opensourcemirror
/
concourse
mirror of https://github.com/concourse/concourse.git
1
0
Fork 0
Code Issues Releases Wiki Activity

addressed review comments. 

Signed-off-by: Evan <chaol@vmware.com>
This commit is contained in:
Evan 2021-06-24 17:30:43 +08:00
parent 49254dc97e
commit 945343ea6b
3 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
atc/api/policychecker/handler_test.go
View File

@ -2,7 +2,6 @@ package policychecker_test
import (
"errors"
"github.com/concourse/concourse/atc/policy/policyfakes"
"io/ioutil"
"net/http"
"net/http/httptest"
@ -12,6 +11,7 @@ import (
"github.com/concourse/concourse/atc/api/policychecker"
"github.com/concourse/concourse/atc/api/policychecker/policycheckerfakes"
"github.com/concourse/concourse/atc/policy"
"github.com/concourse/concourse/atc/policy/policyfakes"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"

2
atc/policy/opa/opa.go
View File

@ -17,7 +17,7 @@ type OpaConfig struct {
URL string `long:"opa-url" description:"OPA policy check endpoint."`
Timeout time.Duration `long:"opa-timeout" default:"5s" description:"OPA request timeout."`
ResultAllowedKey string `long:"opa-result-allowed-key" description:"Key name of if pass policy check in OPA returned result. Expects a boolean value." default:"result.allowed"`
ResultShouldBlockKey string `long:"opa-result-should-block-key" description:"Key name of if should block current action in OPA returned result. Expects a boolean value."`
ResultShouldBlockKey string `long:"opa-result-should-block-key" description:"Key name of if should block current action in OPA returned result. Expects a boolean value." default:"result.block"`
ResultMessagesKey string `long:"opa-result-messages-key" description:"Key name of messages in OPA returned result." default:"result.reasons"`
}

3
hack/overrides/opa.yml
View File

@ -12,6 +12,9 @@ services:
CONCOURSE_POLICY_CHECK_FILTER_HTTP_METHODS: PUT,POST
# uncomment to configure
# CONCOURSE_OPA_RESULT_ALLOW_KEY: result.allowed
# CONCOURSE_OPA_RESULT_SHOULD_BLOCK_KEY: result.block
# CONCOURSE_OPA_RESULT_MESSAGES_KEY: result.reasons
# CONCOURSE_POLICY_CHECK_FILTER_ACTION: ListWorkers,ListContainers,UseImage,SaveConfig
# CONCOURSE_POLICY_CHECK_FILTER_ACTION_SKIP: PausePipeline,UnpausePipeline