The policy-agent is essentially a CircleCI-flavored wrapper library around the Open Policy Agent (OPA), which will allow the users to write the policy documents in CircleCI terminology.
policy-agent is responsible, at its core, for doing the following:
- Integrating with the Go API to evaluate policies.
- Expose custom built-in functions that make policies (i.e., rules) easier to write.
$ brew install go-task/tap/go-task $ brew install golangci-lint
sh -c "$(curl --location https://taskfile.dev/install.sh)" -- -d -b /usr/local/bin curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.46.2
See common project tasks with
task -l, including:
task lint task fmt task test
godoc, you can view generated html
documentation on your machine for policy-agent. There are two
task commands for convenience:
* doc: Run 'godoc', print docs url * doc-open: Run 'godoc', open the docs url in your browser
CircleCI has provided helper functions to make it easier to write Rego policies. To use
this code, please include
import data.circleci.config in your Rego file.
Currently supported helpers: