refactor local.driver (open-policy-agent#171)

export local.Driver set Externs for local.Driver within client.init move local.Driver PutModules and DeleteModules to private, deleted from drivers interface remove rego validation in client.CreateCRD Signed-off-by: Becky Huang <beckyhd@google.com>
becky-hd · Jan 10, 2022 · 9199320 · 9199320
1 parent 4a4a9a2
commit 9199320
Show file tree

Hide file tree

Showing 8 changed files with 87 additions and 158 deletions.
diff --git a/constraint/pkg/client/client.go b/constraint/pkg/client/client.go
@@ -251,9 +251,6 @@ func (c *Client) CreateCRD(templ *templates.ConstraintTemplate) (*apiextensions.
 	if err != nil {
 		return nil, err
 	}
-	if _, _, err = local.MapModules(templ, c.allowedDataFields); err != nil {
-		return nil, err
-	}
 	return artifacts.crd, nil
 }
 
@@ -277,9 +274,6 @@ func (c *Client) AddTemplate(templ *templates.ConstraintTemplate) (*types.Respon
 	c.mtx.Lock()
 	defer c.mtx.Unlock()
 
-	if d, ok := c.backend.driver.(interface{ AddExterns([]string) }); ok {
-		d.AddExterns(c.allowedDataFields)
-	}
 	if err = c.backend.driver.AddTemplate(templ); err != nil {
 		return resp, err
 	}
@@ -663,7 +657,15 @@ func (c *Client) init() error {
 				ErrCreatingClient, err, src)
 		}
 	}
-
+	if d, ok := c.backend.driver.(*local.Driver); ok {
+		var externs []string
+		for _, field := range c.allowedDataFields {
+			externs = append(externs, fmt.Sprintf("data.%s", field))
+		}
+		d.SetExterns(externs)
+	} else {
+		return fmt.Errorf("%w: driver %T is not supported", ErrCreatingClient, c.backend.driver)
+	}
 	return nil
 }
 

diff --git a/constraint/pkg/client/client_test.go b/constraint/pkg/client/client_test.go
@@ -1224,49 +1224,6 @@ violation[msg] {msg := "always"}`,
 			want:    nil,
 			wantErr: ErrInvalidConstraintTemplate,
 		},
-		{
-			name:    "no rego",
-			targets: []TargetHandler{&badHandler{Name: "handler", HasLib: true}},
-			template: &templates.ConstraintTemplate{
-				ObjectMeta: v1.ObjectMeta{Name: "foo"},
-				Spec: templates.ConstraintTemplateSpec{
-					CRD: templates.CRD{
-						Spec: templates.CRDSpec{
-							Names: templates.Names{
-								Kind: "Foo",
-							},
-						},
-					},
-					Targets: []templates.Target{{
-						Target: "handler",
-					}},
-				},
-			},
-			want:    nil,
-			wantErr: local.ErrInvalidConstraintTemplate,
-		},
-		{
-			name:    "empty rego package",
-			targets: []TargetHandler{&badHandler{Name: "handler", HasLib: true}},
-			template: &templates.ConstraintTemplate{
-				ObjectMeta: v1.ObjectMeta{Name: "foo"},
-				Spec: templates.ConstraintTemplateSpec{
-					CRD: templates.CRD{
-						Spec: templates.CRDSpec{
-							Names: templates.Names{
-								Kind: "Foo",
-							},
-						},
-					},
-					Targets: []templates.Target{{
-						Target: "handler",
-						Rego:   `package foo`,
-					}},
-				},
-			},
-			want:    nil,
-			wantErr: local.ErrInvalidConstraintTemplate,
-		},
 		{
 			name: "multiple targets",
 			targets: []TargetHandler{

diff --git a/constraint/pkg/client/drivers/interface.go b/constraint/pkg/client/drivers/interface.go
@@ -23,13 +23,7 @@ func Tracing(enabled bool) QueryOpt {
 type Driver interface {
 	Init() error
 	PutModule(name string, src string) error
-	// PutModules upserts a number of modules under a given prefix.
-	PutModules(namePrefix string, srcs []string) error
 
-	// DeleteModules deletes all modules under a given prefix and returns the
-	// count of modules deleted.  Deletion of non-existing prefix will
-	// result in 0, nil being returned.
-	DeleteModules(namePrefix string) (int, error)
 	// AddTemplate adds the template source code to OPA
 	AddTemplate(ct *templates.ConstraintTemplate) error
 	// RemoveTemplate removes the template source code from OPA

diff --git a/constraint/pkg/client/drivers/local/args.go b/constraint/pkg/client/drivers/local/args.go
@@ -8,10 +8,10 @@ import (
 	opatypes "github.com/open-policy-agent/opa/types"
 )
 
-type Arg func(*driver)
+type Arg func(*Driver)
 
 func Defaults() Arg {
-	return func(d *driver) {
+	return func(d *Driver) {
 		if d.compiler == nil {
 			d.compiler = ast.NewCompiler()
 		}
@@ -40,31 +40,31 @@ func Defaults() Arg {
 }
 
 func Tracing(enabled bool) Arg {
-	return func(d *driver) {
+	return func(d *Driver) {
 		d.traceEnabled = enabled
 	}
 }
 
 func Modules(modules map[string]*ast.Module) Arg {
-	return func(d *driver) {
+	return func(d *Driver) {
 		d.modules = modules
 	}
 }
 
 func Storage(s storage.Store) Arg {
-	return func(d *driver) {
+	return func(d *Driver) {
 		d.storage = s
 	}
 }
 
 func AddExternalDataProviderCache(providerCache *externaldata.ProviderCache) Arg {
-	return func(d *driver) {
+	return func(d *Driver) {
 		d.providerCache = providerCache
 	}
 }
 
 func DisableBuiltins(builtins ...string) Arg {
-	return func(d *driver) {
+	return func(d *Driver) {
 		if d.capabilities == nil {
 			d.capabilities = ast.CapabilitiesForThisVersion()
 		}