Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sharing functions between constraint templates #1204

Closed
hamza3202 opened this issue Mar 29, 2021 · 7 comments
Closed

Sharing functions between constraint templates #1204

hamza3202 opened this issue Mar 29, 2021 · 7 comments
Assignees
@ritazh
Labels
docs Pure prose stale

Comments

@hamza3202
Copy link

Is there some way to share some basic functions between constraintTemplates? e.g a method to get nested field or even simple checks to identify the kind of a resource?
@brycecr
Copy link
Contributor

brycecr commented Mar 30, 2021

There is a static linking option available on constraintTemplates via the libs field:
https://github.com/open-policy-agent/frameworks/tree/master/constraint#what-is-a-constraint-template

That's all that is supported for now. Dynamic linking can result in dependency version conflicts so we have avoided a provision for those.

@hamza3202
Copy link
Author

libs defined by one constraintTemplates can be accessed by that constraintTemplates only or are they shared between constraint templates?

@maxsmythe
Copy link
Contributor

They can only be accessed by the one constraint template.

Shared libraries have a number of issues:

  • Dependency version conflicts
  • Eventual consistency -- what if the template is ingested before the shared library is available?
  • Non-hermeticity -- you now need to install two objects to get a given constraint template to work
  • Non-isolation -- users may overload the library functions either intentionally (and maliciously) or on accident because a name is common (think import aliasing in golang)

The goal of "libs" was to make it a bit easier to leverage the developer advantages that shared libraries have while avoiding the operational liabilities by providing an easy way to "statically link" code (borrowing this term from C)

@ritazh ritazh added the docs Pure prose label Apr 2, 2021
@hamza3202
Copy link
Author

@maxsmythe thanks for the information. I guess I will just work with that for now.

@ritazh ritazh reopened this Apr 12, 2021
@stale
Copy link

stale bot commented Jul 23, 2022

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 14 days if no further activity occurs. Thank you for your contributions.

@stale stale bot added the wontfix This will not be worked on label Jul 23, 2022
@ritazh ritazh added stale and removed wontfix This will not be worked on labels Aug 10, 2022
@stale stale bot removed the stale label Aug 10, 2022
@stale
Copy link

stale bot commented Oct 11, 2022

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 14 days if no further activity occurs. Thank you for your contributions.

@stale stale bot added the stale label Oct 11, 2022
@stale stale bot closed this as completed Oct 25, 2022
@ritazh ritazh reopened this Nov 22, 2023
@stale stale bot removed the stale label Nov 22, 2023
@ritazh ritazh self-assigned this Nov 22, 2023
@stale Stale
Copy link

stale bot commented Jan 21, 2024

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 14 days if no further activity occurs. Thank you for your contributions.

@stale stale bot added the stale label Jan 21, 2024
@stale stale bot closed this as completed Feb 5, 2024
@maxsmythe maxsmythe mentioned this issue Sep 27, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ritazh ritazh

Labels
docs Pure prose stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@brycecr @ritazh @maxsmythe @hamza3202