Documentation
¶
Index ¶
- func BatchCompile(queue <-chan *policy.CompilationUnit, schemaMgr schema.Manager) error
- func Compile(unit *policy.CompilationUnit, schemaMgr schema.Manager) (rps *runtimev1.RunnablePolicySet, err error)
- func Condition(cond *policyv1.Condition) (*runtimev1.Condition, error)
- func MigrateCompiledPolicies(policies *runtimev1.RunnablePolicySet) error
- func ValidateIdentifier(identifier string) error
- type CELCompileError
- type Conf
- type Error
- type ErrorSet
- type Manager
- func (c *Manager) GetAll(ctx context.Context) ([]*runtimev1.RunnablePolicySet, error)
- func (c *Manager) GetAllMatching(ctx context.Context, modIDs []namer.ModuleID) ([]*runtimev1.RunnablePolicySet, error)
- func (c *Manager) GetFirstMatch(ctx context.Context, candidates []namer.ModuleID) (*runtimev1.RunnablePolicySet, error)
- func (c *Manager) GetPolicySet(ctx context.Context, modID namer.ModuleID) (*runtimev1.RunnablePolicySet, error)
- func (c *Manager) Source() *auditv1.PolicySource
- type PolicyCompilationErr
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BatchCompile ¶
func BatchCompile(queue <-chan *policy.CompilationUnit, schemaMgr schema.Manager) error
func Compile ¶
func Compile(unit *policy.CompilationUnit, schemaMgr schema.Manager) (rps *runtimev1.RunnablePolicySet, err error)
Compile compiles a single policy compilation unit into a runnable policy set. The schemaMgr parameter is optional - pass nil to skip schema validation, or provide a SchemaManager instance to enable validation against schema files.
func MigrateCompiledPolicies ¶ added in v0.30.0
func MigrateCompiledPolicies(policies *runtimev1.RunnablePolicySet) error
MigrateCompiledPolicies modifies a RunnablePolicySet compiled by a previous version of Cerbos to migrate it to the latest format.
func ValidateIdentifier ¶ added in v0.50.0
Types ¶
type CELCompileError ¶ added in v0.9.0
type CELCompileError struct {
// contains filtered or unexported fields
}
CELCompileError holds CEL compilation errors.
func (*CELCompileError) Error ¶ added in v0.9.0
func (cce *CELCompileError) Error() string
func (*CELCompileError) Unwrap ¶ added in v0.9.0
func (cce *CELCompileError) Unwrap() error
type Conf ¶ added in v0.14.0
type Conf struct {
// [DEPRECATED] CacheSize is the number of compiled policies to cache in memory.
CacheSize uint `yaml:"cacheSize" conf:",ignore"`
// [DEPRECATED] CacheDuration is the duration to cache an entry.
CacheDuration time.Duration `yaml:"cacheDuration" conf:",ignore"`
}
Conf is optional configuration for caches.
func (*Conf) SetDefaults ¶ added in v0.14.0
func (c *Conf) SetDefaults()
type Error ¶
type Error struct {
*runtimev1.CompileErrors_Err
}
Error describes an error encountered during compilation.
func (*Error) MarshalJSON ¶
type ErrorSet ¶ added in v0.34.0
type ErrorSet struct {
CompileErrors map[uint64]*runtimev1.CompileErrors_Err
}
func (*ErrorSet) Errors ¶ added in v0.34.0
func (e *ErrorSet) Errors() *runtimev1.CompileErrors
type Manager ¶
type Manager struct {
// contains filtered or unexported fields
}
func NewManager ¶
func (*Manager) GetAllMatching ¶ added in v0.41.0
func (*Manager) GetFirstMatch ¶ added in v0.29.0
func (*Manager) GetPolicySet ¶ added in v0.20.0
func (*Manager) Source ¶ added in v0.46.0
func (c *Manager) Source() *auditv1.PolicySource
type PolicyCompilationErr ¶ added in v0.9.0
type PolicyCompilationErr struct {
// contains filtered or unexported fields
}
func (PolicyCompilationErr) Error ¶ added in v0.9.0
func (pce PolicyCompilationErr) Error() string
func (PolicyCompilationErr) Is ¶ added in v0.27.0
func (pce PolicyCompilationErr) Is(target error) bool
func (PolicyCompilationErr) Unwrap ¶ added in v0.9.0
func (pce PolicyCompilationErr) Unwrap() error
Source Files
Click to show internal directories.
Click to hide internal directories.