https://github.com/cch0/opa-wasm-examples
https://github.com/cch0/opa-wasm-examples
Last synced: 5 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/cch0/opa-wasm-examples
- Owner: cch0
- Created: 2023-06-23T23:29:31.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2023-06-24T16:45:34.000Z (almost 3 years ago)
- Last Synced: 2025-04-06T09:51:50.554Z (about 1 year ago)
- Language: Open Policy Agent
- Size: 191 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# OPA WebAssembly Examples For OPA Policy Evaluation
A collection of examples which demonstrates how to evaluate against the same policy [policy.wasm](./config/policy.wasm) using different programming languages. The policy is expected to be written in Rego and compiled by WebAssembly.
The OPA policy file included here is an example of Rego policy for evaluating PDU packets.
[opa_input.json](./config/opa_input.json) contains an example of PDU packet and [data.json](./config/data.json) contains the rules configuration parameters.
## Java Example
Execute the `com.kdf.Main` class inside the java directory. The `pom.xml` file specifies the version of `wasmtime-java` dependency which only exists in a private Maven repository.
```
2023-06-23 14:13:26 INFO - main - Main:33 - evaluation result: [{"result":{"rule":"C","label":"UNRESTRICTED"}}]
2023-06-23 14:13:26 INFO - main - Main:36 - rule: "C", label: "UNRESTRICTED"
```
## Python Example
- Following the instruction on [wasmer-python](https://github.com/wasmerio/wasmer-python) to install `wasmer`. The reason for this step is that python package might not be available for you OS and architecture.
- `pip install opa-wasm[cranelift]` or `pip install "opa-wasm[cranelift]"` if you are a `zsh` user,
Execute the command
```
cd python
python3 example.py
```
Output:
```
[{'result': {'rule': 'C', 'label': 'UNRESTRICTED'}}]
```
## Nodejs Example
```
cd nodejs
npm install
node example.js
```
Output:
```
resultSet is [ { result: { rule: 'C', label: 'UNRESTRICTED' } } ]
label = UNRESTRICTED
rule = C
```
## OPA Eval Command Line Example
```
opa eval -d config/data.json -d config/example.rego -i config/opa_input.json -e example/label_to_use -f pretty data.example.label_to_use
```
Output:
```
{
"label": "UNRESTRICTED",
"rule": "C"
}
```
## OPA Server Docker Example
Compared to [opa_input.json](./config/opa_input.json) file, [input.json](./config/input.json) file add the content of `opa_input.json` file as the value field with key `input` in the `input.json` file, i.e.
```
{
"input": { ... content from opa_input.json }
}
```
Execute the command to start up OPA Server
```
docker run -it -v $PWD/config/data.json:/config/data.json -v $PWD/config/example.rego:/config/example.rego -p 8181:8181 openpolicyagent/opa:0.54.0-dev-static-debug run --server --addr :8181 /config
```
Execute the `curl` command
```
curl -d @./config/input.json http://localhost:8181/v1/data/example/label_to_use
```
Output:
```
{"result":{"label":"UNRESTRICTED","rule":"C"}}
```
## OPA Server Local Example
Execute the command to start up OPA Server
```
opa run config/data.json config/example.rego -s --addr localhost:8181
```
Execute the `curl` command
```
curl -d @./config/input.json http://localhost:8181/v1/data/example/label_to_use
```
Output:
```
{"result":{"label":"UNRESTRICTED","rule":"C"}}
```