opal
opal copied to clipboard
permitio
OpenFGA Integration
Feature: Add OpenFGA Policy Store to OPAL
This PR addresses issue #661 by integrating OpenFGA Policy Store into OPAL.
/claim #661
Deploy Preview for opal-docs ready!
| Name | Link |
|---|---|
| Latest commit | d1421cc4c0b2ddb794bd744767eeabc4c81ab680 |
| Latest deploy log | https://app.netlify.com/sites/opal-docs/deploys/67a411b59c01f200080a96cc |
| Deploy Preview | https://deploy-preview-673--opal-docs.netlify.app |
| Preview on mobile | Toggle QR Code...Use your smartphone camera to open QR code link. |
To edit notification comments on pull requests, go to your Netlify site configuration.
![netlify[bot] avatar](https://avatars.githubusercontent.com/in/13473?v=4 "Published by a pub.dev verified publisher"){kind=small}
OpenFGA OPAL Integration Project Checklist
Week 1: Setup and Core Implementation
Days 1-2: Project Setup and Research
- [x] Set up development environment
- [x] Review OpenFGA documentation and API
- [x] Analyze OPAL's existing policy store implementations
Days 3-5: Core Implementation
- [x] Implement OpenFGA configuration in OPAL
- [x] Develop basic OpenFGA policy store interface
- [x] Begin implementation of auto-sync from git for OpenFGA models/policies
Week 2: Feature Completion and Demo Preparation
Days 1-3: Feature Implementation
- [x] Complete auto-sync from git for OpenFGA models/policies
- [x] Implement data fetching pattern and syncing from external data sources
- [x] Start working on Docker-compose examples
Days 4-5: Demo Preparation
- [x] Develop end-to-end demo with example ReBAC policies and mock data
- [ ] Finalize Docker-compose examples for single and multiple OpenFGA clients
- [x] Prepare demonstration environment
Key Milestones:
- End of Week 1: Basic OpenFGA policy store implementation
- End of Week 2: Working end-to-end demo
- End of Week 3: update later*
- End of Week 4: update later*
Updates ::
Integration into Opal has already begun but is currently on hold. I'm working on the components in isolation from Opal, using the OpenFGA SDK first. it's been interesting so far.
I've completed the isolation test and also simulated integration with OPAL in isolation. At some point, I had to mix the Python SDK with the raw API, but I'll likely find a fix for that later.
The test that involved missing the Python SDK and accessing via the raw API and stimulating opal integration was successful.
Going start core implementation asap
I've completed the isolation test and also simulated integration with OPAL in isolation. At some point, I had to mix the Python SDK with the raw API, but I'll likely find a fix for that later.
The test that involved missing the Python SDK and accessing via the raw API and stimulating opal integration was successful.
Going start core implementation asap
https://github.com/user-attachments/assets/f0fca7f7-683c-44cd-b7c1-7adb96c79ce6
@garnerp just push that to show what have been working on locally....
to show my current progress...
@daveads I bet you meant to tag me. Any updates on this?
oh oh... yea i meant to tag... lol
still on it... will give you an update on it soon
Based on my discussion with @gemanor, Decided to drop the use of openfga_sdk and use API calls instead, similar to the OPA implementation.
@gemanor Done with implementation and fixing bugs... Just need to get docker-compose to work properly
https://github.com/user-attachments/assets/e8c06938-46b2-4c4a-af80-93aec4cf7014