in: path
- description: Policy name
+ description: Policy name.
required: true
type: string
- name: version
in: path
- description: Policy version
+ description: Policy version.
required: true
type: string
- - name: EvaluateRequestBody
+ - name: any
in: body
+ description: Input data passed to the policy execution runtime.
required: true
schema:
- $ref: '#/definitions/PolicyEvaluateRequestBody'
- required:
- - data
+ type: string
+ format: binary
responses:
"200":
description: OK response.
@@ -73,17 +73,17 @@ paths:
parameters:
- name: group
in: path
- description: Policy group
+ description: Policy group.
required: true
type: string
- name: policyName
in: path
- description: Policy name
+ description: Policy name.
required: true
type: string
- name: version
in: path
- description: Policy version
+ description: Policy version.
required: true
type: string
responses:
@@ -100,17 +100,17 @@ paths:
parameters:
- name: group
in: path
- description: Policy group
+ description: Policy group.
required: true
type: string
- name: policyName
in: path
- description: Policy name
+ description: Policy name.
required: true
type: string
- name: version
in: path
- description: Policy version
+ description: Policy version.
required: true
type: string
responses:
@@ -130,19 +130,6 @@ paths:
schemes:
- http
definitions:
- PolicyEvaluateRequestBody:
- title: PolicyEvaluateRequestBody
- type: object
- properties:
- data:
- type: string
- description: Data passed as input to the policy execution runtime
- example: Aut minus alias.
- format: binary
- example:
- data: At eos facilis molestias in voluptas rem.
- required:
- - data
PolicyEvaluateResponseBody:
title: PolicyEvaluateResponseBody
type: object
@@ -150,9 +137,9 @@ definitions:
result:
type: string
description: Arbitrary JSON response.
- example: Aliquam atque voluptatum ut dolorem.
+ example: At eos facilis molestias in voluptas rem.
format: binary
example:
- result: Aut facere veniam repudiandae id.
+ result: Ab accusantium ut ut aliquid sint animi.
required:
- result
diff --git a/gen/http/openapi3.json b/gen/http/openapi3.json
index b5e80c94b4f27263fde97dabb3bc5853bc081ee7..e2c4e9780257067b00d350858e29fa720157039b 100644
--- a/gen/http/openapi3.json
+++ b/gen/http/openapi3.json
@@ -1 +1 @@
-{"openapi":"3.0.3","info":{"title":"Policy Service","description":"The policy service exposes HTTP API for executing policies.","version":"1.0"},"servers":[{"url":"http://localhost:8080","description":"Policy Server"}],"paths":{"/liveness":{"get":{"tags":["health"],"summary":"Liveness health","operationId":"health#Liveness","responses":{"200":{"description":"OK response."}}}},"/policy/{group}/{policyName}/{version}/evaluation":{"post":{"tags":["policy"],"summary":"Evaluate policy","description":"Evaluate executes a policy with the given 'data' as input.","operationId":"policy#Evaluate","parameters":[{"name":"group","in":"path","description":"Policy group","required":true,"schema":{"type":"string","description":"Policy group","example":"Non mollitia nesciunt impedit facere."},"example":"Ut commodi perspiciatis corporis."},{"name":"policyName","in":"path","description":"Policy name","required":true,"schema":{"type":"string","description":"Policy name","example":"Accusamus autem sequi."},"example":"Et nulla."},{"name":"version","in":"path","description":"Policy version","required":true,"schema":{"type":"string","description":"Policy version","example":"In quis nesciunt autem et."},"example":"Sunt in et quia cum."}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/EvaluateRequestBody"},"example":{"data":"Id odio aperiam voluptatem molestias corrupti sunt."}}}},"responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/EvaluateResult"},"example":{"result":"Provident fugiat at cupiditate."}}}}}}},"/policy/{group}/{policyName}/{version}/lock":{"delete":{"tags":["policy"],"summary":"Unlock policy","description":"Unlock a policy so it can be evaluated again.","operationId":"policy#Unlock","parameters":[{"name":"group","in":"path","description":"Policy group","required":true,"schema":{"type":"string","description":"Policy group","example":"Accusamus enim."},"example":"Recusandae est rerum corrupti quia."},{"name":"policyName","in":"path","description":"Policy name","required":true,"schema":{"type":"string","description":"Policy name","example":"Quam dolores architecto itaque."},"example":"Voluptas ad corporis adipisci inventore ipsum."},{"name":"version","in":"path","description":"Policy version","required":true,"schema":{"type":"string","description":"Policy version","example":"Recusandae dolorum nisi distinctio vitae ad."},"example":"Perspiciatis voluptatem."}],"responses":{"200":{"description":"OK response."}}},"post":{"tags":["policy"],"summary":"Lock policy","description":"Lock a policy so that it cannot be evaluated.","operationId":"policy#Lock","parameters":[{"name":"group","in":"path","description":"Policy group","required":true,"schema":{"type":"string","description":"Policy group","example":"Commodi nemo fugiat id praesentium accusantium expedita."},"example":"Qui non quia."},{"name":"policyName","in":"path","description":"Policy name","required":true,"schema":{"type":"string","description":"Policy name","example":"Error maxime quasi quia non voluptatibus error."},"example":"Optio quia et laborum."},{"name":"version","in":"path","description":"Policy version","required":true,"schema":{"type":"string","description":"Policy version","example":"In libero perspiciatis voluptatum ut soluta."},"example":"Ut amet."}],"responses":{"200":{"description":"OK response."}}}},"/readiness":{"get":{"tags":["health"],"summary":"Readiness health","operationId":"health#Readiness","responses":{"200":{"description":"OK response."}}}}},"components":{"schemas":{"EvaluateRequestBody":{"type":"object","properties":{"data":{"type":"string","description":"Data passed as input to the policy execution runtime","example":"Ab accusantium ut ut aliquid sint animi.","format":"binary"}},"example":{"data":"Dolorem cumque laborum quis nesciunt."},"required":["data"]},"EvaluateResult":{"type":"object","properties":{"result":{"type":"string","description":"Arbitrary JSON response.","example":"Aut voluptas.","format":"binary"}},"example":{"result":"Sint nam voluptatem ea consequatur similique et."},"required":["result"]}}},"tags":[{"name":"health","description":"Health service provides health check endpoints."},{"name":"policy","description":"Policy Service provides evaluation of policies through Open Policy Agent."}]}
\ No newline at end of file
+{"openapi":"3.0.3","info":{"title":"Policy Service","description":"The policy service exposes HTTP API for executing policies.","version":"1.0"},"servers":[{"url":"http://localhost:8081","description":"Policy Server"}],"paths":{"/liveness":{"get":{"tags":["health"],"summary":"Liveness health","operationId":"health#Liveness","responses":{"200":{"description":"OK response."}}}},"/policy/{group}/{policyName}/{version}/evaluation":{"post":{"tags":["policy"],"summary":"Evaluate policy","description":"Evaluate executes a policy with the given 'data' as input.","operationId":"policy#Evaluate","parameters":[{"name":"group","in":"path","description":"Policy group.","required":true,"schema":{"type":"string","description":"Policy group.","example":"Ut commodi perspiciatis corporis."},"example":"Accusamus autem sequi."},{"name":"policyName","in":"path","description":"Policy name.","required":true,"schema":{"type":"string","description":"Policy name.","example":"Et nulla."},"example":"In quis nesciunt autem et."},{"name":"version","in":"path","description":"Policy version.","required":true,"schema":{"type":"string","description":"Policy version.","example":"Sunt in et quia cum."},"example":"Commodi nemo fugiat id praesentium accusantium expedita."}],"requestBody":{"description":"Input data passed to the policy execution runtime.","required":true,"content":{"application/json":{"schema":{"type":"string","description":"Input data passed to the policy execution runtime.","example":"Dolorem cumque laborum quis nesciunt.","format":"binary"},"example":"Non mollitia nesciunt impedit facere."}}},"responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/EvaluateResult"},"example":{"result":"Explicabo beatae quisquam officiis libero voluptatibus."}}}}}}},"/policy/{group}/{policyName}/{version}/lock":{"delete":{"tags":["policy"],"summary":"Unlock policy","description":"Unlock a policy so it can be evaluated again.","operationId":"policy#Unlock","parameters":[{"name":"group","in":"path","description":"Policy group.","required":true,"schema":{"type":"string","description":"Policy group.","example":"Recusandae est rerum corrupti quia."},"example":"Quam dolores architecto itaque."},{"name":"policyName","in":"path","description":"Policy name.","required":true,"schema":{"type":"string","description":"Policy name.","example":"Voluptas ad corporis adipisci inventore ipsum."},"example":"Recusandae dolorum nisi distinctio vitae ad."},{"name":"version","in":"path","description":"Policy version.","required":true,"schema":{"type":"string","description":"Policy version.","example":"Perspiciatis voluptatem."},"example":"Corporis est rem."}],"responses":{"200":{"description":"OK response."}}},"post":{"tags":["policy"],"summary":"Lock policy","description":"Lock a policy so that it cannot be evaluated.","operationId":"policy#Lock","parameters":[{"name":"group","in":"path","description":"Policy group.","required":true,"schema":{"type":"string","description":"Policy group.","example":"Qui non quia."},"example":"Error maxime quasi quia non voluptatibus error."},{"name":"policyName","in":"path","description":"Policy name.","required":true,"schema":{"type":"string","description":"Policy name.","example":"Optio quia et laborum."},"example":"In libero perspiciatis voluptatum ut soluta."},{"name":"version","in":"path","description":"Policy version.","required":true,"schema":{"type":"string","description":"Policy version.","example":"Ut amet."},"example":"Accusamus enim."}],"responses":{"200":{"description":"OK response."}}}},"/readiness":{"get":{"tags":["health"],"summary":"Readiness health","operationId":"health#Readiness","responses":{"200":{"description":"OK response."}}}}},"components":{"schemas":{"EvaluateResult":{"type":"object","properties":{"result":{"type":"string","description":"Arbitrary JSON response.","example":"Aut voluptas.","format":"binary"}},"example":{"result":"Sint nam voluptatem ea consequatur similique et."},"required":["result"]}}},"tags":[{"name":"health","description":"Health service provides health check endpoints."},{"name":"policy","description":"Policy Service provides evaluation of policies through Open Policy Agent."}]}
\ No newline at end of file
diff --git a/gen/http/openapi3.yaml b/gen/http/openapi3.yaml
index caa0e51e5f51f2a69885fe8bd6566acb5c947d5c..66d1ca8c53bb54867873fea7086b7e895af411f3 100644
--- a/gen/http/openapi3.yaml
+++ b/gen/http/openapi3.yaml
@@ -4,7 +4,7 @@ info:
description: The policy service exposes HTTP API for executing policies.
version: "1.0"
servers:
-- url: http://localhost:8080
+- url: http://localhost:8081
description: Policy Server
paths:
/liveness:
@@ -26,39 +26,42 @@ paths:
parameters:
- name: group
in: path
- description: Policy group
+ description: Policy group.
required: true
schema:
type: string
- description: Policy group
- example: Non mollitia nesciunt impedit facere.
- example: Ut commodi perspiciatis corporis.
+ description: Policy group.
+ example: Ut commodi perspiciatis corporis.
+ example: Accusamus autem sequi.
- name: policyName
in: path
- description: Policy name
+ description: Policy name.
required: true
schema:
type: string
- description: Policy name
- example: Accusamus autem sequi.
- example: Et nulla.
+ description: Policy name.
+ example: Et nulla.
+ example: In quis nesciunt autem et.
- name: version
in: path
- description: Policy version
+ description: Policy version.
required: true
schema:
type: string
- description: Policy version
- example: In quis nesciunt autem et.
- example: Sunt in et quia cum.
+ description: Policy version.
+ example: Sunt in et quia cum.
+ example: Commodi nemo fugiat id praesentium accusantium expedita.
requestBody:
+ description: Input data passed to the policy execution runtime.
required: true
content:
application/json:
schema:
- $ref: '#/components/schemas/EvaluateRequestBody'
- example:
- data: Id odio aperiam voluptatem molestias corrupti sunt.
+ type: string
+ description: Input data passed to the policy execution runtime.
+ example: Dolorem cumque laborum quis nesciunt.
+ format: binary
+ example: Non mollitia nesciunt impedit facere.
responses:
"200":
description: OK response.
@@ -67,7 +70,7 @@ paths:
schema:
$ref: '#/components/schemas/EvaluateResult'
example:
- result: Provident fugiat at cupiditate.
+ result: Explicabo beatae quisquam officiis libero voluptatibus.
/policy/{group}/{policyName}/{version}/lock:
delete:
tags:
@@ -78,31 +81,31 @@ paths:
parameters:
- name: group
in: path
- description: Policy group
+ description: Policy group.
required: true
schema:
type: string
- description: Policy group
- example: Accusamus enim.
- example: Recusandae est rerum corrupti quia.
+ description: Policy group.
+ example: Recusandae est rerum corrupti quia.
+ example: Quam dolores architecto itaque.
- name: policyName
in: path
- description: Policy name
+ description: Policy name.
required: true
schema:
type: string
- description: Policy name
- example: Quam dolores architecto itaque.
- example: Voluptas ad corporis adipisci inventore ipsum.
+ description: Policy name.
+ example: Voluptas ad corporis adipisci inventore ipsum.
+ example: Recusandae dolorum nisi distinctio vitae ad.
- name: version
in: path
- description: Policy version
+ description: Policy version.
required: true
schema:
type: string
- description: Policy version
- example: Recusandae dolorum nisi distinctio vitae ad.
- example: Perspiciatis voluptatem.
+ description: Policy version.
+ example: Perspiciatis voluptatem.
+ example: Corporis est rem.
responses:
"200":
description: OK response.
@@ -115,31 +118,31 @@ paths:
parameters:
- name: group
in: path
- description: Policy group
+ description: Policy group.
required: true
schema:
type: string
- description: Policy group
- example: Commodi nemo fugiat id praesentium accusantium expedita.
- example: Qui non quia.
+ description: Policy group.
+ example: Qui non quia.
+ example: Error maxime quasi quia non voluptatibus error.
- name: policyName
in: path
- description: Policy name
+ description: Policy name.
required: true
schema:
type: string
- description: Policy name
- example: Error maxime quasi quia non voluptatibus error.
- example: Optio quia et laborum.
+ description: Policy name.
+ example: Optio quia et laborum.
+ example: In libero perspiciatis voluptatum ut soluta.
- name: version
in: path
- description: Policy version
+ description: Policy version.
required: true
schema:
type: string
- description: Policy version
- example: In libero perspiciatis voluptatum ut soluta.
- example: Ut amet.
+ description: Policy version.
+ example: Ut amet.
+ example: Accusamus enim.
responses:
"200":
description: OK response.
@@ -154,18 +157,6 @@ paths:
description: OK response.
components:
schemas:
- EvaluateRequestBody:
- type: object
- properties:
- data:
- type: string
- description: Data passed as input to the policy execution runtime
- example: Ab accusantium ut ut aliquid sint animi.
- format: binary
- example:
- data: Dolorem cumque laborum quis nesciunt.
- required:
- - data
EvaluateResult:
type: object
properties:
diff --git a/gen/http/policy/client/cli.go b/gen/http/policy/client/cli.go
index a21b84cac1c1820fe19f0ab1a431c8c4322412b2..8b74da63e55e748a960e35ff3a512a48bb008aa1 100644
--- a/gen/http/policy/client/cli.go
+++ b/gen/http/policy/client/cli.go
@@ -12,24 +12,17 @@ import (
"fmt"
policy "code.vereign.com/gaiax/tsa/policy/gen/policy"
- goa "goa.design/goa/v3/pkg"
)
// BuildEvaluatePayload builds the payload for the policy Evaluate endpoint
// from CLI flags.
func BuildEvaluatePayload(policyEvaluateBody string, policyEvaluateGroup string, policyEvaluatePolicyName string, policyEvaluateVersion string) (*policy.EvaluateRequest, error) {
var err error
- var body EvaluateRequestBody
+ var body interface{}
{
err = json.Unmarshal([]byte(policyEvaluateBody), &body)
if err != nil {
- return nil, fmt.Errorf("invalid JSON for body, \nerror: %s, \nexample of valid JSON:\n%s", err, "'{\n \"data\": \"Id odio aperiam voluptatem molestias corrupti sunt.\"\n }'")
- }
- if body.Data == nil {
- err = goa.MergeErrors(err, goa.MissingFieldError("data", "body"))
- }
- if err != nil {
- return nil, err
+ return nil, fmt.Errorf("invalid JSON for body, \nerror: %s, \nexample of valid JSON:\n%s", err, "\"Similique quisquam optio.\"")
}
}
var group string
@@ -44,14 +37,15 @@ func BuildEvaluatePayload(policyEvaluateBody string, policyEvaluateGroup string,
{
version = policyEvaluateVersion
}
- v := &policy.EvaluateRequest{
- Data: body.Data,
+ v := body
+ res := &policy.EvaluateRequest{
+ Input: v,
}
- v.Group = group
- v.PolicyName = policyName
- v.Version = version
+ res.Group = group
+ res.PolicyName = policyName
+ res.Version = version
- return v, nil
+ return res, nil
}
// BuildLockPayload builds the payload for the policy Lock endpoint from CLI
diff --git a/gen/http/policy/client/encode_decode.go b/gen/http/policy/client/encode_decode.go
index 8ca9db57355d87d67861d55a2f10f3e3b8dd7eac..cc62c4177f5b9f56c14adaca7dff08c6771e72a3 100644
--- a/gen/http/policy/client/encode_decode.go
+++ b/gen/http/policy/client/encode_decode.go
@@ -55,7 +55,7 @@ func EncodeEvaluateRequest(encoder func(*http.Request) goahttp.Encoder) func(*ht
if !ok {
return goahttp.ErrInvalidType("policy", "Evaluate", "*policy.EvaluateRequest", v)
}
- body := NewEvaluateRequestBody(p)
+ body := p.Input
if err := encoder(req).Encode(&body); err != nil {
return goahttp.ErrEncodingError("policy", "Evaluate", err)
}
diff --git a/gen/http/policy/client/types.go b/gen/http/policy/client/types.go
index 36eb2a2eb58025c94f3491b0cd2a245daf5dab09..4bbf4babfe1d591928aa72fd43035cf89b3aeecd 100644
--- a/gen/http/policy/client/types.go
+++ b/gen/http/policy/client/types.go
@@ -12,13 +12,6 @@ import (
goa "goa.design/goa/v3/pkg"
)
-// EvaluateRequestBody is the type of the "policy" service "Evaluate" endpoint
-// HTTP request body.
-type EvaluateRequestBody struct {
- // Data passed as input to the policy execution runtime
- Data interface{} `form:"data" json:"data" xml:"data"`
-}
-
// EvaluateResponseBody is the type of the "policy" service "Evaluate" endpoint
// HTTP response body.
type EvaluateResponseBody struct {
@@ -26,15 +19,6 @@ type EvaluateResponseBody struct {
Result interface{} `form:"result,omitempty" json:"result,omitempty" xml:"result,omitempty"`
}
-// NewEvaluateRequestBody builds the HTTP request body from the payload of the
-// "Evaluate" endpoint of the "policy" service.
-func NewEvaluateRequestBody(p *policy.EvaluateRequest) *EvaluateRequestBody {
- body := &EvaluateRequestBody{
- Data: p.Data,
- }
- return body
-}
-
// NewEvaluateResultOK builds a "policy" service "Evaluate" endpoint result
// from a HTTP "OK" response.
func NewEvaluateResultOK(body *EvaluateResponseBody) *policy.EvaluateResult {
diff --git a/gen/http/policy/server/encode_decode.go b/gen/http/policy/server/encode_decode.go
index 19a86aaa201cc698c951109f332e94bacedc26d8..702747a37d0596b6f22cb31d6bbc69c1543e5374 100644
--- a/gen/http/policy/server/encode_decode.go
+++ b/gen/http/policy/server/encode_decode.go
@@ -34,7 +34,7 @@ func EncodeEvaluateResponse(encoder func(context.Context, http.ResponseWriter) g
func DecodeEvaluateRequest(mux goahttp.Muxer, decoder func(*http.Request) goahttp.Decoder) func(*http.Request) (interface{}, error) {
return func(r *http.Request) (interface{}, error) {
var (
- body EvaluateRequestBody
+ body interface{}
err error
)
err = decoder(r).Decode(&body)
@@ -44,10 +44,6 @@ func DecodeEvaluateRequest(mux goahttp.Muxer, decoder func(*http.Request) goahtt
}
return nil, goa.DecodePayloadError(err.Error())
}
- err = ValidateEvaluateRequestBody(&body)
- if err != nil {
- return nil, err
- }
var (
group string
@@ -59,7 +55,7 @@ func DecodeEvaluateRequest(mux goahttp.Muxer, decoder func(*http.Request) goahtt
group = params["group"]
policyName = params["policyName"]
version = params["version"]
- payload := NewEvaluateRequest(&body, group, policyName, version)
+ payload := NewEvaluateRequest(body, group, policyName, version)
return payload, nil
}
diff --git a/gen/http/policy/server/types.go b/gen/http/policy/server/types.go
index 7db542fff9bb167b49ff6d329f4b42269c1c2154..8f123712ae895818271de3f69460ece5d5d20577 100644
--- a/gen/http/policy/server/types.go
+++ b/gen/http/policy/server/types.go
@@ -9,16 +9,8 @@ package server
import (
policy "code.vereign.com/gaiax/tsa/policy/gen/policy"
- goa "goa.design/goa/v3/pkg"
)
-// EvaluateRequestBody is the type of the "policy" service "Evaluate" endpoint
-// HTTP request body.
-type EvaluateRequestBody struct {
- // Data passed as input to the policy execution runtime
- Data interface{} `form:"data,omitempty" json:"data,omitempty" xml:"data,omitempty"`
-}
-
// EvaluateResponseBody is the type of the "policy" service "Evaluate" endpoint
// HTTP response body.
type EvaluateResponseBody struct {
@@ -36,15 +28,16 @@ func NewEvaluateResponseBody(res *policy.EvaluateResult) *EvaluateResponseBody {
}
// NewEvaluateRequest builds a policy service Evaluate endpoint payload.
-func NewEvaluateRequest(body *EvaluateRequestBody, group string, policyName string, version string) *policy.EvaluateRequest {
- v := &policy.EvaluateRequest{
- Data: body.Data,
+func NewEvaluateRequest(body interface{}, group string, policyName string, version string) *policy.EvaluateRequest {
+ v := body
+ res := &policy.EvaluateRequest{
+ Input: v,
}
- v.Group = group
- v.PolicyName = policyName
- v.Version = version
+ res.Group = group
+ res.PolicyName = policyName
+ res.Version = version
- return v
+ return res
}
// NewLockRequest builds a policy service Lock endpoint payload.
@@ -66,12 +59,3 @@ func NewUnlockRequest(group string, policyName string, version string) *policy.U
return v
}
-
-// ValidateEvaluateRequestBody runs the validations defined on
-// EvaluateRequestBody
-func ValidateEvaluateRequestBody(body *EvaluateRequestBody) (err error) {
- if body.Data == nil {
- err = goa.MergeErrors(err, goa.MissingFieldError("data", "body"))
- }
- return
-}
diff --git a/gen/policy/service.go b/gen/policy/service.go
index 5d58f37a1abbd213f46448ac9e60d8493f6a3055..25f54089f5b7c33d79059c1cb7196c6a8b8f21b3 100644
--- a/gen/policy/service.go
+++ b/gen/policy/service.go
@@ -33,14 +33,14 @@ var MethodNames = [3]string{"Evaluate", "Lock", "Unlock"}
// EvaluateRequest is the payload type of the policy service Evaluate method.
type EvaluateRequest struct {
- // Policy group
+ // Policy group.
Group string
- // Policy name
+ // Policy name.
PolicyName string
- // Policy version
+ // Policy version.
Version string
- // Data passed as input to the policy execution runtime
- Data interface{}
+ // Input data passed to the policy execution runtime.
+ Input interface{}
}
// EvaluateResult is the result type of the policy service Evaluate method.
@@ -51,20 +51,20 @@ type EvaluateResult struct {
// LockRequest is the payload type of the policy service Lock method.
type LockRequest struct {
- // Policy group
+ // Policy group.
Group string
- // Policy name
+ // Policy name.
PolicyName string
- // Policy version
+ // Policy version.
Version string
}
// UnlockRequest is the payload type of the policy service Unlock method.
type UnlockRequest struct {
- // Policy group
+ // Policy group.
Group string
- // Policy name
+ // Policy name.
PolicyName string
- // Policy version
+ // Policy version.
Version string
}
diff --git a/internal/service/policy/service.go b/internal/service/policy/service.go
index a9f6616aca71da37771186bf4a345af04aa1fc38..cb3012f5992f501a5ef799e2acaba44f5ba7a21e 100644
--- a/internal/service/policy/service.go
+++ b/internal/service/policy/service.go
@@ -2,6 +2,7 @@ package policy
import (
"context"
+ "fmt"
"github.com/open-policy-agent/opa/rego"
"go.uber.org/zap"
@@ -28,7 +29,14 @@ func New(storage Storage, logger *zap.Logger) *Service {
}
}
-// Evaluate executes a policy with the given 'data' as input.
+// Evaluate executes a policy with the given input.
+//
+// IMPORTANT: The policy must follow a strict convention so that such generic
+// evaluation function could work: package declaration inside the policy must
+// be exactly the same as 'group.policy'. For example:
+// Evaluating the URL: `.../policies/mygroup/example/1.0/evaluation` will
+// return results correctly, only if the package declaration inside the policy is:
+// `package mygroup.example`
func (s *Service) Evaluate(ctx context.Context, req *policy.EvaluateRequest) (*policy.EvaluateResult, error) {
logger := s.logger.With(
zap.String("name", req.PolicyName),
@@ -49,33 +57,36 @@ func (s *Service) Evaluate(ctx context.Context, req *policy.EvaluateRequest) (*p
return nil, errors.New(errors.Forbidden, "policy is locked")
}
+ // regoQuery must match both the package declaration inside the policy
+ // and the group and policy name.
+ regoQuery := fmt.Sprintf("data.%s.%s", req.Group, req.PolicyName)
+
query, err := rego.New(
rego.Module(pol.Filename, pol.Rego),
- rego.Query("result = data.gaiax.result"),
+ rego.Query(regoQuery),
).PrepareForEval(ctx)
if err != nil {
logger.Error("error preparing rego query", zap.Error(err))
return nil, errors.New("error preparing rego query", err)
}
- resultSet, err := query.Eval(ctx, rego.EvalInput(req.Data))
+ resultSet, err := query.Eval(ctx, rego.EvalInput(req.Input))
if err != nil {
logger.Error("error evaluating rego query", zap.Error(err))
return nil, errors.New("error evaluating rego query", err)
}
if len(resultSet) == 0 {
- logger.Error("policy evaluation result set is empty")
- return nil, errors.New("policy evaluation result set is empty")
+ logger.Error("policy evaluation results are missing")
+ return nil, errors.New("policy evaluation results are missing")
}
- result, ok := resultSet[0].Bindings["result"]
- if !ok {
- logger.Error("policy result bindings not found")
- return nil, errors.New("policy result bindings not found")
+ if len(resultSet[0].Expressions) == 0 {
+ logger.Error("policy evaluation result expressions are missing")
+ return nil, errors.New("policy evaluation result expressions are missing")
}
- return &policy.EvaluateResult{Result: result}, nil
+ return &policy.EvaluateResult{Result: resultSet[0].Expressions[0].Value}, nil
}
// Lock a policy so that it cannot be evaluated.