3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-03 08:50:42 +02:00
Code Issues Projects Releases Packages Wiki Activity

assets: use embed instead of statik (#1960)

Browse source 
* assets: use embed instead of statik

* remove empty line

* maybe fix precommit
This commit is contained in:
Caleb Doxsey 2021-03-03 18:56:55 -07:00 committed by GitHub
parent 92c3a4a56c
commit b6ec01f377
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
15 changed files with 78 additions and 125 deletions
Download patch file Download diff file Expand all files Collapse all files

2
authorize/evaluator/evaluator.go
View file

@ -38,7 +38,7 @@ func New(options *config.Options, store *Store) (*Evaluator, error) {
return nil, fmt.Errorf("authorize: couldn't create signer: %w", err)
}
authzPolicy, err := readPolicy("/authz.rego")
authzPolicy, err := readPolicy()
if err != nil {
return nil, fmt.Errorf("error loading rego policy: %w", err)
}

19
authorize/evaluator/functions.go
View file

@ -4,12 +4,10 @@ import (
"crypto/x509"
"encoding/pem"
"fmt"
"io/ioutil"
lru "github.com/hashicorp/golang-lru"
"github.com/rakyll/statik/fs"
_ "github.com/pomerium/pomerium/authorize/evaluator/opa/policy" // load static assets
"github.com/pomerium/pomerium/authorize/evaluator/opa"
"github.com/pomerium/pomerium/internal/log"
)
@ -67,17 +65,6 @@ func parseCertificate(pemStr string) (*x509.Certificate, error) {
return x509.ParseCertificate(block.Bytes)
}
const statikNamespace = "rego"
func readPolicy(fn string) ([]byte, error) {
statikFS, err := fs.NewWithNamespace(statikNamespace)
if err != nil {
return nil, err
}
r, err := statikFS.Open(fn)
if err != nil {
return nil, err
}
defer r.Close()
return ioutil.ReadAll(r)
func readPolicy() ([]byte, error) {
return opa.FS.ReadFile("policy/authz.rego")
}

7
authorize/evaluator/opa/opa.go
View file

@ -2,5 +2,8 @@
// decisions.
package opa
//go:generate go run github.com/rakyll/statik -m -src=./policy -include=*.rego -ns rego -p policy
//go:generate go fmt ./policy/statik.go
import "embed"
// FS is the filesystem for OPA files.
//go:embed policy
var FS embed.FS

14
authorize/evaluator/opa/policy/statik.go
View file

File diff suppressed because one or more lines are too long

2
authorize/evaluator/opa_test.go
View file

@ -35,7 +35,7 @@ func TestOPA(t *testing.T) {
require.NoError(t, err)
eval := func(policies []config.Policy, data []proto.Message, req *Request, isValidClientCertificate bool) rego.Result {
authzPolicy, err := readPolicy("/authz.rego")
authzPolicy, err := readPolicy()
require.NoError(t, err)
store := NewStoreFromProtos(data...)
store.UpdateIssuer("authenticate.example.com")