From 3a9a702a9f9dfa979e8c49d38f985161a2b7f764 Mon Sep 17 00:00:00 2001 From: pckvcode Date: Mon, 12 Aug 2024 13:44:04 +0530 Subject: [PATCH 1/4] The [opa eval] command is unable to access Rego policies located on other drives in Windows. For more details, see https://github.com/open-policy-agent/opa/issues/6910 and https://github.com/open-policy-agent/conftest/issues/979. OPA should be capable of accessing Rego policies from specified paths including drives (e.g., c:\a\b\c.rego). The code has been updated to allow OPA to load Rego policies from paths with drives. Now, OPA can load Rego policies from paths, URLs, and drives. Fixes https://github.com/open-policy-agent/opa/issues/6910 Signed-off-by: pckvcode --- loader/loader.go | 2 +- loader/loader_test.go | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/loader/loader.go b/loader/loader.go index 759fc9b05d..8406c324be 100644 --- a/loader/loader.go +++ b/loader/loader.go @@ -572,7 +572,7 @@ func SplitPrefix(path string) ([]string, string) { return nil, path } parts := strings.SplitN(path, ":", 2) - if len(parts) == 2 && len(parts[0]) > 0 { + if len(parts) == 2 && len(parts[0]) > 1 { return strings.Split(parts[0], "."), parts[1] } return nil, path diff --git a/loader/loader_test.go b/loader/loader_test.go index caa972adab..0364996f49 100644 --- a/loader/loader_test.go +++ b/loader/loader_test.go @@ -823,6 +823,10 @@ func TestSplitPrefix(t *testing.T) { wantParts: []string{"x", "y"}, wantPath: "file:///c:/a/b/c", }, + { + input: "c:/a/b/c", + wantPath: "c:/a/b/c", + }, } for _, tc := range tests { From 02dc039bfe83faa9141149761f381cb66a854ce4 Mon Sep 17 00:00:00 2001 From: pckvcode Date: Wed, 21 Aug 2024 16:11:02 +0530 Subject: [PATCH 2/4] Opa should be capable of accessing Rego policies from the following input sources: Existing Inputs: 1. Absolute file paths (e.g., /a/b/c/example.rego) 2. Paths with URLs (e.g., file:///path/to/file.json) 3. Paths with drive letters and URLs (e.g., "C:file:///C:/a/b/c") New Inputs: 1. Paths with drive letters (e.g., C:\a\b\c\example.rego) This requirement ensures that Opa can handle a variety of input formats, including local file paths, remote URLs, and even mixed formats that include both drive letters and URLs. https://github.com/open-policy-agent/opa/issues/6910 Signed-off-by: pckvcode --- loader/loader.go | 6 ++++-- loader/loader_test.go | 5 +++++ 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/loader/loader.go b/loader/loader.go index 8406c324be..4f3587789a 100644 --- a/loader/loader.go +++ b/loader/loader.go @@ -572,8 +572,10 @@ func SplitPrefix(path string) ([]string, string) { return nil, path } parts := strings.SplitN(path, ":", 2) - if len(parts) == 2 && len(parts[0]) > 1 { - return strings.Split(parts[0], "."), parts[1] + if len(parts) == 2 && len(parts[0]) > 0 { + if strings.HasPrefix(parts[1], "file:///") || len(parts[0]) > 1 { + return strings.Split(parts[0], "."), parts[1] + } } return nil, path } diff --git a/loader/loader_test.go b/loader/loader_test.go index 0364996f49..45d6fc7f22 100644 --- a/loader/loader_test.go +++ b/loader/loader_test.go @@ -827,6 +827,11 @@ func TestSplitPrefix(t *testing.T) { input: "c:/a/b/c", wantPath: "c:/a/b/c", }, + { + input: "c:file:///c:/a/b/c", + wantParts: []string{"c"}, + wantPath: "file:///c:/a/b/c", + }, } for _, tc := range tests { From b2f071fdf884c401af507bcdb963b10ffc8008a3 Mon Sep 17 00:00:00 2001 From: pckvcode Date: Fri, 23 Aug 2024 13:40:29 +0530 Subject: [PATCH 3/4] Adding unit tests to support loading Rego policies from paths that include a Windows drive letter (e.g., C:\a\b\c\example.rego). When tests are run on Windows, temporary directories are created on the C drive (e.g., C:\Users\\AppData\Local\Temp). Fixes: https://github.com/open-policy-agent/opa/issues/6910 Signed-off-by: pckvcode --- loader/loader_test.go | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/loader/loader_test.go b/loader/loader_test.go index 826a87c53a..45f1c38779 100644 --- a/loader/loader_test.go +++ b/loader/loader_test.go @@ -15,6 +15,7 @@ import ( "path" "path/filepath" "reflect" + "runtime" "sort" "strings" "testing" @@ -808,15 +809,19 @@ func TestLoadFileURL(t *testing.T) { files := map[string]string{ "/a/a/1.json": `1`, // this will load as a directory (e.g., file://a/a) "b.json": `{"b": 2}`, // this will load as a normal file - "c.json": `3`, // this will loas as rooted file + "c.json": `3`, // this will load as rooted file + "d.json": `{"d": 4}`, // this will load as a normal file without the prefix file:/// } test.WithTempFS(files, func(rootDir string) { paths := mustListPaths(rootDir, false)[1:] sort.Strings(paths) - - for i := range paths { - paths[i] = "file://" + paths[i] + fileUrlPrefix := "file://" + if IsWindows() { + fileUrlPrefix = "file:///" + } + for i := range paths[:3] { + paths[i] = fileUrlPrefix + paths[i] } paths[2] = "c:" + paths[2] @@ -826,13 +831,18 @@ func TestLoadFileURL(t *testing.T) { t.Fatal(err) } - exp := parseJSON(`{"a": 1, "b": 2, "c": 3}`) + exp := parseJSON(`{"a": 1, "b": 2, "c": 3, "d":4}`) if !reflect.DeepEqual(exp, result.Documents) { t.Fatalf("Expected %v but got %v", exp, result.Documents) } }) } +// IsWindows: checks if the user's OS is Windows +func IsWindows() bool { + return runtime.GOOS == "windows" +} + func TestUnsupportedURLScheme(t *testing.T) { _, err := NewFileLoader().All([]string{"http://openpolicyagent.org"}) if err == nil || !strings.Contains(err.Error(), "unsupported URL scheme: http://openpolicyagent.org") { From 035070dd77b51e0b76c418928ee42927dfe38c9f Mon Sep 17 00:00:00 2001 From: pckvcode Date: Fri, 23 Aug 2024 14:34:06 +0530 Subject: [PATCH 4/4] Fixing lint in loader_test.go Signed-off-by: pckvcode --- loader/loader_test.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/loader/loader_test.go b/loader/loader_test.go index 45f1c38779..952690f87e 100644 --- a/loader/loader_test.go +++ b/loader/loader_test.go @@ -816,12 +816,12 @@ func TestLoadFileURL(t *testing.T) { paths := mustListPaths(rootDir, false)[1:] sort.Strings(paths) - fileUrlPrefix := "file://" + fileURLPrefix := "file://" if IsWindows() { - fileUrlPrefix = "file:///" + fileURLPrefix = "file:///" } for i := range paths[:3] { - paths[i] = fileUrlPrefix + paths[i] + paths[i] = fileURLPrefix + paths[i] } paths[2] = "c:" + paths[2]