eric/onix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor Policy Enforcer to Policy Checker

Browse Source 
- Renamed the `PolicyEnforcer` interface and related implementations to `PolicyChecker` for clarity and consistency.
- Updated configuration keys in YAML files to reflect the new `checkPolicy` terminology.
- Adjusted related code, tests, and documentation to support the new naming convention and ensure compatibility.
- Enhanced comments and examples for the `checkPolicy` configuration to improve usability.
This commit is contained in:
Ayush Rawat
2026-03-23 04:08:13 +05:30
parent ff4d909b7e
commit 80e7b299f1
29 changed files with 2239 additions and 1229 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
config/local-beckn-one-bap.yaml
View File

@@ -86,20 +86,17 @@ modules:
id: router
config:
routingConfig: ./config/local-beckn-one-routing-BAPReceiver.yaml
policyEnforcer:
id: policyenforcer
checkPolicy:
id: opapolicychecker
config:
# policyPaths: polymorphic, auto-detects each entry as URL, directory, or file
# Examples:
# policyPaths: "./policies" # local directory
# policyPaths: "https://example.com/compliance.rego" # remote URL
# policyPaths: "./policies/compliance.rego" # local file
# For multiple sources, use YAML folded scalar (>-):
# policyPaths: >-
# https://example.com/compliance.rego,
# https://example.com/safety.rego,
# ./policies
policyPaths: "./policies"
# Policy source configuration.
# type: url | file | dir | bundle
# location: path or URL to policy source
# query: OPA query path to evaluate (required)
type: file
location: ./pkg/plugin/implementation/opapolicychecker/testdata/example.rego
query: "data.policy.result"
refreshIntervalSeconds: "300"
middleware:
- id: reqpreprocessor
config:
@@ -107,7 +104,7 @@ modules:
role: bap
steps:
- validateSign
- policyEnforcer
- checkPolicy
- addRoute
- validateSchema
@@ -166,12 +163,15 @@ modules:
config:
contextKeys: transaction_id,message_id
role: bap
policyEnforcer:
id: policyenforcer
checkPolicy:
id: opapolicychecker
config:
policyPaths: "./policies"
type: file
location: ./pkg/plugin/implementation/opapolicychecker/testdata/example.rego
query: "data.policy.result"
refreshIntervalSeconds: "300"
steps:
- policyEnforcer
- checkPolicy
- addRoute
- sign
- validateSchema

36
config/local-beckn-one-bpp.yaml
View File

@@ -84,23 +84,20 @@ modules:
id: router
config:
routingConfig: ./config/local-beckn-one-routing-BPPReceiver.yaml
policyEnforcer:
id: policyenforcer
checkPolicy:
id: opapolicychecker
config:
# policyPaths: polymorphic, auto-detects each entry as URL, directory, or file
# Examples:
# policyPaths: "./policies" # local directory
# policyPaths: "https://example.com/compliance.rego" # remote URL
# policyPaths: "./policies/compliance.rego" # local file
# For multiple sources, use YAML folded scalar (>-):
# policyPaths: >-
# https://example.com/compliance.rego,
# https://example.com/safety.rego,
# ./policies
policyPaths: "./policies"
# Policy source configuration.
# type: url | file | dir | bundle
# location: path or URL to policy source
# query: OPA query path to evaluate (required)
type: file
location: ./pkg/plugin/implementation/opapolicychecker/testdata/example.rego
query: "data.policy.result"
refreshIntervalSeconds: "300"
steps:
- validateSign
- policyEnforcer
- checkPolicy
- addRoute
- validateSchema
@@ -159,12 +156,15 @@ modules:
config:
contextKeys: transaction_id,message_id
role: bpp
policyEnforcer:
id: policyenforcer
checkPolicy:
id: opapolicychecker
config:
policyPaths: "./policies"
type: file
location: ./pkg/plugin/implementation/opapolicychecker/testdata/example.rego
query: "data.policy.result"
refreshIntervalSeconds: "300"
steps:
- policyEnforcer
- checkPolicy
- addRoute
- sign
- validateSchema

22
config/local-simple.yaml
View File

@@ -66,10 +66,13 @@ modules:
id: router
config:
routingConfig: ./config/local-simple-routing.yaml
policyEnforcer:
id: policyenforcer
checkPolicy:
id: opapolicychecker
config:
policyPaths: "./policies"
type: file
location: ./pkg/plugin/implementation/opapolicychecker/testdata/example.rego
query: "data.policy.result"
refreshIntervalSeconds: "300"
middleware:
- id: reqpreprocessor
config:
@@ -77,7 +80,7 @@ modules:
role: bap
steps:
- validateSign
- policyEnforcer
- checkPolicy
- addRoute
- name: bapTxnCaller
@@ -167,13 +170,16 @@ modules:
id: router
config:
routingConfig: ./config/local-simple-routing-BPPReceiver.yaml
policyEnforcer:
id: policyenforcer
checkPolicy:
id: opapolicychecker
config:
policyPaths: "./policies"
type: file
location: ./pkg/plugin/implementation/opapolicychecker/testdata/example.rego
query: "data.policy.result"
refreshIntervalSeconds: "300"
steps:
- validateSign
- policyEnforcer
- checkPolicy
- addRoute
- name: bppTxnCaller

58
config/onix/adapter.yaml
View File

@@ -48,20 +48,17 @@ modules:
id: schemavalidator
config:
schemaDir: /mnt/gcs/configs/schemas
policyEnforcer:
id: policyenforcer
checkPolicy:
id: opapolicychecker
config:
# policyPaths: polymorphic, auto-detects each entry as URL, directory, or file
# Examples:
# policyPaths: "./policies" # local directory
# policyPaths: "https://example.com/compliance.rego" # remote URL
# policyPaths: "./policies/compliance.rego" # local file
# For multiple sources, use YAML folded scalar (>-):
# policyPaths: >-
# https://example.com/compliance.rego,
# https://example.com/safety.rego,
# ./policies
policyPaths: "./policies"
# Policy source configuration.
# type: url | file | dir | bundle
# location: path or URL to policy source
# query: OPA query path to evaluate (required)
type: file
location: ./pkg/plugin/implementation/opapolicychecker/testdata/example.rego
query: "data.policy.result"
refreshIntervalSeconds: "300"
signValidator:
id: signvalidator
publisher:
@@ -80,7 +77,7 @@ modules:
role: bap
steps:
- validateSign
- policyEnforcer
- checkPolicy
- addRoute
- validateSchema
- name: bapTxnCaller
@@ -113,10 +110,13 @@ modules:
id: schemavalidator
config:
schemaDir: /mnt/gcs/configs/schemas
policyEnforcer:
id: policyenforcer
checkPolicy:
id: opapolicychecker
config:
policyPaths: "./policies"
type: file
location: ./pkg/plugin/implementation/opapolicychecker/testdata/example.rego
query: "data.policy.result"
refreshIntervalSeconds: "300"
signer:
id: signer
publisher:
@@ -135,7 +135,7 @@ modules:
role: bap
steps:
- validateSchema
- policyEnforcer
- checkPolicy
- addRoute
- sign
- name: bppTxnReciever
@@ -169,10 +169,13 @@ modules:
id: schemavalidator
config:
schemaDir: /mnt/gcs/configs/schemas
policyEnforcer:
id: policyenforcer
checkPolicy:
id: opapolicychecker
config:
policyPaths: "./policies"
type: file
location: ./pkg/plugin/implementation/opapolicychecker/testdata/example.rego
query: "data.policy.result"
refreshIntervalSeconds: "300"
signValidator:
id: signvalidator
publisher:
@@ -191,7 +194,7 @@ modules:
role: bpp
steps:
- validateSign
- policyEnforcer
- checkPolicy
- addRoute
- validateSchema
- name: bppTxnCaller
@@ -224,10 +227,13 @@ modules:
id: schemavalidator
config:
schemaDir: /mnt/gcs/configs/schemas
policyEnforcer:
id: policyenforcer
checkPolicy:
id: opapolicychecker
config:
policyPaths: "./policies"
type: file
location: ./pkg/plugin/implementation/opapolicychecker/testdata/example.rego
query: "data.policy.result"
refreshIntervalSeconds: "300"
signer:
id: signer
publisher:
@@ -246,6 +252,6 @@ modules:
role: bpp
steps:
- validateSchema
- policyEnforcer
- checkPolicy
- addRoute
- sign