Merge remote-tracking branch 'origin/master' into feature/cedar

permitio · May 10, 2023 · 292f213 · 292f213
2 parents 36fa8d5 + c3daf00
commit 292f213
Show file tree

Hide file tree

Showing 27 changed files with 155 additions and 198 deletions.
diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml
@@ -61,6 +61,7 @@ jobs:
         uses: docker/build-push-action@v2
         with:
           file: docker/Dockerfile
+          platforms: linux/amd64,linux/arm64
           push: false
           target: client
           cache-from: type=registry,ref=permitio/opal-client:latest
@@ -76,6 +77,7 @@ jobs:
         uses: docker/build-push-action@v2
         with:
           file: docker/Dockerfile
+          platforms: linux/amd64,linux/arm64
           push: false
           target: client-standalone
           cache-from: type=registry,ref=permitio/opal-client-standalone:latest
@@ -91,6 +93,7 @@ jobs:
         uses: docker/build-push-action@v2
         with:
           file: docker/Dockerfile
+          platforms: linux/amd64,linux/arm64
           push: false
           target: server
           cache-from: type=registry,ref=permitio/opal-server:latest

diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml
@@ -10,5 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
-    - uses: actions/setup-python@v3
+    - uses: actions/setup-python@v4
+      with:
+        python-version: 3.x
     - uses: pre-commit/action@v3.0.0
diff --git a/Makefile b/Makefile
@@ -48,13 +48,13 @@ docker-build-client-standalone:
 	@docker build -t permitio/opal-client-standalone --target client-standalone -f docker/Dockerfile .
 
 docker-run-client:
-	@docker run -it -e "OPAL_SERVER_URL=$(OPAL_SERVER_URL)" -p 7000:7000 -p 8181:8181 permitio/opal-client
+	@docker run -it -e "OPAL_SERVER_URL=$(OPAL_SERVER_URL)" -p 7766:7000 -p 8181:8181 permitio/opal-client
 
 docker-run-client-standalone:
 	@docker run -it \
 		-e "OPAL_SERVER_URL=$(OPAL_SERVER_URL)" \
 		-e "OPAL_POLICY_STORE_URL=$(OPAL_POLICY_STORE_URL)" \
-		-p 7000:7000 \
+		-p 7766:7000 \
 		permitio/opal-client-standalone
 
 docker-build-server:

diff --git a/docker/docker-compose-api-policy-source-example.yml b/docker/docker-compose-api-policy-source-example.yml
@@ -37,7 +37,7 @@ services:
       # configures from where the opal client should initially fetch data (when it first goes up, after disconnection, etc).
       # the data sources represents from where the opal clients should get a "complete picture" of the data they need.
       # after the initial sources are fetched, the client will subscribe only to update notifications sent by the server.
-      - OPAL_DATA_CONFIG_SOURCES={"config":{"entries":[{"url":"http://host.docker.internal:7002/policy-data","topics":["policy_data"]}]}}
+      - OPAL_DATA_CONFIG_SOURCES={"config":{"entries":[{"url":"http://host.docker.internal:7002/policy-data","topics":["policy_data"],"dst_path":"/static"}]}}
       - OPAL_LOG_FORMAT_INCLUDE_PID=true
     ports:
       # exposes opal server on the host machine, you can access the server at: http://localhost:7002
@@ -53,8 +53,8 @@ services:
       - OPAL_LOG_FORMAT_INCLUDE_PID=true
       - OPAL_INLINE_OPA_LOG_FORMAT=http
     ports:
-      # exposes opal client on the host machine, you can access the client at: http://localhost:7000
-      - "7000:7000"
+      # exposes opal client on the host machine, you can access the client at: http://localhost:7766
+      - "7766:7000"
       # exposes the OPA agent (being run by OPAL) on the host machine
       # you can access the OPA api that you know and love at: http://localhost:8181
       # OPA api docs are at: https://www.openpolicyagent.org/docs/latest/rest-api/

diff --git a/docker/docker-compose-example.yml b/docker/docker-compose-example.yml
@@ -53,7 +53,7 @@ services:
     #  - opa_backup:/opal/backup:rw
 
     ports:
-      # exposes opal client on the host machine, you can access the client at: http://localhost:7000
+      # exposes opal client on the host machine, you can access the client at: http://localhost:7766
       - "7766:7000"
       # exposes the OPA agent (being run by OPAL) on the host machine
       # you can access the OPA api that you know and love at: http://localhost:8181

diff --git a/docker/docker-compose-git-webhook.yml b/docker/docker-compose-git-webhook.yml
@@ -49,7 +49,7 @@ services:
       - OPAL_LOG_FORMAT_INCLUDE_PID=true
       - OPAL_INLINE_OPA_LOG_FORMAT=http
     ports:
-      # exposes opal client on the host machine, you can access the client at: http://localhost:7000
+      # exposes opal client on the host machine, you can access the client at: http://localhost:7766
       - "7766:7000"
       # exposes the OPA agent (being run by OPAL) on the host machine
       # you can access the OPA api that you know and love at: http://localhost:8181

diff --git a/docker/docker-compose-scopes-example.yml b/docker/docker-compose-scopes-example.yml
@@ -34,7 +34,7 @@ services:
       - OPAL_INLINE_OPA_LOG_FORMAT=http
       - OPAL_SCOPE_ID=myscope
     ports:
-      # exposes opal client on the host machine, you can access the client at: http://localhost:7000
+      # exposes opal client on the host machine, you can access the client at: http://localhost:7766
       - "7766:7000"
       # exposes the OPA agent (being run by OPAL) on the host machine
       # you can access the OPA api that you know and love at: http://localhost:8181

diff --git a/docker/docker-compose-with-callbacks.yml b/docker/docker-compose-with-callbacks.yml
@@ -64,7 +64,7 @@ services:
       - OPAL_OPA_HEALTH_CHECK_POLICY_ENABLED=True
       # end of update callbacks config ---------------------------
     ports:
-      # exposes opal client on the host machine, you can access the client at: http://localhost:7000
+      # exposes opal client on the host machine, you can access the client at: http://localhost:7766
       - "7766:7000"
       # exposes the OPA agent (being run by OPAL) on the host machine
       # you can access the OPA api that you know and love at: http://localhost:8181

diff --git a/docker/docker-compose-with-kafka-example.yml b/docker/docker-compose-with-kafka-example.yml
@@ -87,8 +87,8 @@ services:
       - OPAL_LOG_FORMAT_INCLUDE_PID=true
       - OPAL_INLINE_OPA_LOG_FORMAT=http
     ports:
-      # exposes opal client on the host machine, you can access the client at: http://localhost:7000
-      - "7000:7000"
+      # exposes opal client on the host machine, you can access the client at: http://localhost:7766
+      - "7766:7000"
       # exposes the OPA agent (being run by OPAL) on the host machine
       # you can access the OPA api that you know and love at: http://localhost:8181
       # OPA api docs are at: https://www.openpolicyagent.org/docs/latest/rest-api/

diff --git a/docker/docker-compose-with-oauth-initial.yml b/docker/docker-compose-with-oauth-initial.yml
@@ -60,7 +60,7 @@ services:
       # Therefore, if the authz.rego file from the POLICY_REPO_URL exists, it will overwrite the initial authz.rego file.
       - ./docker_files/policy_test/authz.rego:/opal/authz.rego
     ports:
-      # exposes opal client on the host machine, you can access the client at: http://localhost:7000
+      # exposes opal client on the host machine, you can access the client at: http://localhost:7766
       - "7766:7000"
       # exposes the OPA agent (being run by OPAL) on the host machine
       # you can access the OPA api that you know and love at: http://localhost:8181

diff --git a/docker/docker-compose-with-rate-limiting.yml b/docker/docker-compose-with-rate-limiting.yml
@@ -51,7 +51,7 @@ services:
       # Turns on rate limiting in the client (without this flag the client won't respect the server's rate limiting)
       - OPAL_WAIT_ON_SERVER_LOAD=true
     ports:
-      # exposes opal client on the host machine, you can access the client at: http://localhost:7000
+      # exposes opal client on the host machine, you can access the client at: http://localhost:7003
       - "7003:7000"
       # exposes the OPA agent (being run by OPAL) on the host machine
       # you can access the OPA api that you know and love at: http://localhost:8181
@@ -72,7 +72,7 @@ services:
       # Turns on rate limiting in the client (without this flag the client won't respect the server's rate limiting)
       - OPAL_WAIT_ON_SERVER_LOAD=true
     ports:
-      # exposes opal client on the host machine, you can access the client at: http://localhost:7000
+      # exposes opal client on the host machine, you can access the client at: http://localhost:7004
       - "7004:7000"
       # exposes the OPA agent (being run by OPAL) on the host machine
       # you can access the OPA api that you know and love at: http://localhost:8181

diff --git a/docker/docker-compose-with-security.yml b/docker/docker-compose-with-security.yml
@@ -78,7 +78,7 @@ services:
       - OPAL_AUTH_JWT_AUDIENCE=https://api.opal.ac/v1/
       - OPAL_AUTH_JWT_ISSUER=https://opal.ac/
     ports:
-      # exposes opal client on the host machine, you can access the client at: http://localhost:7000
+      # exposes opal client on the host machine, you can access the client at: http://localhost:7766
       - "7766:7000"
       # exposes the OPA agent (being run by OPAL) on the host machine
       # you can access the OPA api that you know and love at: http://localhost:8181

diff --git a/docker/docker-compose-with-statistics.yml b/docker/docker-compose-with-statistics.yml
@@ -51,7 +51,7 @@ services:
       # turning on statistics reporting on the client side
       - OPAL_STATISTICS_ENABLED=true
     ports:
-      # exposes opal client on the host machine, you can access the client at: http://localhost:7000
+      # exposes opal client on the host machine, you can access the client at: http://localhost:7766
       - "7766:7000"
       # exposes the OPA agent (being run by OPAL) on the host machine
       # you can access the OPA api that you know and love at: http://localhost:8181