Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: opcr-io/policy
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v0.2.14
Choose a base ref
...
head repository: opcr-io/policy
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: main
Choose a head ref
  • 16 commits
  • 35 files changed
  • 4 contributors

Commits on May 27, 2024

  1. Fix tag command (#179)

    carabasdaniel authored May 27, 2024
    Copy the full SHA
    bc5b834 View commit details

Commits on Jul 10, 2024

  1. update to runtime 0.66.0 (#181)

    gertd authored Jul 10, 2024
    Copy the full SHA
    1ad6fd2 View commit details

Commits on Aug 15, 2024

  1. Update to runtime v0.67.1 (#182)

    carabasdaniel authored Aug 15, 2024
    Copy the full SHA
    83b8f40 View commit details

Commits on Aug 23, 2024

  1. Wire logrus to zerolog (#183)

    The dependency on logrus was removed from aserto-dev/logger in aserto-dev/logger#8.
    Support for wiring logrus to zerolog has moved to aserto-dev/runtime in aserto-dev/runtime#57.
    
    This commit uses runtime/logger to explicitly add a logrus hook that sends logs to zerolog.
    
    Signed-off-by: Ronen Hilewicz <[email protected]>
    ronenh authored Aug 23, 2024
    Copy the full SHA
    cca1553 View commit details

Commits on Sep 11, 2024

  1. Bump to runtime v0.68.0 (#184)

    carabasdaniel authored Sep 11, 2024
    Copy the full SHA
    1be0390 View commit details

Commits on Oct 3, 2024

  1. Bump to runtime v0.69.0 (#185)

    carabasdaniel authored Oct 3, 2024
    Copy the full SHA
    365ebc4 View commit details

Commits on Oct 10, 2024

  1. Update to go 1.23 (#186)

    carabasdaniel authored Oct 10, 2024
    Copy the full SHA
    822f478 View commit details

Commits on Oct 15, 2024

  1. Fix viper env key replacer in policy CLI config (#187)

    carabasdaniel authored Oct 15, 2024
    Copy the full SHA
    056efdc View commit details

Commits on Jan 10, 2025

  1. Update dependencies (#188)

    * Update dependencies
    carabasdaniel authored Jan 10, 2025
    Copy the full SHA
    10531ea View commit details
  2. Bump golang.org/x/net from 0.32.0 to 0.33.0 (#189)

    Bumps [golang.org/x/net](https://github.com/golang/net) from 0.32.0 to 0.33.0.
    - [Commits](golang/net@v0.32.0...v0.33.0)
    
    ---
    updated-dependencies:
    - dependency-name: golang.org/x/net
      dependency-type: indirect
    ...
    
    Signed-off-by: dependabot[bot] <[email protected]>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    dependabot[bot] authored Jan 10, 2025
    Copy the full SHA
    d309f47 View commit details

Commits on Jan 22, 2025

  1. Bump to OPA v1.0.0 (#190)

    * Bump to OPA v1.0.0
    
    * Use rego v1 as default to build policy images
    
    * Update basic policy template for rego v1
    
    * Use runtime v1.0.0
    
    * Update templates apply to allow setting the rego version
    
    * Use rego v0 by default in build script
    
    * Add ds.checks to template manifest
    carabasdaniel authored Jan 22, 2025
    Copy the full SHA
    89a2e47 View commit details

Commits on Jan 28, 2025

  1. Update to runtime v1.1.0 (#192)

    carabasdaniel authored Jan 28, 2025
    Copy the full SHA
    4336d49 View commit details
  2. Bump golang.org/x/net from 0.27.0 to 0.33.0 in /oci (#191)

    Bumps [golang.org/x/net](https://github.com/golang/net) from 0.27.0 to 0.33.0.
    - [Commits](golang/net@v0.27.0...v0.33.0)
    
    ---
    updated-dependencies:
    - dependency-name: golang.org/x/net
      dependency-type: indirect
    ...
    
    Signed-off-by: dependabot[bot] <[email protected]>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    dependabot[bot] authored Jan 28, 2025
    Copy the full SHA
    2bce9b5 View commit details

Commits on Jan 30, 2025

  1. Update CI templates to use rego v1 (#193)

    carabasdaniel authored Jan 30, 2025
    Copy the full SHA
    be7c3ea View commit details
  2. Fix .goreleaser-pre.yaml (#194)

    carabasdaniel authored Jan 30, 2025
    Copy the full SHA
    edc7a44 View commit details

Commits on Feb 3, 2025

  1. Add note to readme for rego vesion default (#195)

    carabasdaniel authored Feb 3, 2025
    Copy the full SHA
    cc3f2d6 View commit details
8 changes: 4 additions & 4 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
@@ -18,9 +18,9 @@ on:
- release-*
env:
PRE_RELEASE: ${{ github.ref == 'refs/heads/main' && 'development' || '' }}
GO_VERSION: "1.22"
GO_RELEASER_VERSION: "v1.24.0"
GO_LANGCI_LINT_VERSION: "v1.56.2"
GO_VERSION: "1.23"
GO_RELEASER_VERSION: "v2.3.2"
GO_LANGCI_LINT_VERSION: "v1.61.0"
GO_TESTSUM_VERSION: "1.11.0"

jobs:
@@ -150,7 +150,7 @@ jobs:
with:
distribution: goreleaser
version: ${{ env.GO_RELEASER_VERSION }}
args: release --clean --config $PWD/.goreleaser-pre.yml
args: release --clean --config .goreleaser-pre.yml
-
name: Release
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, '-rc')
26 changes: 7 additions & 19 deletions .golangci.yaml
Original file line number Diff line number Diff line change
@@ -16,7 +16,7 @@ linters-settings:
lines: 100
statements: 80
gci:
local-prefixes: github.com/golangci/golangci-lint
prefix: github.com/golangci/golangci-lint
goconst:
min-len: 2
min-occurrences: 2
@@ -36,20 +36,11 @@ linters-settings:
gocyclo:
min-complexity: 18
goimports:
local-prefixes: github.com/golangci/golangci-lint
prefix: github.com/golangci/golangci-lint
golint:
min-confidence: 0
gomnd:
settings:
mnd:
# don't include the "operation" and "assign"
checks:
- argument
- case
- condition
- return
min-confidence: 0
govet:
check-shadowing: true
shadow: true
settings:
printf:
funcs:
@@ -74,16 +65,15 @@ linters:
- asciicheck
- bodyclose
- dogsled
- errcheck
- exportloopref
- errcheck
- exhaustive
- funlen
- gochecknoinits
- goconst
- gocritic
- gocyclo
- godot
- goerr113
- err113
- gofmt
- goimports
- goprintffuncname
@@ -154,6 +144,4 @@ issues:
- gosec

run:
timeout: 5m
skip-dirs:
- pkg/testharness/testdata
timeout: 5m
5 changes: 3 additions & 2 deletions .goreleaser-pre.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
version: 2
project_name: policy

env:
@@ -41,7 +42,7 @@ archives:
# https://goreleaser.com/customization/archive/
- format: zip
builds:
- policy
- build
files:
- LICENSE
- README.md
@@ -54,7 +55,7 @@ checksum:

snapshot:
# https://goreleaser.com/customization/snapshots/
name_template: "{{ .Tag }}"
version_template: "{{ .Tag }}"

source:
# https://goreleaser.com/customization/source/
3 changes: 2 additions & 1 deletion .goreleaser.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
version: 2
project_name: policy

env:
@@ -54,7 +55,7 @@ checksum:

snapshot:
# https://goreleaser.com/customization/snapshots/
name_template: "{{ .Tag }}"
version_template: "{{ .Tag }}"

source:
# https://goreleaser.com/customization/source/
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -19,6 +19,8 @@ It uses OCI standards to manage artifacts, and the [Open Policy Agent (OPA)](htt
[![OpenSSF Best Practices](https://bestpractices.coreinfrastructure.org/projects/6859/badge)](https://bestpractices.coreinfrastructure.org/projects/6859)
---

**_Note:_** Version v0.3.x of policy CLI uses Rego V1 as default to build policy images.

## Documentation

Please refer to our [documentation](https://openpolicycontainers.com) site for installation, usage, customization and tips.
8 changes: 4 additions & 4 deletions cmd/policy/build.go
Original file line number Diff line number Diff line change
@@ -23,13 +23,13 @@ type BuildCmd struct {
ExcludeVerifyFiles []string `name:"exclude-files-verify" help:"Set file names to exclude during bundle verification."`
SigningKey string `name:"signing-key" help:"Set the secret (HMAC) or path of the PEM file containing the private key (RSA and ECDSA)."`
ClaimsFile string `name:"claims-file" help:"Set path of JSON file containing optional claims (see: https://openpolicyagent.org/docs/latest/management/#signature-format)."`
RegoVersion string `name:"rego-version" enum:"default,rego.v1" default:"default" help:"Set rego version flag (enum: default or rego.v1)."`
RegoVersion string `name:"rego-version" enum:"rego.v0, rego.v1" default:"rego.v1" help:"Set rego version flag (enum: rego.v0 or rego.v1)."`
}

func (c *BuildCmd) Run(g *Globals) error {
v1build := false
if c.RegoVersion == "rego.v1" {
v1build = true
v1build := true
if c.RegoVersion == "rego.v0" {
v1build = false
}

err := g.App.Build(
9 changes: 5 additions & 4 deletions cmd/policy/templates.go
Original file line number Diff line number Diff line change
@@ -8,16 +8,17 @@ type TemplatesCmd struct {
}

type ApplyCmd struct {
Template string `arg:"" name:"template" required:"true" help:"name of the template to apply"`
Output string `name:"output" short:"o" help:"output directory (defaults to current directory)" default:"."`
Overwrite bool `name:"overwrite" help:"overwrite existing files" default:"false"`
Template string `arg:"" name:"template" required:"true" help:"name of the template to apply"`
Output string `name:"output" short:"o" help:"output directory (defaults to current directory)" default:"."`
Overwrite bool `name:"overwrite" help:"overwrite existing files" default:"false"`
RegoVersion string `name:"rego-version" enum:"rego.v0, rego.v1" default:"rego.v1" help:"Set rego version flag (enum: rego.v0 or rego.v1)."`
}

type ListCmd struct {
}

func (c *ApplyCmd) Run(g *Globals) error {
err := g.App.TemplateApply(c.Template, c.Output, c.Overwrite)
err := g.App.TemplateApply(c.Template, c.Output, c.Overwrite, c.RegoVersion)
if err != nil {
return errors.TemplateFailed.WithError(err)
}
116 changes: 59 additions & 57 deletions go.mod
Original file line number Diff line number Diff line change
@@ -1,118 +1,120 @@
module github.com/opcr-io/policy

go 1.21
go 1.22.11

toolchain go1.23.4

require (
github.com/Masterminds/sprig v2.22.0+incompatible
github.com/alecthomas/kong v0.9.0
github.com/aserto-dev/certs v0.0.6
github.com/alecthomas/kong v1.6.0
github.com/aserto-dev/clui v0.8.3
github.com/aserto-dev/logger v0.0.4
github.com/aserto-dev/runtime v0.64.0
github.com/aserto-dev/scc-lib v0.1.2
github.com/containerd/containerd v1.7.17
github.com/docker/cli v26.1.1+incompatible
github.com/aserto-dev/logger v0.0.7
github.com/aserto-dev/runtime v1.1.0
github.com/aserto-dev/scc-lib v0.1.3
github.com/containerd/containerd v1.7.25
github.com/containerd/errdefs v1.0.0
github.com/distribution/reference v0.6.0
github.com/docker/cli v27.4.1+incompatible
github.com/dustin/go-humanize v1.0.1
github.com/google/wire v0.6.0
github.com/magefile/mage v1.15.0
github.com/mitchellh/mapstructure v1.5.0
github.com/opcr-io/oras-go/v2 v2.0.0-20231122155130-eb4260d8a0ae
github.com/opcr-io/policy/oci v0.2.7-0.20240517114530-d694cb7fb57f
github.com/opcr-io/policy/parser v0.2.5-0.20231122153628-152ef46de97b
github.com/open-policy-agent/opa v0.64.1
github.com/opcr-io/policy/oci v0.2.16
github.com/opcr-io/policy/parser v0.2.16
github.com/open-policy-agent/opa v1.1.0
github.com/opencontainers/go-digest v1.0.0
github.com/opencontainers/image-spec v1.1.0
github.com/pkg/errors v0.9.1
github.com/rs/zerolog v1.32.0
github.com/spf13/viper v1.18.2
github.com/stretchr/testify v1.9.0
golang.org/x/sync v0.7.0
golang.org/x/term v0.19.0
sigs.k8s.io/controller-runtime v0.17.3
github.com/rs/zerolog v1.33.0
github.com/spf13/viper v1.19.0
github.com/stretchr/testify v1.10.0
golang.org/x/sync v0.10.0
golang.org/x/term v0.28.0
sigs.k8s.io/controller-runtime v0.19.3
)

require (
github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect
github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 // indirect
github.com/Masterminds/goutils v1.1.1 // indirect
github.com/Masterminds/semver v1.5.0 // indirect
github.com/Microsoft/hcsshim v0.12.3 // indirect
github.com/OneOfOne/xxhash v1.2.8 // indirect
github.com/agnivade/levenshtein v1.1.1 // indirect
github.com/agnivade/levenshtein v1.2.0 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/bytecodealliance/wasmtime-go/v3 v3.0.2 // indirect
github.com/cespare/xxhash/v2 v2.3.0 // indirect
github.com/containerd/log v0.1.0 // indirect
github.com/containerd/platforms v0.2.1 // indirect
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
github.com/docker/docker v24.0.7+incompatible // indirect
github.com/docker/docker-credential-helpers v0.7.0 // indirect
github.com/fatih/color v1.15.0 // indirect
github.com/docker/docker-credential-helpers v0.8.2 // indirect
github.com/fatih/color v1.18.0 // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/fsnotify/fsnotify v1.7.0 // indirect
github.com/fsnotify/fsnotify v1.8.0 // indirect
github.com/go-ini/ini v1.67.0 // indirect
github.com/go-logr/logr v1.4.1 // indirect
github.com/go-logr/logr v1.4.2 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/gobwas/glob v0.2.3 // indirect
github.com/google/flatbuffers v23.5.26+incompatible // indirect
github.com/google/subcommands v1.2.0 // indirect
github.com/google/uuid v1.6.0 // indirect
github.com/gorilla/mux v1.8.1 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect
github.com/huandu/xstrings v1.3.2 // indirect
github.com/imdario/mergo v0.3.13 // indirect
github.com/klauspost/compress v1.17.8 // indirect
github.com/huandu/xstrings v1.5.0 // indirect
github.com/imdario/mergo v0.3.16 // indirect
github.com/klauspost/compress v1.17.11 // indirect
github.com/kyokomi/emoji v2.2.4+incompatible // indirect
github.com/magiconair/properties v1.8.7 // indirect
github.com/magiconair/properties v1.8.9 // indirect
github.com/mattn/go-colorable v0.1.13 // indirect
github.com/mattn/go-isatty v0.0.20 // indirect
github.com/mattn/go-runewidth v0.0.15 // indirect
github.com/mattn/go-runewidth v0.0.16 // indirect
github.com/mitchellh/copystructure v1.2.0 // indirect
github.com/mitchellh/reflectwalk v1.0.2 // indirect
github.com/moby/locker v1.0.1 // indirect
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/olekukonko/tablewriter v0.0.5 // indirect
github.com/pelletier/go-toml/v2 v2.1.0 // indirect
github.com/pelletier/go-toml/v2 v2.2.3 // indirect
github.com/peterh/liner v1.2.2 // indirect
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
github.com/prometheus/client_golang v1.19.0 // indirect
github.com/prometheus/client_golang v1.20.5 // indirect
github.com/prometheus/client_model v0.6.1 // indirect
github.com/prometheus/common v0.53.0 // indirect
github.com/prometheus/procfs v0.14.0 // indirect
github.com/prometheus/common v0.61.0 // indirect
github.com/prometheus/procfs v0.15.1 // indirect
github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 // indirect
github.com/rivo/uniseg v0.4.4 // indirect
github.com/sagikazarmark/locafero v0.4.0 // indirect
github.com/rivo/uniseg v0.4.7 // indirect
github.com/sagikazarmark/locafero v0.6.0 // indirect
github.com/sagikazarmark/slog-shim v0.1.0 // indirect
github.com/sirupsen/logrus v1.9.3 // indirect
github.com/sourcegraph/conc v0.3.0 // indirect
github.com/spf13/afero v1.11.0 // indirect
github.com/spf13/cast v1.6.0 // indirect
github.com/spf13/cast v1.7.1 // indirect
github.com/spf13/pflag v1.0.5 // indirect
github.com/subosito/gotenv v1.6.0 // indirect
github.com/tchap/go-patricia/v2 v2.3.1 // indirect
github.com/tchap/go-patricia/v2 v2.3.2 // indirect
github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
github.com/yashtewari/glob-intersection v0.2.0 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.51.0 // indirect
go.opentelemetry.io/otel v1.26.0 // indirect
go.opentelemetry.io/otel/metric v1.26.0 // indirect
go.opentelemetry.io/otel/sdk v1.26.0 // indirect
go.opentelemetry.io/otel/trace v1.26.0 // indirect
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.59.0 // indirect
go.opentelemetry.io/otel v1.34.0 // indirect
go.opentelemetry.io/otel/metric v1.34.0 // indirect
go.opentelemetry.io/otel/sdk v1.34.0 // indirect
go.opentelemetry.io/otel/trace v1.34.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
golang.org/x/crypto v0.22.0 // indirect
golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect
golang.org/x/mod v0.17.0 // indirect
golang.org/x/net v0.24.0 // indirect
golang.org/x/sys v0.20.0 // indirect
golang.org/x/text v0.14.0 // indirect
golang.org/x/time v0.5.0 // indirect
golang.org/x/tools v0.20.0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291 // indirect
google.golang.org/grpc v1.64.0 // indirect
google.golang.org/protobuf v1.34.1 // indirect
golang.org/x/crypto v0.32.0 // indirect
golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67 // indirect
golang.org/x/mod v0.22.0 // indirect
golang.org/x/net v0.34.0 // indirect
golang.org/x/sys v0.29.0 // indirect
golang.org/x/text v0.21.0 // indirect
golang.org/x/time v0.9.0 // indirect
golang.org/x/tools v0.29.0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20250127172529-29210b9bc287 // indirect
google.golang.org/grpc v1.70.0 // indirect
google.golang.org/protobuf v1.36.4 // indirect
gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
gotest.tools/v3 v3.4.0 // indirect
gotest.tools/v3 v3.5.1 // indirect
oras.land/oras-go/v2 v2.5.0 // indirect
sigs.k8s.io/yaml v1.4.0 // indirect
)
Loading