New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Challenges in trying to use the NPM OPA module with Typescript #36
Comments
In the same context, I have wrapped all these operations and am using it like this: import opa from "@open-policy-agent/opa-wasm";
import { readFileSync } from 'fs';
const { loadPolicy } = opa;
let policy;
export const initPolicy = async function(filePath:string) {
const policyWasm = readFileSync(filePath);
policy = await loadPolicy(policyWasm);
return policy;
};
export const loadData = function(data:any) {
try {
policy.setData(data);
} catch (err) {
console.error("Failed to load policy: " + err);
}
};
export const evaluatePolicyJSON = function(input) {
try {
const inputRules = JSON.stringify(input);
console.log('Evaluating policy::', inputRules);
const result = policy.evaluate(inputRules);
console.log('Result::', result);
return result;
} catch (err) {
console.error('Error in evaluating policy::', err);
}
};
export const evaluatePolicy = function(context, operation, resourcePath, resourceID) {
const decision = evaluatePolicyJSON({
context: context,
operation: operation,
resourcePath: resourcePath,
resourceID: resourceID
});
return decision;
}; |
Thanks again for opening this detailed issue. It's much appreciated, I'd love to know more about everyone's stumbling blocks when adopting OPA's WASM. On your notes, yes, we need an npm release, and I suppose we'd better automate that process, as laid out in #31. Data introspectionYeah there's currently no way to use given primitives to look at the data. However, what you can do is define another entrypoint:
you would then be able to select an entrypoint for evaluate. The "empty" entrypoint corresponds to a query for all of
However, it doesn't look like multiple entrypoints were currently supported. I'll get another issue ready for that. Non-boolean resultsAs shown in the example above, too, this is supported. How did you build the WASM module? |
@srenatus Thanks for the elaborate answer. This is how I built the WASM module taking inspiration from the repo.
I have a monorepo and I am using multiple NOTE: The Did not know that multiple entrypoints like that would give me data, but I did try defining something like But the interesting thing is that, even when I did assign a normal string like Thanks. |
That's the thing, you can query for anything; and in WASM, entrypoints are how you define queries. But you cannot have a rule that does that, since that's recursion. Given that you've declared the entrypoint Could you provide an example of a complete policy document where the playground answer differs form the WASM answer? It might help understanding the issue. |
@srenatus Ahh. Now I understand what you are saying. I feel stupid 😂 Let me try it out changing the entrypoint. Sorry, just starting off with OPA and I am pretty much a noob to this.
I guess the entypoint problem you pointed out might be the cause for this. Will debug this and get back. |
Oh no need to feel stupid. It's a lot to take in, OPA, and its (experimental) WASM stuff. 😃 |
UPDATE: @srenatus As you rightly said, changing the entrypoint did work. Able to evaluate and get the results properly which means that point 4 is invalid. And since I am able to evaluate now, I have verified that the data is successfully loaded by trying out different test cases. The output is consistent as per VSCode and playground. Thanks. |
With the release done and the issues spun off of this one, I think this can be closed. Please re-open if you think otherwise 😃 |
Hi. I have been trying to use this module with Node and Typescript with WASM but have been facing quite a few challenges. Thought of adding all of it in this issue.
I initially tried installing the package from NPM and the examples did not work since the package was last published 1 year ago and there has been some breaking changes since then. For instance,
load_policy
has becomeloadPolicy
and so on. Currently, downloaded this repo and working with it. I guess it is tracked by #31This module is based on
commonjs
and considering ES Modules is the standard, providing support for that would be great. Currently, working withesModuleInterop
and importing like this:While using this, I wanted to check whether the data has actually been loaded when I do
setData
but this module currently does not expose any API for getting the data which is loaded. I wanted to know the structure of the data loaded and also confirm that the data is available but all I am able to get back now if I doconsole.log(policy)
is this from which I am not sure how to infer:I am not sure if I am doing something wrong here, but when I do
evaluate
the response I get is just one of these:[ { result: true } ]
or
[ { result: false } ]
which is inconsistent with the results I am getting in the Playground or VSCode extension for the same rego files, data and input.
For instance, my output in playground looked something like this:
Also, while OPA WASM supports non-boolean results now as per this: open-policy-agent/opa#1118 I am not sure if this module does support it.
Thanks.
CC: @tsandall @patrick-east
The text was updated successfully, but these errors were encountered: