The policy-agent is essentially a CircleCI-flavored wrapper library around the Open Policy Agent (OPA), which will allow the users to write the policy documents in CircleCI terminology.
policy-agent is responsible, at its core, for doing the following:
- Integrating with the Go API to evaluate policies.
- Expose custom built-in functions that make policies (i.e., rules) easier to write.
We use golangci-lint and task in this repository:
$ brew install go-task/tap/go-task
$ brew install golangci-lint
or
sh -c "$(curl --location https://taskfile.dev/install.sh)" -- -d -b /usr/local/bin
curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.46.2
See common project tasks with task -l, including:
task lint
task fmt
task test
task lint
task test
With godoc, you can view generated html
documentation on your machine for policy-agent. There are two task commands for convenience:
* doc: Run 'godoc', print docs url
* doc-open: Run 'godoc', open the docs url in your browser
CircleCI has provided helper functions to make it easier to write Rego policies. To use
this code, please include import data.circleci.config in your Rego file.
Currently supported helpers: