Skip to content

Commit 1330a47

Browse files
tsandalltsandall
committed
Fix build and vendoring
The build was running glide install which installs the dependencies found in the lock file. As a result we were running a very old version of OPA. These changes vendor the plugin dependencies and remove the glide step from the build process. It's no longer required since all of the deps are contained in the repo. Also, remove broken plugin install from the README. Signed-off-by: Torin Sandall <[email protected]>
1 parent 9a58d7b commit 1330a47

File tree

1,937 files changed

+498736
-39
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

1,937 files changed

+498736
-39
lines changed

.gitignore

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,4 +3,3 @@
33

44
# Build output
55
/opa-docker-authz
6-
/vendor

Makefile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
.PHONY: all build
22

3-
VERSION := 0.3
4-
OPA_VERSION := 0.8.0
3+
VERSION := 0.4
4+
OPA_VERSION := $(shell ./get-opa-version-from-glide.sh)
55
GO_VERSION := 1.10
66
REPO := openpolicyagent/opa-docker-authz
77
DOCKER_VERSION := $(shell docker version --format '{{.Server.Version}}')

README.md

Lines changed: 2 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ The following steps detail how to install the managed plugin.
3535
Download the `opa-docker-authz` plugin from the Docker Hub (depending on how your Docker environment is configured, you may need to execute the following commands using the `sudo` utility), and specify the location of the policy file, using the `opa-args` key, and an appropriate value:
3636

3737
```
38-
$ docker plugin install --alias opa-docker-authz openpolicyagent/opa-docker-authz-v2:0.3 opa-args="-policy-file /opa/policies/authz.rego"
38+
$ docker plugin install --alias opa-docker-authz openpolicyagent/opa-docker-authz-v2:0.4 opa-args="-policy-file /opa/policies/authz.rego"
3939
Plugin "openpolicyagent/opa-docker-authz-v2:<VERSION>" is requesting the following privileges:
4040
- mount: [/etc/docker]
4141
Do you grant the above permissions? [y/N] y
@@ -67,16 +67,6 @@ $ sudo kill -HUP $(pidof dockerd)
6767

6868
The Docker daemon will now send authorization requests for all Docker client API calls, to the `opa-docker-authz` plugin, for evaluation.
6969

70-
If an alternate host location is preferred for the bind mount, then it's possible to set the source during plugin installation. For example, if policy files are located in `$HOME/opa/policies`, then a policy file called `authz.rego` can be made available to the plugin, with the following:
71-
72-
```
73-
$ docker plugin install --alias opa-docker-authz \
74-
openpolicyagent-v2/opa-docker-authz:0.3 \
75-
policy.source=$HOME/opa/policies \
76-
opa-args="-policy-file /opa/authz.rego"
77-
78-
```
79-
8070
**Legacy Plugin**
8171

8272
If you prefer to use the legacy plugin, it needs to be started as a container, before applying the same configuration to the Docker daemon, as detailed above:
@@ -85,7 +75,7 @@ If you prefer to use the legacy plugin, it needs to be started as a container, b
8575
$ docker container run -d --restart=always --name opa-docker-authz \
8676
-v /run/docker/plugins:/run/docker/plugins \
8777
-v $HOME/opa/policies:/opa \
88-
openpolicyagent/opa-docker-authz:0.3 -policy-file /opa/authz.rego
78+
openpolicyagent/opa-docker-authz:0.4 -policy-file /opa/authz.rego
8979
```
9080

9181
### Logs

build.sh

Lines changed: 1 addition & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -2,21 +2,11 @@
22

33
set -e
44

5-
echo "Building opa-docker-authz version: $VERSION"
6-
7-
echo -e "\nInstalling glide ..."
8-
curl -s https://glide.sh/get | sh
9-
10-
echo -e "\nInstalling all the dependencies ..."
11-
glide install
12-
13-
echo -e "\nSetting OPA version to $OPA_VERSION ..."
14-
sed -i "s/\( version: v\)[0-9]\.[0-9]\.[0-9]/\1$OPA_VERSION/g" glide.yaml
5+
echo "Building opa-docker-authz version: $VERSION (OPA version: $OPA_VERSION)"
156

167
echo -e "\nBuilding opa-docker-authz ..."
178
CGO_ENABLED=0 go build -ldflags \
189
"-X github.com/open-policy-agent/opa-docker-authz/version.Version=$VERSION -X github.com/open-policy-agent/opa-docker-authz/version.OPAVersion=$OPA_VERSION" \
1910
-o opa-docker-authz
20-
rm -rf ./vendor
2111

2212
echo -e "\n... done!"

get-opa-version-from-glide.sh

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
#!/usr/bin/env sh
2+
3+
grep '^- package: github.com/open-policy-agent/opa$' glide.yaml -A 1 | grep 'version: ' | awk '{print $2}'

glide.lock

Lines changed: 20 additions & 12 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

glide.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,4 +7,4 @@ import:
77
- package: github.com/fsnotify/fsnotify
88
version: 4da3e2cfbabc9f751898f250b49f2439785783a1
99
- package: github.com/open-policy-agent/opa
10-
version: v0.8.0
10+
version: v0.9.1

vendor/github.com/Microsoft/go-winio/.gitignore

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/github.com/Microsoft/go-winio/LICENSE

Lines changed: 22 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/github.com/Microsoft/go-winio/README.md

Lines changed: 22 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)