eric/onix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implement Policy Enforcer Plugin

Browse Source 
- Added a new Policy Enforcer plugin to evaluate incoming messages against OPA policies.
- Configurable via YAML with options for policy sources, actions, and query.
- Integrated into existing configuration files for BAP and BPP.
- Updated related tests and documentation for the new functionality.
- Enhanced plugin manager to support Policy Enforcer instantiation.
This commit is contained in:
Ayush Rawat
2026-02-26 17:46:52 +05:30
parent fe541227b9
commit 3617c9b4a6
22 changed files with 1341 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
pkg/plugin/manager.go
View File

@@ -257,6 +257,23 @@ func (m *Manager) Step(ctx context.Context, cfg *Config) (definition.Step, error
return step, error
}
// PolicyEnforcer returns a PolicyEnforcer instance based on the provided configuration.
// It registers a cleanup function for resource management.
func (m *Manager) PolicyEnforcer(ctx context.Context, cfg *Config) (definition.PolicyEnforcer, error) {
pp, err := provider[definition.PolicyEnforcerProvider](m.plugins, cfg.ID)
if err != nil {
return nil, fmt.Errorf("failed to load provider for %s: %w", cfg.ID, err)
}
enforcer, closer, err := pp.New(ctx, cfg.Config)
if err != nil {
return nil, err
}
if closer != nil {
m.closers = append(m.closers, closer)
}
return enforcer, nil
}
// Cache returns a Cache instance based on the provided configuration.
// It registers a cleanup function for resource management.
func (m *Manager) Cache(ctx context.Context, cfg *Config) (definition.Cache, error) {