Skip to content

EngineerBetter/opa-boshrelease

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

135 Commits
.final_builds
.final_builds
 
 
ci
ci
 
 
config
config
 
 
jobs/opa
jobs/opa
 
 
packages/opa
packages/opa
 
 
releases/opa
releases/opa
 
 
spec
spec
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Gemfile
Gemfile
 
 
Gemfile.lock
Gemfile.lock
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Open Policy Agent Boshrelease

A bosh release for deploying the Open Policy Agent.

This release was designed for the purpose of integrating with Concourse but there's no reason why it couldn't be used for other purposes.

Example Usage

releases:
...
- name:    opa
  version: 0.0.2
  url:     https://github.com/EngineerBetter/opa-boshrelease/releases/download/0.0.2/opa-final-release-0.0.2.tgz
  sha1:    a92e3e0b0b280c5a334e71d14e8d504d5e062083

jobs:
- name: web
  jobs:
  - name: web
    release: concourse
    properties:
      opa:
        url: http://localhost:8181/v1/data/concourse/decision
      policy_check:
        filter_http_methods: PUT
        filter_actions: SaveConfig
  - name: opa
    release: opa
    properties:
      opa_policy: |
        package concourse

        default decision = {"allowed": true}

        decision = {"allowed": false, "reasons": reasons} {
          count(deny) > 0
          reasons := deny
        }

        deny["cannot use privileged resource types"] {
          input.action == "SaveConfig"
          input.data.resource_types[_].privileged
        }

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

3 watching

Forks

0 forks
Report repository

Releases 59

opa-boshrelease v0.0.59 Latest
Oct 26, 2023
+ 58 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages