Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow detached metadata block to annotate rules currently unreachable #7139

Open
anderseknert opened this issue Oct 29, 2024 · 0 comments
Open

Allow detached metadata block to annotate rules currently unreachable #7139

anderseknert opened this issue Oct 29, 2024 · 0 comments
Labels
feature-request rego

Comments

@anderseknert
Copy link
Member

Using nested/ref head rules is nice, as it allows incrementally building nested structures. Given a common example like the one below however poses a challenge for metadata:

package policy

decision.allow if {
    # ... conditions ...
}

decision.reasons := message if {
    # ... conditions ...
}

The natural entrypoint here would be the decision rule/object, but it's currently not possibe to annotate as such, as any metadata block above the rules will be bound to the full path (e.g. decision.allow) and not just decision. It's not possible to create a "standalone" decision rule either, as that would conflict with the other declaration.

Allowing a detached metadata block for these rules would be helpful. We could use the scope attribute as a "free form" value that mus point to a path to a rule in the same package/file.

package policy

# METADATA
# scope: decision
# entrypoint: true

decision.allow if {
    # ... conditions ...
}

decision.reasons := message if {
    # ... conditions ...
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature-request rego
Projects
Open Policy Agent
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
1 participant
@anderseknert