Highest Voted 'rego' Questions

2

votes

1 answer

Encountering error running the test for regos saying "rego_unsafe_var_error"

Getting error while running test for my rego files. Rego file : package authz import abc.def default can_tigger = false can_tigger = true{ needs_one_of := ["trigger_access_allowed"] access.allowed_for_triger(input.appId, input.user,…

asked Feb 02 '21 at 06:20

Sunny Jha

21
3

2

votes

1 answer

OPA Rego rule to check annotation in k8s namespace with other rules

I want to check if an annotation exist in a namespace, if not deny. I have this code but not working. How can I get the right object path ( namespace.annotation ) to compare to ? violation[{"msg": msg, "details": {}}] { …

kubernetes open-policy-agent rego

asked Sep 18 '20 at 16:05

mohbar

57
4
10

2

votes

1 answer

Rego rule to check for employee name in a list

I am new to rego code and writing a rule to check for employee names if they present in the approved employee list. If not, it should print out the employees who are not part of the list. Here is the input I am giving: { "valid_employee_names":…

open-policy-agent rego

asked Jul 30 '20 at 06:39

Navya

21
2

2

votes

1 answer

UTF-8 character support in Rego policies/rules

I am a newbie on OPA and Rego, evaluating OPA for one of my applications. My application support localization and multiple languages. One of them is Simple Chinese. When I tried to evaluate a simple Rego rule consisting of some simple Chinese…

open-policy-agent rego

asked Jul 10 '20 at 17:21

Kavish

21
1

2

votes

1 answer

Open policy agent define dynamic global variable

I was wondering if there's any way to prettify my code as it looks terribly inefficient and totally not DRY. What I'm trying to achieve is to pull a specific resource out of a list of resources (a resource named "aks" out of a terraform plan), and…

terraform open-policy-agent rego

asked Jun 14 '20 at 10:01

FitzChivalry

339
2
19

2

votes

2 answers

OPA unit-test failing, How to output response variable?

Newbie to OPA, I am writing OPA unit test case. test_valid_type { response = evaluate with input as valid_type response == "approved" } it's failing response == "approved". I want to see the output of response variable, how do i…

open-policy-agent rego

asked Jun 09 '20 at 06:11

prashant

2,808
5
26
41

1

vote

0 answers

Rego number of policies evaluated

I am trying to validate some policies using the /opa/rego package. The policies are evaluated as expected in this script. But, I also want to count the number of rules and the rule names evaluated as well. I tried accessing the count and rule name…

go opa rego

asked Aug 18 '23 at 14:43

santoshdts

33
6

1

vote

1 answer

Getting Error: undefined: rego.ReadFile while trying to read rego file

While I was trying to compile the code, getting below error. I have imported "github.com/open-policy-agent/opa/rego" but still getting the error. -bash-4.2$ go build main.go # command-line-arguments ./main.go:20:26: undefined:…

go rhel7 opa open-policy-agent rego

asked Jun 23 '23 at 10:23

van neilsen

547
8
21

1

vote

1 answer

How do I merge array of duplicated object with OPA Rego rule

I have written a OPA policy that creates the following output: [ { "permission": [ "module:get", "workflow:get", "ruletable:get" ], "resource": "folder-2" }, { …

opa open-policy-agent rego

asked Feb 21 '23 at 01:26

Swan2017

11
2

1

vote

1 answer

Rego - Combine Values of Case Sensitive Keys from json like abc, ABc to single lowercase key abc

I've below json as an input: { "data": { "abc": 123, "Abc": 345, "bcd": 789 } } I want the result like: { "data": { "abc": "123,345", "bcd": "789" } } i.e. case insensitive key and the values…

opa open-policy-agent rego

asked Nov 30 '22 at 13:52

Shivshankar Nagarsoge

13
5

1

vote

2 answers

OPA Rego - How to do tag or label matching

I have... List of tasks tagged with "must match" labels. User tagged with labels. Now I want to filter only the tasks that match all task-tags with user-tags(user may have extra tags). // rego-input: {" user":"user-1", …

opa open-policy-agent rego

asked Sep 16 '22 at 17:58

sriba

745
1
6
13

1

vote

1 answer

How to import different policies inside OPA rego policy?

I am working on writing new rego policies. I have few rules defined in single policy file which I want to break into sub policy and import it. Something like this: A.rego package com.example import com.example.B.evaluate default allow:= false allow…

opa open-policy-agent rego authzforce

asked Sep 08 '22 at 09:44

Ajay Kedare

120
1
7

1

vote

2 answers

OPA: Mask sensitive data

I want to mask the password in my Open Policy Agent (OPA) logs. This is my input data: { "decision_id":"71e99093-b980-4c67-bd0c-87fcc071571a", "input":{ "attributes":{ ..... , "request":{ "http":{ "body":"{\r\n …

mask opa open-policy-agent rego sensitive-data

asked Sep 06 '22 at 10:20

flo-ferox

158
1
8

1

vote

2 answers

rego check if item in list exists in item in another list

We have an undertermined list of items in a resource that need to be checked in case they are using one of the deprecated given paramenters. In gatekeeper, the constraint with the parameters looks like this: apiVersion:…

open-policy-agent rego

asked Sep 01 '22 at 09:04

carrotcakeslayer

809
2
9
33

1

vote

1 answer

Conftest Policy for Kubernetes manifests for checking that images come from a specific registry

I'm using conftest for validating policies on Kubernetes manifests. Below policy validates that images in StatefulSet manifests have to come from specific registry reg_url package main deny[msg] { input.kind == "StatefulSet" not…

kubernetes kubernetes-helm rego conftest

asked Aug 30 '22 at 10:34

rok

9,403
17
70
126

Questions tagged [rego]