Rego Validation, Audit and tracing improvements (!429) · Merge requests · OSDU Software / OSDU Data Platform / Security and Compliance / Policy

Shane Hutchins requested to merge verify_rego into master Sep 20, 2023

Rego Validation for #80 (closed)

Added new API /validate/{policy_id} that supports templating
Validation now on by default for policy put (add/update) "/policies/osdu/partition/{data_partition}/{policy_id}"
Validation for policies updates can be turned off by env variable ENABLE_VERIFY_POLICY
New X-SHA-1 response headers
New sha1 in json response from put "/policies/osdu/partition/{data_partition}/{policy_id}"
SHA-1 in pod Audit log messages for updates
New unit test and integration test for /validate API
Updated Documentation
Updated openapi.yaml. Please note gitlab does not support rendering of OpenAPI 3.1.0 yet.
X-Debug-Result response header bugfix for use with ENABLE_DEV_DIAGNOSTICS
Added client_host to /config API
Envoy tracing support
Improved audit logging
Updated put response json message field if new (add) or updated (existing) in bundle and updated status code 202 for new/updated and 200 for no change detected.

Edited Sep 25, 2023 by Shane Hutchins

Rego Validation, Audit and tracing improvements