From 4a456be09ea54cbb89937854f93eed93c57eec7c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADctor=20Cuadrado=20Juan?= Date: Mon, 15 Jan 2024 15:54:02 +0100 Subject: [PATCH] chore(deps): update to latest version of policy-evaluator MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Consume latest stable version of policy-evaluator Signed-off-by: VĂ­ctor Cuadrado Juan Co-authored-by: Flavio Castelli --- Cargo.lock | 208 +++++++++++++++++++++++-------------------------- Cargo.toml | 2 +- src/backend.rs | 13 ++-- src/bench.rs | 10 +-- src/run.rs | 44 ++++++----- 5 files changed, 138 insertions(+), 139 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 75e1ed62..1a13ee0c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -498,7 +498,7 @@ checksum = "7f30e7476521f6f8af1a1c4c0b8cc94f0bee37d91763d0ca2665f299b6cd8aec" [[package]] name = "burrego" version = "0.3.4" -source = "git+https://github.com/kubewarden/policy-evaluator?tag=v0.12.2#f43d8b2b9f21b4f9053058fc957649b8bbe7551e" +source = "git+https://github.com/kubewarden/policy-evaluator?tag=v0.13.3#47a5d65ed9a2828dddb2cf98b9997f77dd718422" dependencies = [ "base64 0.21.7", "chrono", @@ -551,9 +551,9 @@ dependencies = [ [[package]] name = "cached" -version = "0.46.1" +version = "0.47.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c7c8c50262271cdf5abc979a5f76515c234e764fa025d1ba4862c0f0bcda0e95" +checksum = "69b0116662497bc24e4b177c90eaf8870e39e2714c3fcfa296327a93f593fc21" dependencies = [ "ahash", "async-trait", @@ -857,18 +857,18 @@ dependencies = [ [[package]] name = "cranelift-bforest" -version = "0.101.4" +version = "0.103.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2b5bb9245ec7dcc04d03110e538d31f0969d301c9d673145f4b4d5c3478539a3" +checksum = "7c22542c0b95bd3302f7ed6839869c561f2324bac2fd5e7e99f5cfa65fdc8b92" dependencies = [ "cranelift-entity", ] [[package]] name = "cranelift-codegen" -version = "0.101.4" +version = "0.103.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ebb18d10e5ddac43ba4ca8fd4e310938569c3e484cc01b6372b27dc5bb4dfd28" +checksum = "6b3db903ef2e9c8a4de2ea6db5db052c7857282952f9df604aa55d169e6000d8" dependencies = [ "bumpalo", "cranelift-bforest", @@ -887,33 +887,33 @@ dependencies = [ [[package]] name = "cranelift-codegen-meta" -version = "0.101.4" +version = "0.103.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a3ce6d22982c1b9b6b012654258bab1a13947bb12703518bef06b1a4867c3d6" +checksum = "6590feb5a1d6438f974bf6a5ac4dddf69fca14e1f07f3265d880f69e61a94463" dependencies = [ "cranelift-codegen-shared", ] [[package]] name = "cranelift-codegen-shared" -version = "0.101.4" +version = "0.103.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "47220fd4f9a0ce23541652b6f16f83868d282602c600d14934b2a4c166b4bd80" +checksum = "7239038c56fafe77fddc8788fc8533dd6c474dc5bdc5637216404f41ba807330" [[package]] name = "cranelift-control" -version = "0.101.4" +version = "0.103.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed5a4c42672aea9b6e820046b52e47a1c05d3394a6cdf4cb3c3c4b702f954bd2" +checksum = "f7dc9c595341404d381d27a3d950160856b35b402275f0c3990cd1ad683c8053" dependencies = [ "arbitrary", ] [[package]] name = "cranelift-entity" -version = "0.101.4" +version = "0.103.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b4e9a3296fc827f9d35135dc2c0c8dd8d8359eb1ef904bae2d55d5bcb0c9f94" +checksum = "44e3ee532fc4776c69bcedf7e62f9632cbb3f35776fa9a525cdade3195baa3f7" dependencies = [ "serde", "serde_derive", @@ -921,9 +921,9 @@ dependencies = [ [[package]] name = "cranelift-frontend" -version = "0.101.4" +version = "0.103.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "33ec537d0f0b8e084517f3e7bfa1d89af343d7c7df455573fca9f272d4e01267" +checksum = "a612c94d09e653662ec37681dc2d6fd2b9856e6df7147be0afc9aabb0abf19df" dependencies = [ "cranelift-codegen", "log", @@ -933,15 +933,15 @@ dependencies = [ [[package]] name = "cranelift-isle" -version = "0.101.4" +version = "0.103.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "45bab6d69919d210a50331d35cc6ce111567bc040aebac63a8ae130d0400a075" +checksum = "85db9830abeb1170b7d29b536ffd55af1d4d26ac8a77570b5d1aca003bf225cc" [[package]] name = "cranelift-native" -version = "0.101.4" +version = "0.103.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f32e81605f352cf37af5463f11cd7deec7b6572741931a8d372f7fdd4a744f5d" +checksum = "301ef0edafeaeda5771a5d2db64ac53e1818ae3111220a185677025fe91db4a1" dependencies = [ "cranelift-codegen", "libc", @@ -950,9 +950,9 @@ dependencies = [ [[package]] name = "cranelift-wasm" -version = "0.101.4" +version = "0.103.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0edaa4cbec1bc787395c074233df2652dd62f3e29d3ee60329514a0a51e6b045" +checksum = "380f0abe8264e4570ac615fc31cef32a3b90a77f7eb97b08331f9dd357b1f500" dependencies = [ "cranelift-codegen", "cranelift-entity", @@ -960,7 +960,7 @@ dependencies = [ "itertools 0.10.5", "log", "smallvec", - "wasmparser 0.115.0", + "wasmparser 0.118.1", "wasmtime-types", ] @@ -2273,9 +2273,9 @@ checksum = "b1a46d1a171d865aa5f83f92695765caa047a9b4cbae2cbf37dbd613a793fd4c" [[package]] name = "ittapi" -version = "0.3.5" +version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "25a5c0b993601cad796222ea076565c5d9f337d35592f8622c753724f06d7271" +checksum = "6b996fe614c41395cdaedf3cf408a9534851090959d90d54a535f675550b64b1" dependencies = [ "anyhow", "ittapi-sys", @@ -2284,9 +2284,9 @@ dependencies = [ [[package]] name = "ittapi-sys" -version = "0.3.5" +version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cb7b5e473765060536a660eed127f758cf1a810c73e49063264959c60d1727d9" +checksum = "52f5385394064fa2c886205dba02598013ce83d3e92d33dbdc0c52fe0e7bf4fc" dependencies = [ "cc", ] @@ -3431,13 +3431,13 @@ dependencies = [ [[package]] name = "policy-evaluator" -version = "0.12.2" -source = "git+https://github.com/kubewarden/policy-evaluator?tag=v0.12.2#f43d8b2b9f21b4f9053058fc957649b8bbe7551e" +version = "0.13.3" +source = "git+https://github.com/kubewarden/policy-evaluator?tag=v0.13.3#47a5d65ed9a2828dddb2cf98b9997f77dd718422" dependencies = [ "anyhow", "base64 0.21.7", "burrego", - "cached 0.46.1", + "cached 0.47.0", "chrono", "dns-lookup", "email_address", @@ -3465,7 +3465,7 @@ dependencies = [ "wapc", "wasi-cap-std-sync", "wasi-common", - "wasmparser 0.118.1", + "wasmparser 0.119.0", "wasmtime", "wasmtime-provider", "wasmtime-wasi", @@ -5354,9 +5354,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasi-cap-std-sync" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3fd94e147b273348ec68ae412b8bc17a4d372b9e070535b98e3e2c5a3ffd8e83" +checksum = "154528979a211aa28d969846e883df75705809ed9bcc70aba61460683ea7355b" dependencies = [ "anyhow", "async-trait", @@ -5377,9 +5377,9 @@ dependencies = [ [[package]] name = "wasi-common" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d5166f7432ee36d06aa9f9bd7990a00330401fdbc75be7887ea952a299b9a19" +checksum = "3d888b611fee7d273dd057dc009d2dd3132736f36710ffd65657ac83628d1e3b" dependencies = [ "anyhow", "bitflags 2.4.1", @@ -5472,9 +5472,9 @@ dependencies = [ [[package]] name = "wasm-encoder" -version = "0.35.0" +version = "0.38.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9ca90ba1b5b0a70d3d49473c5579951f3bddc78d47b59256d2f9d4922b150aca" +checksum = "0ad2b51884de9c7f4fe2fd1043fccb8dcad4b1e29558146ee57a144d15779f3f" dependencies = [ "leb128", ] @@ -5507,16 +5507,6 @@ version = "0.80.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "449167e2832691a1bff24cde28d2804e90e09586a448c8e76984792c44334a6b" -[[package]] -name = "wasmparser" -version = "0.115.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e06c0641a4add879ba71ccb3a1e4278fd546f76f1eafb21d8f7b07733b547cd5" -dependencies = [ - "indexmap 2.1.0", - "semver", -] - [[package]] name = "wasmparser" version = "0.118.1" @@ -5550,9 +5540,9 @@ dependencies = [ [[package]] name = "wasmtime" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ca54f6090ce46973f33a79f265924b204f248f91aec09229bce53d19d567c1a6" +checksum = "a8e539fded2495422ea3c4dfa7beeddba45904eece182cf315294009e1a323bf" dependencies = [ "anyhow", "async-trait", @@ -5567,14 +5557,13 @@ dependencies = [ "object", "once_cell", "paste", - "psm", "rayon", "serde", "serde_derive", "serde_json", "target-lexicon", - "wasm-encoder 0.35.0", - "wasmparser 0.115.0", + "wasm-encoder 0.38.1", + "wasmparser 0.118.1", "wasmtime-cache", "wasmtime-component-macro", "wasmtime-component-util", @@ -5590,18 +5579,18 @@ dependencies = [ [[package]] name = "wasmtime-asm-macros" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "54984bc0b5689da87a43d7c181d23092b4d5cfcbb7ae3eb6b917dd55865d95e6" +checksum = "660ba9143e15a2acd921820df221b73aee256bd3ca2d208d73d8adc9587ccbb9" dependencies = [ "cfg-if", ] [[package]] name = "wasmtime-cache" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1a4df7655bb73b592189033ab046aa47c1da486d70bc9c1ebf45e55ac030bdf4" +checksum = "a3ce373743892002f9391c6741ef0cb0335b55ec899d874f311222b7e36f4594" dependencies = [ "anyhow", "base64 0.21.7", @@ -5619,9 +5608,9 @@ dependencies = [ [[package]] name = "wasmtime-component-macro" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "64de99fb7c4c383832b85efcaae95f7094a5c505d80146227ce97ab436cbac68" +checksum = "12ef32643324e564e1c359e9044daa06cbf90d7e2d6c99a738d17a12959f01a5" dependencies = [ "anyhow", "proc-macro2", @@ -5634,15 +5623,15 @@ dependencies = [ [[package]] name = "wasmtime-component-util" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9f9141a8df069e106eee0c3a8173c0809cf1a4b5630628cfb1f25ab114720093" +checksum = "8c87d06c18d21a4818f354c00a85f4ebc62b2270961cd022968452b0e4dbed9d" [[package]] name = "wasmtime-cranelift" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1cf3cee8be02f5006d21b773ffd6802f96a0b7d661ff2ad8a01fb93df458b1aa" +checksum = "2d648c8b4064a7911093b02237cd5569f71ca171d3a0a486bf80600b19e1cba2" dependencies = [ "anyhow", "cfg-if", @@ -5657,7 +5646,7 @@ dependencies = [ "object", "target-lexicon", "thiserror", - "wasmparser 0.115.0", + "wasmparser 0.118.1", "wasmtime-cranelift-shared", "wasmtime-environ", "wasmtime-versioned-export-macros", @@ -5665,9 +5654,9 @@ dependencies = [ [[package]] name = "wasmtime-cranelift-shared" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "420fd2a69bc162957f4c94f21c7fa08ecf60d916f4e87b56332507c555da381d" +checksum = "290a89027688782da8ff60b12bb95695494b1874e0d0ba2ba387d23dace6d70c" dependencies = [ "anyhow", "cranelift-codegen", @@ -5681,9 +5670,9 @@ dependencies = [ [[package]] name = "wasmtime-environ" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb6a445ce2b2810127caee6c1b79b8da4ae57712b05556a674592c18b7500a14" +checksum = "61eb64fb3e0da883e2df4a13a81d6282e072336e6cb6295021d0f7ab2e352754" dependencies = [ "anyhow", "cranelift-entity", @@ -5695,8 +5684,8 @@ dependencies = [ "serde_derive", "target-lexicon", "thiserror", - "wasm-encoder 0.35.0", - "wasmparser 0.115.0", + "wasm-encoder 0.38.1", + "wasmparser 0.118.1", "wasmprinter", "wasmtime-component-util", "wasmtime-types", @@ -5704,10 +5693,11 @@ dependencies = [ [[package]] name = "wasmtime-fiber" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "345a8b061c9eab459e10b9112df9fc357d5a9e8b5b1004bc5fc674fba9be6d2a" +checksum = "40ecf1d3a838b0956b71ad3f8cb80069a228339775bf02dd35d86a5a68bbe443" dependencies = [ + "anyhow", "cc", "cfg-if", "rustix 0.38.30", @@ -5718,9 +5708,9 @@ dependencies = [ [[package]] name = "wasmtime-jit" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1f0f6586c61125fbfc13c3108c3dd565d21f314dd5bac823b9a5b7ab576d21f1" +checksum = "f485336add49267d8859e8f8084d2d4b9a4b1564496b6f30ba5b168d50c10ceb" dependencies = [ "addr2line", "anyhow", @@ -5745,9 +5735,9 @@ dependencies = [ [[package]] name = "wasmtime-jit-debug" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "109a9e46afe33580b952b14a4207354355f19bcdf0b47485b397b68409eaf553" +checksum = "65e119affec40edb2fab9044f188759a00c2df9c3017278d047012a2de1efb4f" dependencies = [ "object", "once_cell", @@ -5757,9 +5747,9 @@ dependencies = [ [[package]] name = "wasmtime-jit-icache-coherence" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f67e6be36375c39cff57ed3b137ab691afbf2d9ba8ee1c01f77888413f218749" +checksum = "6b6d197fcc34ad32ed440e1f9552fd57d1f377d9699d31dee1b5b457322c1f8a" dependencies = [ "cfg-if", "libc", @@ -5768,9 +5758,9 @@ dependencies = [ [[package]] name = "wasmtime-provider" -version = "1.11.0" +version = "1.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "559e7c5b79fbee0619789b0b51d8dae7a6efe46abfb2f3d90e1e2082ec49b6b0" +checksum = "fd5976166615e28d10690576773a67f0a049b9c0aca1a922cffd11fce7db8ab1" dependencies = [ "anyhow", "cfg-if", @@ -5787,9 +5777,9 @@ dependencies = [ [[package]] name = "wasmtime-runtime" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1d07986b2327b5e7f535ed638fbde25990fc8f85400194fda0d26db71c7b685e" +checksum = "794b2bb19b99ef8322ff0dd9fe1ba7e19c41036dfb260b3f99ecce128c42ff92" dependencies = [ "anyhow", "cc", @@ -5802,10 +5792,10 @@ dependencies = [ "memfd", "memoffset", "paste", - "rand", + "psm", "rustix 0.38.30", "sptr", - "wasm-encoder 0.35.0", + "wasm-encoder 0.38.1", "wasmtime-asm-macros", "wasmtime-environ", "wasmtime-fiber", @@ -5817,22 +5807,22 @@ dependencies = [ [[package]] name = "wasmtime-types" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e810a0d2e869abd1cb42bd232990f6bd211672b3d202d2ae7e70ffb97ed70ea3" +checksum = "d995db8bb56f2cd8d2dc0ed5ffab94ffb435283b0fe6747f80f7aab40b2d06a1" dependencies = [ "cranelift-entity", "serde", "serde_derive", "thiserror", - "wasmparser 0.115.0", + "wasmparser 0.118.1", ] [[package]] name = "wasmtime-versioned-export-macros" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "09b5575a75e711ca6c36bb9ad647c93541cdc8e34218031acba5da3f35919dd3" +checksum = "f55c5565959287c21dd0f4277ae3518dd2ae62679f655ee2dbc4396e19d210db" dependencies = [ "proc-macro2", "quote", @@ -5841,9 +5831,9 @@ dependencies = [ [[package]] name = "wasmtime-wasi" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1e6730a2853226292cee755a36549dd1a443b324cf99319cb390af1afed6cb8a" +checksum = "ccd8370078149d49a3a47e93741553fd79b700421464b6a27ca32718192ab130" dependencies = [ "anyhow", "async-trait", @@ -5876,16 +5866,16 @@ dependencies = [ [[package]] name = "wasmtime-winch" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c1c1b6abbba5a01739bef9f00a87b419414a7dd99b795823d93fb12fc2bf994a" +checksum = "2c6f945ff9bad96e0a69973d74f193c19f627c8adbf250e7cb73ae7564b6cc8a" dependencies = [ "anyhow", "cranelift-codegen", "gimli 0.28.1", "object", "target-lexicon", - "wasmparser 0.115.0", + "wasmparser 0.118.1", "wasmtime-cranelift-shared", "wasmtime-environ", "winch-codegen", @@ -5893,9 +5883,9 @@ dependencies = [ [[package]] name = "wasmtime-wit-bindgen" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9d214ca7513d76af2872ad5bba4b0dcc0225821931745fdcb4fc30dd34bc3bf7" +checksum = "f328b2d4a690270324756e886ed5be3a4da4c00be0eea48253f4595ad068062b" dependencies = [ "anyhow", "heck 0.4.1", @@ -5905,9 +5895,9 @@ dependencies = [ [[package]] name = "wasmtime-wmemcheck" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9dafab2db172a53e23940e0fa3078c202f567ee5f13f4b42f66b694fab43c658" +checksum = "67761d8f8c0b3c13a5d34356274b10a40baba67fe9cfabbfc379a8b414e45de2" [[package]] name = "wast" @@ -5974,9 +5964,9 @@ checksum = "1778a42e8b3b90bff8d0f5032bf22250792889a5cdc752aa0020c84abe3aaf10" [[package]] name = "wiggle" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7f6ce56a4019ce3d8592c298029a75abe6887d1c95a078a4c53ec77a0628262d" +checksum = "0afb26cd3269289bb314a361ff0a6685e5ce793b62181a9fe3f81ace15051697" dependencies = [ "anyhow", "async-trait", @@ -5989,9 +5979,9 @@ dependencies = [ [[package]] name = "wiggle-generate" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e585a4b1e84195031c77d8484af99cd93f129f45d519e83cb8cc75e9a420cfd3" +checksum = "cef2868fed7584d2b552fa317104858ded80021d23b073b2d682d3c932a027bd" dependencies = [ "anyhow", "heck 0.4.1", @@ -6004,9 +5994,9 @@ dependencies = [ [[package]] name = "wiggle-macro" -version = "14.0.4" +version = "16.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c6f321dbce722989d65c3082dba479fa392c7b7a1a4c3adc2a39545dd5aa452f" +checksum = "31ae1ec11a17ea481539ee9a5719a278c9790d974060fbf71db4b2c05378780b" dependencies = [ "proc-macro2", "quote", @@ -6047,9 +6037,9 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" [[package]] name = "winch-codegen" -version = "0.12.4" +version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f112bebb367a544d20c254083798087f22ceeb426168a970b955e8436f749dca" +checksum = "58e58c236a6abdd9ab454552b4f29e16cfa837a86897c1503313b2e62e7609ec" dependencies = [ "anyhow", "cranelift-codegen", @@ -6057,7 +6047,7 @@ dependencies = [ "regalloc2", "smallvec", "target-lexicon", - "wasmparser 0.115.0", + "wasmparser 0.118.1", "wasmtime-environ", ] @@ -6290,9 +6280,9 @@ dependencies = [ [[package]] name = "wit-parser" -version = "0.12.2" +version = "0.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "43771ee863a16ec4ecf9da0fc65c3bbd4a1235c8e3da5f094b562894843dfa76" +checksum = "df4913a2219096373fd6512adead1fb77ecdaa59d7fc517972a7d30b12f625be" dependencies = [ "anyhow", "id-arena", diff --git a/Cargo.toml b/Cargo.toml index 9c6cfd56..e2a6ef2e 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -22,7 +22,7 @@ lazy_static = "1.4.0" pulldown-cmark-mdcat = { version = "2.1.0", default-features = false, features = [ "regex-fancy", ] } -policy-evaluator = { git = "https://github.com/kubewarden/policy-evaluator", tag = "v0.12.2" } +policy-evaluator = { git = "https://github.com/kubewarden/policy-evaluator", tag = "v0.13.3" } prettytable-rs = "^0.10" pulldown-cmark = { version = "0.9.3", default-features = false } regex = "1" diff --git a/src/backend.rs b/src/backend.rs index 716e01bf..d13d74ff 100644 --- a/src/backend.rs +++ b/src/backend.rs @@ -1,13 +1,12 @@ use anyhow::{anyhow, Result}; use lazy_static::lazy_static; use policy_evaluator::{ - policy_evaluator::{Evaluator, PolicyExecutionMode}, - policy_evaluator_builder::PolicyEvaluatorBuilder, - policy_metadata::Metadata, - ProtocolVersion, + evaluation_context::EvaluationContext, policy_evaluator::PolicyExecutionMode, + policy_evaluator_builder::PolicyEvaluatorBuilder, policy_metadata::Metadata, ProtocolVersion, }; use semver::{BuildMetadata, Prerelease, Version}; use std::path::{Path, PathBuf}; + lazy_static! { static ref KUBEWARDEN_VERSION: Version = Version::parse(env!("CARGO_PKG_VERSION")).unwrap(); } @@ -51,10 +50,12 @@ fn rego_policy_detector(wasm_path: PathBuf) -> Result { } fn kubewarden_protocol_detector(wasm_path: PathBuf) -> Result { - PolicyEvaluatorBuilder::new("".to_string()) + let eval_ctx = EvaluationContext::default(); + PolicyEvaluatorBuilder::new() .policy_file(&wasm_path)? .execution_mode(PolicyExecutionMode::KubewardenWapc) - .build()? + .build_pre()? + .rehydrate(&eval_ctx)? .protocol_version() .map_err(|e| anyhow!("Cannot compute ProtocolVersion used by the policy: {:?}", e)) } diff --git a/src/bench.rs b/src/bench.rs index cc1f8ed4..6d7eac69 100644 --- a/src/bench.rs +++ b/src/bench.rs @@ -1,5 +1,4 @@ use anyhow::{anyhow, Result}; -use policy_evaluator::policy_evaluator::Evaluator; use tiny_bench::{bench_with_configuration_labeled, BenchmarkConfig}; use tracing::error; @@ -18,7 +17,7 @@ pub(crate) async fn pull_and_bench(cfg: &PullAndBenchSettings) -> Result<()> { let request = run_env.request; // validate the settings given by the user - let settings_validation_response = policy_evaluator.validate_settings(); + let settings_validation_response = policy_evaluator.validate_settings(&run_env.policy_settings); if !settings_validation_response.valid { println!("{}", serde_json::to_string(&settings_validation_response)?); return Err(anyhow!( @@ -33,7 +32,7 @@ pub(crate) async fn pull_and_bench(cfg: &PullAndBenchSettings) -> Result<()> { }); // validate the settings given by the user - let settings_validation_response = policy_evaluator.validate_settings(); + let settings_validation_response = policy_evaluator.validate_settings(&run_env.policy_settings); if !settings_validation_response.valid { println!("{}", serde_json::to_string(&settings_validation_response)?); return Err(anyhow!( @@ -42,11 +41,12 @@ pub(crate) async fn pull_and_bench(cfg: &PullAndBenchSettings) -> Result<()> { )); } bench_with_configuration_labeled("validate_settings", &cfg.benchmark_cfg, || { - let _settings_validation_response = policy_evaluator.validate_settings(); + let _settings_validation_response = + policy_evaluator.validate_settings(&run_env.policy_settings); }); bench_with_configuration_labeled("validate", &cfg.benchmark_cfg, || { - let _response = policy_evaluator.validate(request.clone()); + let _response = policy_evaluator.validate(request.clone(), &run_env.policy_settings); }); // The evaluation is done, we can shutdown the tokio task that is running diff --git a/src/run.rs b/src/run.rs index 4a64418a..567d8763 100644 --- a/src/run.rs +++ b/src/run.rs @@ -1,10 +1,10 @@ use anyhow::{anyhow, Result}; -use policy_evaluator::admission_request::AdmissionRequest; -use policy_evaluator::kube; use policy_evaluator::{ + admission_request::AdmissionRequest, constants::*, - policy_evaluator::{Evaluator, PolicyEvaluator}, - policy_evaluator::{PolicyExecutionMode, ValidateRequest}, + evaluation_context::EvaluationContext, + kube, + policy_evaluator::{PolicyEvaluator, PolicyExecutionMode, PolicySettings, ValidateRequest}, policy_evaluator_builder::PolicyEvaluatorBuilder, policy_fetcher::{sources::Sources, verify::FulcioAndRekorData, PullDestination}, policy_metadata::{ContextAwareResource, Metadata, PolicyType}, @@ -48,6 +48,7 @@ pub(crate) struct PullAndRunSettings { pub(crate) struct RunEnv { pub policy_evaluator: PolicyEvaluator, + pub policy_settings: PolicySettings, pub request: ValidateRequest, pub callback_handler: CallbackHandler, pub callback_handler_shutdown_channel_tx: oneshot::Sender<()>, @@ -91,13 +92,16 @@ pub(crate) async fn prepare_run_env(cfg: &PullAndRunSettings) -> Result } }; - let policy_settings = cfg.settings.as_ref().map_or(Ok(None), |settings| { - if settings.is_empty() { - Ok(None) - } else { - serde_yaml::from_str(settings) + let policy_settings: PolicySettings = match cfg.settings.as_ref() { + None => Ok(PolicySettings::default()), + Some(settings) => { + if settings.is_empty() { + Ok(PolicySettings::default()) + } else { + serde_yaml::from_str(settings) + } } - })?; + }?; // This is a channel used to stop the tokio task that is run // inside of the CallbackHandler @@ -109,16 +113,19 @@ pub(crate) async fn prepare_run_env(cfg: &PullAndRunSettings) -> Result let callback_sender_channel = callback_handler.sender_channel(); - let mut policy_evaluator_builder = PolicyEvaluatorBuilder::new(policy_id) + let mut policy_evaluator_builder = PolicyEvaluatorBuilder::new() .policy_file(&policy.local_path)? - .execution_mode(execution_mode) - .settings(policy_settings) - .callback_channel(callback_sender_channel) - .context_aware_resources_allowed(context_aware_allowed_resources); + .execution_mode(execution_mode); if cfg.enable_wasmtime_cache { policy_evaluator_builder = policy_evaluator_builder.enable_wasmtime_cache(); } - let policy_evaluator = policy_evaluator_builder.build()?; + + let eval_ctx = EvaluationContext { + policy_id: policy_id.to_owned(), + callback_channel: Some(callback_sender_channel.clone()), + ctx_aware_resources_allow_list: context_aware_allowed_resources.clone(), + }; + let policy_evaluator = policy_evaluator_builder.build_pre()?.rehydrate(&eval_ctx)?; let request = if cfg.raw || has_raw_policy_type(metadata.as_ref()) { ValidateRequest::Raw(req_obj) @@ -144,6 +151,7 @@ pub(crate) async fn prepare_run_env(cfg: &PullAndRunSettings) -> Result Ok(RunEnv { policy_evaluator, + policy_settings, request, callback_handler, callback_handler_shutdown_channel_tx, @@ -157,7 +165,7 @@ pub(crate) async fn pull_and_run(cfg: &PullAndRunSettings) -> Result<()> { let callback_handler_shutdown_channel_tx = run_env.callback_handler_shutdown_channel_tx; // validate the settings given by the user - let settings_validation_response = policy_evaluator.validate_settings(); + let settings_validation_response = policy_evaluator.validate_settings(&run_env.policy_settings); if !settings_validation_response.valid { println!("{}", serde_json::to_string(&settings_validation_response)?); return Err(anyhow!( @@ -172,7 +180,7 @@ pub(crate) async fn pull_and_run(cfg: &PullAndRunSettings) -> Result<()> { }); // evaluate request - let response = policy_evaluator.validate(run_env.request); + let response = policy_evaluator.validate(run_env.request, &run_env.policy_settings); println!("{}", serde_json::to_string(&response)?); // The evaluation is done, we can shutdown the tokio task that is running