Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump github.com/open-policy-agent/opa from 0.31.0 to 0.32.0 #198

Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 1, 2021

Bumps github.com/open-policy-agent/opa from 0.31.0 to 0.32.0.

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v0.32.0

This release includes a number of improvements and fixes.

💾 Disk-based Storage (Experimental)

This release adds a disk-based storage implementation to OPA. The implementation can be found in github.com/open-policy-agent/storage/disk. There is also an example in the rego package that shows how policies can be evaluated with the disk-based store. The disk-based store is currently only available as a library (i.e., it is not integrated into the rest of OPA yet.) In the next few releases, we are planning to integrate the implementation into the OPA server and provide tooling to help leverage the disk-based store.

Built-in Functions

This release includes a few improvements to existing built-in functions:

  • The http.send function now supports UNIX domain sockets (#3661) authored by @kirk-patton
  • The units.parse_bytes function now supports E* and P* units (#2911)
  • The io.jwt.encode_sign function uses the built-in context randomization source (which is helpful for replay purposes)

Server

This release includes multiple improvements for OPA server deployments in serverless environments:

  • Plugins can now be triggered manually within OPA. This feature allows users extending and customizing OPA to control exactly when operations like bundle downloads and decision log uploads occur. The built-in plugins now include a trigger configuration that can be set to manual or periodic (which is the default). When manual triggering is enabled, the plugins WILL NOT perform any periodic/background operations. Instead, the plugins will only execute when the Trigger API is invoked.
  • Plugins can now wait for server initialization. When runtime initialization is finished, plugins can be notified. This allows plugins to synchronize their behaviour with server startup. #3701 authored by @gshively11.
  • The Health API now supports an exclude-plugin parameter to control which plugins are checked. #3713 authored by @gshively11.

Tooling

  • The compiler no longer fetches remote schemas by default when used as as library. Capabilities have been updated to include an allow_net field to control whether network operations can be performed (#3746). This field is only used to control schema fetching today. In future versions of OPA, the allow_net parameter will be used to control other behaviour like http.send.
  • The WebAssembly runtime not supported error message has been improved #3739.

Rego

  • Added support for anyOf and allOf keywords in JSON schema support in the type checker (#3592) authored by @​jchen10500 and @​juliafriedman8.
  • Added support for custom JSON result marshalling in the rego package.
  • Added a new convenience function (Allowed() bool) to the rego.ResultSet API.
  • Improved string-representation construction performance for arrays, sets, and objects.
  • Improved the topdown evaluator to support ast.Value results from the store so that unnecessary conversions can be avoided.
  • Improved the rego package to make the wasmtime-go dependency optional at build-time (#3545).
  • Fixed a bug in the comprehension indexer whereby index keys were not constructed correctly leading to incorrect outputs (#3579).
  • Fixed a stack overflow during partial evaluation due to incorrect term rewriting in the copy propagation implementation (#3071).
  • Fixed a bug in partial evaluation when shallow inlinign is enabled that resulted in built-in functions being invoked instead of saved (#3681).

WebAssembly

  • The internal Wasm SDK now supports the inter-query built-in cache.
  • The pre-compiled runtime is now built with llvm 12.0.1 and the builder image includes clang-format.
  • The internal Wasm SDK has been updated to use wasmtime-go v0.29.0.

Documentation

This release includes a number of documentation improvements:

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

0.32.0

This release includes a number of improvements and fixes.

💾 Disk-based Storage (Experimental)

This release adds a disk-based storage implementation to OPA. The implementation can be found in github.com/open-policy-agent/storage/disk. There is also an example in the rego package that shows how policies can be evaluated with the disk-based store. The disk-based store is currently only available as a library (i.e., it is not integrated into the rest of OPA yet.) In the next few releases, we are planning to integrate the implementation into the OPA server and provide tooling to help leverage the disk-based store.

Built-in Functions

This release includes a few improvements to existing built-in functions:

  • The http.send function now supports UNIX domain sockets (#3661) authored by @kirk-patton
  • The units.parse_bytes function now supports E* and P* units (#2911)
  • The io.jwt.encode_sign function uses the built-in context randomization source (which is helpful for replay purposes)

Server

This release includes multiple improvements for OPA server deployments in serverless environments:

  • Plugins can now be triggered manually within OPA. This feature allows users extending and customizing OPA to control exactly when operations like bundle downloads and decision log uploads occur. The built-in plugins now include a trigger configuration that can be set to manual or periodic (which is the default). When manual triggering is enabled, the plugins WILL NOT perform any periodic/background operations. Instead, the plugins will only execute when the Trigger API is invoked.
  • Plugins can now wait for server initialization. When runtime initialization is finished, plugins can be notified. This allows plugins to synchronize their behaviour with server startup. #3701 authored by @gshively11.
  • The Health API now supports an exclude-plugin parameter to control which plugins are checked. #3713 authored by @gshively11.

Tooling

  • The compiler no longer fetches remote schemas by default when used as as library. Capabilities have been updated to include an allow_net field to control whether network operations can be performed (#3746). This field is only used to control schema fetching today. In future versions of OPA, the allow_net parameter will be used to control other behaviour like http.send.
  • The WebAssembly runtime not supported error message has been improved #3739.

Rego

  • Added support for anyOf and allOf keywords in JSON schema support in the type checker (#3592) authored by @​jchen10500 and @​juliafriedman8.
  • Added support for custom JSON result marshalling in the rego package.
  • Added a new convenience function (Allowed() bool) to the rego.ResultSet API.
  • Improved string-representation construction performance for arrays, sets, and objects.
  • Improved the topdown evaluator to support ast.Value results from the store so that unnecessary conversions can be avoided.
  • Improved the rego package to make the wasmtime-go dependency optional at build-time (#3545).
  • Fixed a bug in the comprehension indexer whereby index keys were not constructed correctly leading to incorrect outputs (#3579).
  • Fixed a stack overflow during partial evaluation due to incorrect term rewriting in the copy propagation implementation (#3071).
  • Fixed a bug in partial evaluation when shallow inlinign is enabled that resulted in built-in functions being invoked instead of saved (#3681).

WebAssembly

  • The internal Wasm SDK now supports the inter-query built-in cache.
  • The pre-compiled runtime is now built with llvm 12.0.1 and the builder image includes clang-format.
  • The internal Wasm SDK has been updated to use wasmtime-go v0.29.0.

Documentation

This release includes a number of documentation improvements:

... (truncated)

Commits
  • 7a4f6e3 Prepare v0.32.0 release
  • 4a4185d ci: ensure we can build with different go versions
  • e3fa74a tester: remove pre-1.16 fixtures
  • df2c0b4 e2e/tls: fix flag handling, tighten error expectation
  • 763252e test/cases: update x509 error string
  • f2cb3dd build: bump go-version (1.17)
  • a03c8a9 rego: Add persistent storage example
  • 1eb0220 storage/disk: Add new disk-based storage implementation
  • b704668 vendor: Add badger library
  • 968220f wasm-sdk: use wasmtime.Linker for resolving imports, only have one wasmtime.E...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.31.0 to 0.32.0.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v0.31.0...v0.32.0)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Sep 1, 2021
@jalseth jalseth merged commit e8eb377 into main Sep 1, 2021
@jalseth jalseth deleted the dependabot/go_modules/github.com/open-policy-agent/opa-0.32.0 branch September 1, 2021 22:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant