rego-v1: Future-proofing download pkg tests to be 1.0 compatible (#…

…7035)

Signed-off-by: Johan Fylling <[email protected]>

download/oci_download_test.go

@@ -20,7 +20,8 @@ import (
 	"github.com/open-policy-agent/opa/plugins/rest"
 )
 
-// when changed the layer hash & size should be updated in signed.manifest
+// when changed the layer hash & size should be updated in .manifest files
+//go:generate go run github.com/open-policy-agent/opa build -b --signing-alg HS256 testdata/latest_bundle_data --output testdata/latest.tar.gz
 //go:generate go run github.com/open-policy-agent/opa build -b --signing-alg HS256 --signing-key secret testdata/signed_bundle_data --output testdata/signed.tar.gz
 //go:generate go run github.com/open-policy-agent/opa build --v1-compatible -b --signing-alg HS256 --signing-key secret testdata/rego_v1_bundle_data --output testdata/rego_v1.tar.gz
 

download/testdata/latest.manifest

@@ -8,8 +8,8 @@
    "layers":[
       {
          "mediaType":"application/vnd.oci.image.layer.v1.tar+gzip",
-         "digest":"sha256:b206ac766b0f3f880f6a62c4bb5ba5192d29deaefd989a1961603346a7555bdd",
-         "size":568,
+         "digest":"sha256:d85a3b7072e295a091f4ec50e85fefcd5285a1e2c60c298c0b87c498f1cb0613",
+         "size":610,
          "annotations":{
             "org.opencontainers.image.created":"2022-02-11T09:00:07Z",
             "org.opencontainers.image.title":"dani/testpol"

download/testdata/latest_bundle_data/.manifest

@@ -0,0 +1 @@
+{"revision":"","roots":["peoplefinder"]}

download/testdata/latest_bundle_data/data.json

@@ -0,0 +1 @@
+{}

download/testdata/latest_bundle_data/src/policies/__id/delete.rego

@@ -0,0 +1,23 @@
+package peoplefinder.DELETE.api.users.__id
+
+import rego.v1
+import input.user.attributes.properties as user_props
+
+default allowed = false
+
+default visible = false
+
+default enabled = false
+
+allowed if {
+	user_props.department == "Operations"
+	user_props.title == "IT Manager"
+}
+
+visible if {
+	user_props.department == "Operations"
+}
+
+enabled if {
+	allowed
+}

download/testdata/latest_bundle_data/src/policies/__id/get.rego

@@ -0,0 +1,7 @@
+package peoplefinder.GET.api.users.__id
+
+default allowed = true
+
+default visible = true
+
+default enabled = true

download/testdata/latest_bundle_data/src/policies/__id/post.rego

@@ -0,0 +1,18 @@
+package peoplefinder.POST.api.users.__id
+
+import rego.v1
+import input.user.attributes.properties as user_props
+
+default allowed = false
+
+default visible = true
+
+default enabled = false
+
+allowed if {
+	user_props.department == "Operations"
+}
+
+enabled if {
+	allowed
+}

download/testdata/latest_bundle_data/src/policies/__id/put.rego

@@ -0,0 +1,18 @@
+package peoplefinder.PUT.api.users.__id
+
+import rego.v1
+import input.user.attributes.properties as user_props
+
+default allowed = false
+
+default visible = true
+
+default enabled = true
+
+allowed if {
+	user_props.department == "Operations"
+}
+
+allowed if {
+	input.user.id == input.resource.id
+}

download/testdata/latest_bundle_data/src/policies/get.rego

@@ -0,0 +1,7 @@
+package peoplefinder.GET.api.users
+
+default allowed = true
+
+default visible = true
+
+default enabled = true

download/testdata/latest_bundle_data/src/policies/post.rego

@@ -0,0 +1,23 @@
+package peoplefinder.POST.api.users
+
+import rego.v1
+import input.user.attributes.properties as user_props
+
+default allowed = false
+
+default visible = false
+
+default enabled = false
+
+allowed if {
+	user_props.department == "Operations"
+	user_props.title == "IT Manager"
+}
+
+visible if {
+	allowed
+}
+
+enabled if {
+	allowed
+}