frameworks
frameworks copied to clipboard
open-policy-agent
At present, we only record results that match a constraint match criteria: https://github.com/open-policy-agent/frameworks/blob/3f237e2710faee505189afd605cfe75ed89dd446/constraint/pkg/client/template_client.go#L135-L140 We can improve the debuggability of the system by A) indicating that a constraint doesn't match for...
#### overview At the moment, `AddConstraint`'s definition (docs) states: ``` // AddConstraint adds a Constraint to Driver for a particular Template. Future // calls to Query may reference the added...
With multi-engine support in (https://github.com/open-policy-agent/frameworks/pull/293), our e2e testing harness relies on creating a rego driver only. That is fine for testing the rego driver but we should use the `fake`...
Currently, Engine is responsible for returning an enforcement action. This was originally intended to allow for the possibility of dynamic enforcement actions, but that would be incompatible with the capabilities...
I found that packages, say `github.com/open-policy-agent/frameworks/constraint/pkg/client`, are placed in submodule `github.com/open-policy-agent/frameworks/constraint` instead of root module. However, it seems that submodule `github.com/open-policy-agent/frameworks/constraint` is not tagged. According to [Go Modules wiki](https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository), submodule...
Replacing `use-vap` annotation by `EnforceVAP` field on templates. Expected behavior: - `EnforceVAP` is not set, follow the `generateVAPDefault` behavior - `EnforceVAP` is set to `true`, use VAP for enforcement -...
Bumps the all group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [github/codeql-action](https://github.com/github/codeql-action), [ossf/scorecard-action](https://github.com/ossf/scorecard-action) and [actions/upload-artifact](https://github.com/actions/upload-artifact). Updates `actions/checkout` from 3.6.0 to 4.1.4 Release notes Sourced from actions/checkout's releases. v4.1.4 What's...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps the k8s group in /constraint with 3 updates: [k8s.io/api](https://github.com/kubernetes/api), [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) and [k8s.io/client-go](https://github.com/kubernetes/client-go). Updates `k8s.io/api` from 0.29.3 to 0.30.0 Commits fb932d2 Update dependencies to v0.30.0 tag d014286 Merge remote-tracking branch...
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.63.0 to 0.64.1. Release notes Sourced from github.com/open-policy-agent/opa's releases. v0.64.1 This is a bug fix release addressing the following issues: ci: Pin GitHub Actions macos runner version....
Instead of creating a new http.Client for each external data request, create it per provider and reuse it. Fixes https://github.com/open-policy-agent/frameworks/issues/423
