func setup(t *testing.T, filename string) *topdown.QueryParams { // policy compilation c := ast.NewCompiler() modules := map[string]*ast.Module{ "test": ast.MustParseModule(policy), } if c.Compile(modules); c.Failed() { t.Fatal("unexpected error:", c.Errors) } // storage setup store := storage.New(storage.Config{ Builtin: loadDataStore(filename), }) // parameter setup ctx := context.Background() request := ast.ObjectTerm(ast.Item(ast.StringTerm("pod"), ast.MustParseTerm(requestedPod))) path := ast.MustParseRef("data.opa.test.scheduler.fit") txn := storage.NewTransactionOrDie(ctx, store) params := topdown.NewQueryParams(ctx, c, store, txn, request.Value, path) return params }
func setupBenchmark(nodes int, pods int) *topdown.QueryParams { // policy compilation c := ast.NewCompiler() modules := map[string]*ast.Module{ "test": ast.MustParseModule(policy), } if c.Compile(modules); c.Failed() { panic(c.Errors) } // storage setup store := storage.New(storage.InMemoryConfig()) // parameter setup ctx := context.Background() request := ast.ObjectTerm(ast.Item(ast.StringTerm("pod"), ast.MustParseTerm(requestedPod))) path := ast.MustParseRef("data.opa.test.scheduler.fit") txn := storage.NewTransactionOrDie(ctx, store) params := topdown.NewQueryParams(ctx, c, store, txn, request.Value, path) // data setup setupNodes(ctx, store, txn, nodes) setupRCs(ctx, store, txn, 1) setupPods(ctx, store, txn, pods, nodes) return params }
func TestLoadDirRecursive(t *testing.T) { files := map[string]string{ "/a/data1.json": `[1,2,3]`, "/a/e.rego": `package q`, "/b/data2.yaml": `{"aaa": {"bbb": 1}}`, "/b/data3.yaml": `{"aaa": {"ccc": 2}}`, "/b/d/x.json": "null", "/b/d/e.rego": `package p`, "/b/d/ignore": `deadbeef`, "/foo": `{"zzz": "b"}`, } withTempFS(files, func(rootDir string) { loaded, err := loadAllPaths(mustListPaths(rootDir, false)[1:]) if err != nil { t.Fatalf("Unexpected error: %v", err) } expectedDocuments := parseJSON(` { "zzz": "b", "a": [1,2,3], "b": { "aaa": { "bbb": 1, "ccc": 2 }, "d": null } } `) if !reflect.DeepEqual(loaded.Documents, expectedDocuments) { t.Fatalf("Expected:\n%v\n\nGot:\n%v", expectedDocuments, loaded.Documents) } mod1 := ast.MustParseModule(files["/a/e.rego"]) mod2 := ast.MustParseModule(files["/b/d/e.rego"]) expectedMod1 := loaded.Modules[filepath.Join(rootDir, "/a/e.rego")].Parsed expectedMod2 := loaded.Modules[filepath.Join(rootDir, "/b/d/e.rego")].Parsed if !mod1.Equal(expectedMod1) { t.Fatalf("Expected:\n%v\n\nGot:\n%v", expectedMod1, mod1) } if !mod2.Equal(expectedMod2) { t.Fatalf("Expected:\n%v\n\nGot:\n%v", expectedMod2, mod2) } }) }
func newPolicy(id, s string) *policyV1 { compiler := ast.NewCompiler() parsed := ast.MustParseModule(s) if compiler.Compile(map[string]*ast.Module{"": parsed}); compiler.Failed() { panic(compiler.Errors) } mod := compiler.Modules[""] return &policyV1{ID: id, Module: mod} }
func (f *fixture) compile1(m string) *ast.Module { mods := f.policyStore.List() mod := ast.MustParseModule(m) mods[""] = mod c := ast.NewCompiler() if c.Compile(mods); c.Failed() { panic(c.Errors) } return c.Modules[""] }
func TestEvalData(t *testing.T) { ctx := context.Background() store := newTestStore() var buffer bytes.Buffer repl := newRepl(store, &buffer) testmod := ast.MustParseModule(`package ex p = [1,2,3]`) if err := storage.InsertPolicy(ctx, store, "test", testmod, nil, false); err != nil { panic(err) } repl.OneShot(ctx, "data") expected := parseJSON(` { "a": [ { "b": { "c": [ true, 2, false ] } }, { "b": { "c": [ false, true, 1 ] } } ], "ex": { "p": [ 1, 2, 3 ] } }`) result := parseJSON(buffer.String()) // Strip REPL documents out as these change depending on build settings. data := result.(map[string]interface{}) delete(data, "repl") if !reflect.DeepEqual(result, expected) { t.Fatalf("Expected:\n%v\n\nGot:\n%v", expected, result) } }
func explainQuery(data string, module string) ([]*topdown.Event, []*topdown.Event, error) { compiler := ast.NewCompiler() mods := map[string]*ast.Module{"": ast.MustParseModule(module)} if compiler.Compile(mods); compiler.Failed() { panic(compiler.Errors) } buf := topdown.NewBufferTracer() executeQuery(data, compiler, buf) answer, err := Truth(compiler, *buf) return answer, *buf, err }
func TestLoadRego(t *testing.T) { files := map[string]string{ "/foo.rego": `package ex p :- true`, } withTempFS(files, func(rootDir string) { moduleFile := filepath.Join(rootDir, "foo.rego") loaded, err := loadAllPaths([]string{moduleFile}) if err != nil { t.Fatalf("Unexpected error: %v", err) } expected := ast.MustParseModule(files["/foo.rego"]) if !expected.Equal(loaded.Modules[moduleFile].Parsed) { t.Fatalf("Expected:\n%v\n\nGot:\n%v", expected, loaded.Modules[moduleFile]) } }) }
func TestPolicyStoreDefaultOpen(t *testing.T) { dir, err := ioutil.TempDir("", "policyDir") if err != nil { panic(err) } defer os.RemoveAll(dir) filename := filepath.Join(dir, "testMod1") err = ioutil.WriteFile(filename, []byte(testMod1), 0644) if err != nil { panic(err) } policyStore := newPolicyStore(dir) err = policyStore.Open(invalidTXN, loadPolicies) if err != nil { t.Errorf("Unexpected error on Open(): %v", err) return } c := ast.NewCompiler() mod := ast.MustParseModule(testMod1) if c.Compile(map[string]*ast.Module{"testMod1": mod}); c.Failed() { panic(c.Errors) } stored, err := policyStore.Get("testMod1") if err != nil { t.Errorf("Unexpected error on Get(): %v", err) return } if !mod.Equal(stored) { t.Fatalf("Expected %v from policy store but got: %v", mod, stored) } }
func defaultModule() *ast.Module { module := ` package {{.ModuleID}} version = { "Version": "{{.Version}}", "BuildCommit": "{{.BuildCommit}}", "BuildTimestamp": "{{.BuildTimestamp}}", "BuildHostname": "{{.BuildHostname}}" } ` tmpl, err := template.New("").Parse(module) if err != nil { panic(err) } var buf bytes.Buffer err = tmpl.Execute(&buf, struct { ModuleID string Version string BuildCommit string BuildTimestamp string BuildHostname string }{ ModuleID: defaultREPLModuleID, Version: version.Version, BuildCommit: version.Vcs, BuildTimestamp: version.Timestamp, BuildHostname: version.Hostname, }) if err != nil { panic(err) } return ast.MustParseModule(buf.String()) }
func TestInit(t *testing.T) { ctx := context.Background() tmp1, err := ioutil.TempFile("", "docFile") if err != nil { panic(err) } defer os.Remove(tmp1.Name()) doc1 := `{"foo": "bar", "x": {"y": {"z": [1]}}}` if _, err := tmp1.Write([]byte(doc1)); err != nil { panic(err) } if err := tmp1.Close(); err != nil { panic(err) } tmp2, err := ioutil.TempFile("", "policyFile") if err != nil { panic(err) } defer os.Remove(tmp2.Name()) mod1 := ` package a.b.c import data.foo p = true :- foo = "bar" p = true :- 1 = 2 ` if _, err := tmp2.Write([]byte(mod1)); err != nil { panic(err) } if err := tmp2.Close(); err != nil { panic(err) } tmp3, err := ioutil.TempDir("", "policyDir") if err != nil { panic(err) } defer os.RemoveAll(tmp3) tmp4 := filepath.Join(tmp3, "existingPolicy") err = ioutil.WriteFile(tmp4, []byte(` package a.b.c q = true :- false `), 0644) if err != nil { panic(err) } rt := Runtime{} err = rt.init(ctx, &Params{ Paths: []string{tmp1.Name(), tmp2.Name()}, PolicyDir: tmp3, }) if err != nil { t.Errorf("Unexpected error: %v", err) return } txn := storage.NewTransactionOrDie(ctx, rt.Store) node, err := rt.Store.Read(ctx, txn, storage.MustParsePath("/foo")) if util.Compare(node, "bar") != 0 || err != nil { t.Errorf("Expected %v but got %v (err: %v)", "bar", node, err) return } modules := rt.Store.ListPolicies(txn) expected := ast.MustParseModule(mod1) if !expected.Equal(modules[tmp2.Name()]) { t.Fatalf("Expected %v but got: %v", expected, modules[tmp2.Name()]) } }
func TestComplete(t *testing.T) { store := newTestStore() ctx := context.Background() mod1 := ast.MustParseModule(`package a.b.c p = 1 q = 2`) mod2 := ast.MustParseModule(`package a.b.d r = 3`) if err := storage.InsertPolicy(ctx, store, "mod1", mod1, nil, false); err != nil { panic(err) } if err := storage.InsertPolicy(ctx, store, "mod2", mod2, nil, false); err != nil { panic(err) } var buf bytes.Buffer repl := newRepl(store, &buf) repl.OneShot(ctx, "s = 4") buf.Reset() result := repl.complete("") expected := []string{ "data.a.b.c.p", "data.a.b.c.q", "data.a.b.d.r", "data.repl.s", "data.repl.version", } sort.Strings(result) sort.Strings(expected) if !reflect.DeepEqual(result, expected) { t.Fatalf("Expected %v but got: %v", expected, result) } result = repl.complete("data.a.b") expected = []string{ "data.a.b.c.p", "data.a.b.c.q", "data.a.b.d.r", } sort.Strings(result) sort.Strings(expected) if !reflect.DeepEqual(result, expected) { t.Fatalf("Expected %v but got: %v", expected, result) } result = repl.complete("data.a.b.c.p[x]") expected = nil if !reflect.DeepEqual(result, expected) { t.Fatalf("Expected %v but got: %v", expected, result) } repl.OneShot(ctx, "import data.a.b.c.p as xyz") repl.OneShot(ctx, "import data.a.b.d") result = repl.complete("x") expected = []string{ "xyz", } if !reflect.DeepEqual(result, expected) { t.Fatalf("Expected %v but got: %v", expected, result) } }