Example 1 with PolicyEngineRules
use of com.walmartlabs.concord.policyengine.PolicyEngineRules in project concord by walmartlabs.
the class RunnerJob method from.
@SuppressWarnings("unchecked")
public static RunnerJob from(RunnerJobExecutorConfiguration runnerExecutorCfg, JobRequest jobRequest, ProcessLogFactory processLogFactory) throws ExecutionException, IOException {
Map<String, Object> cfg = Collections.emptyMap();
Path payloadDir = jobRequest.getPayloadDir();
Path p = payloadDir.resolve(Constants.Files.CONFIGURATION_FILE_NAME);
if (Files.exists(p)) {
try (InputStream in = Files.newInputStream(p)) {
cfg = new ObjectMapper().readValue(in, Map.class);
} catch (IOException e) {
throw new ExecutionException("Error while reading process configuration", e);
}
}
RunnerConfiguration runnerCfg = createRunnerConfiguration(runnerExecutorCfg, cfg);
RunnerLog log;
try {
log = new RunnerLog(processLogFactory.createRedirectedLog(jobRequest.getInstanceId(), runnerExecutorCfg.segmentedLogs()), processLogFactory.createRemoteLog(jobRequest.getInstanceId()));
} catch (IOException e) {
throw new ExecutionException("Error while creating the runner's log: " + e.getMessage(), e);
}
Path policyFile = payloadDir.resolve(Constants.Files.CONCORD_SYSTEM_DIR_NAME).resolve(Constants.Files.POLICY_FILE_NAME);
PolicyEngine policyEngine = null;
if (Files.exists(policyFile)) {
PolicyEngineRules rules = createObjectMapper().readValue(policyFile.toFile(), PolicyEngineRules.class);
if (rules != null) {
policyEngine = new PolicyEngine(rules);
}
}
return new RunnerJob(jobRequest.getInstanceId(), payloadDir, cfg, runnerCfg, log, policyEngine);
}
Also used :
Path(java.nio.file.Path)
InputStream(java.io.InputStream)
PolicyEngine(com.walmartlabs.concord.policyengine.PolicyEngine)
IOException(java.io.IOException)
PolicyEngineRules(com.walmartlabs.concord.policyengine.PolicyEngineRules)
ExecutionException(com.walmartlabs.concord.agent.ExecutionException)
Map(java.util.Map)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
Example 2 with PolicyEngineRules
use of com.walmartlabs.concord.policyengine.PolicyEngineRules in project concord by walmartlabs.
the class PolicyCacheTest method allowNullValues.
@Test
public void allowNullValues() {
PolicyCache.Dao dao = mock(PolicyCache.Dao.class);
PolicyCache pc = new PolicyCache(TestObjectMapper.INSTANCE, new PolicyCacheConfiguration(), dao);
// ---
Map<String, Object> ruleParams = new HashMap<>();
ruleParams.put("nullValue", null);
ruleParams.put("nullValue2", null);
Map<String, Object> conditions = Collections.singletonMap("entity", ImmutableMap.of("params", ruleParams));
Map<String, Object> denyEntityRule = new HashMap<>();
denyEntityRule.put("msg", "test message");
denyEntityRule.put("action", "create");
denyEntityRule.put("entity", "trigger");
denyEntityRule.put("conditions", conditions);
Map<String, Object> rules = new HashMap<>();
rules.put("entity", Collections.singletonMap("deny", Collections.singletonList(denyEntityRule)));
List<PolicyCache.PolicyRules> policies = Collections.singletonList(PolicyCache.PolicyRules.builder().id(UUID.randomUUID()).name("test").rules(rules).build());
// ---
Map<UUID, PolicyCache.Policy> merged = pc.mergePolicies(policies);
assertEquals(1, merged.size());
PolicyEngineRules actualRules = merged.values().iterator().next().rules();
assertEquals(1, actualRules.getEntityRules().getDeny().size());
EntityRule actualRule = actualRules.getEntityRules().getDeny().get(0);
assertEquals(conditions, actualRule.getConditions());
}
Also used :
PolicyCacheConfiguration(com.walmartlabs.concord.server.cfg.PolicyCacheConfiguration)
EntityRule(com.walmartlabs.concord.policyengine.EntityRule)
PolicyEngineRules(com.walmartlabs.concord.policyengine.PolicyEngineRules)
Test(org.junit.jupiter.api.Test)
Example 3 with PolicyEngineRules
use of com.walmartlabs.concord.policyengine.PolicyEngineRules in project concord by walmartlabs.
the class ConfigurationProcessorTest method testAllCfg.
@Test
public void testAllCfg() throws Exception {
Path workDir = Files.createTempDirectory("testAllCfg_workDir");
UUID instanceId = UUID.randomUUID();
UUID orgId = UUID.randomUUID();
UUID prjId = UUID.randomUUID();
Map<String, Object> req = new HashMap<>();
req.put("a", "a-req");
req.put("req", "req-value");
Map<String, Object> orgCfg = new HashMap<>();
orgCfg.put("a", "a-org");
orgCfg.put("org", "org-value");
Map<String, Object> prjCfg = new HashMap<>();
prjCfg.put("a", "a-prj");
prjCfg.put("project", "prj-value");
ProjectEntry projectEntry = new ProjectEntry(prjId, null, null, null, null, null, prjCfg, null, null, null, null, null, null);
Map<String, Object> processCfgPolicy = new HashMap<>();
processCfgPolicy.put("a", "a-process-cfg-policy");
processCfgPolicy.put("process-cfg-policy", "process-cfg-policy-value");
Map<String, Object> defaultProcessCfgPolicy = new HashMap<>();
defaultProcessCfgPolicy.put("a", "default");
defaultProcessCfgPolicy.put("process-cfg-policy", "default-2");
PolicyEngineRules policy = new PolicyEngineRules(null, null, null, null, null, null, null, null, processCfgPolicy, null, defaultProcessCfgPolicy, null, null, null, null);
// ---
when(orgDao.getConfiguration(eq(orgId))).thenReturn(orgCfg);
when(projectDao.get(eq(prjId))).thenReturn(projectEntry);
Payload payload = new Payload(new ProcessKey(instanceId, OffsetDateTime.now()));
payload = payload.putHeader(Payload.CONFIGURATION, req).putHeader(Payload.ORGANIZATION_ID, orgId).putHeader(Payload.PROJECT_ID, prjId).putHeader(Payload.WORKSPACE_DIR, workDir).putHeader(Payload.POLICY, new PolicyEngine("test", policy));
// ---
Map<String, Object> expected = new HashMap<>();
expected.put("activeProfiles", Collections.singletonList("default"));
// orgCfg < prjCfg < req < org-policy < prj-policy
expected.put("a", "a-process-cfg-policy");
expected.put("org", "org-value");
expected.put("project", "prj-value");
expected.put("req", "req-value");
expected.put("process-cfg-policy", "process-cfg-policy-value");
Map<String, Object> result = process(payload);
// don't care about arguments and other stuff here
result.remove(Constants.Request.ARGUMENTS_KEY);
result.remove(Constants.Request.PROCESS_INFO_KEY);
result.remove(Constants.Request.PROJECT_INFO_KEY);
assertEquals(expected, result);
}
Also used :
Path(java.nio.file.Path)
ProjectEntry(com.walmartlabs.concord.server.org.project.ProjectEntry)
PolicyEngineRules(com.walmartlabs.concord.policyengine.PolicyEngineRules)
HashMap(java.util.HashMap)
PolicyEngine(com.walmartlabs.concord.policyengine.PolicyEngine)
Payload(com.walmartlabs.concord.server.process.Payload)
ProcessKey(com.walmartlabs.concord.server.sdk.ProcessKey)
UUID(java.util.UUID)
Test(org.junit.jupiter.api.Test)
Aggregations
PolicyEngineRules (com.walmartlabs.concord.policyengine.PolicyEngineRules)3
PolicyEngine (com.walmartlabs.concord.policyengine.PolicyEngine)2
Path (java.nio.file.Path)2
Test (org.junit.jupiter.api.Test)2
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1
ExecutionException (com.walmartlabs.concord.agent.ExecutionException)1
EntityRule (com.walmartlabs.concord.policyengine.EntityRule)1
PolicyCacheConfiguration (com.walmartlabs.concord.server.cfg.PolicyCacheConfiguration)1
ProjectEntry (com.walmartlabs.concord.server.org.project.ProjectEntry)1
Payload (com.walmartlabs.concord.server.process.Payload)1
ProcessKey (com.walmartlabs.concord.server.sdk.ProcessKey)1
IOException (java.io.IOException)1
InputStream (java.io.InputStream)1
HashMap (java.util.HashMap)1
Map (java.util.Map)1
UUID (java.util.UUID)1
