The containerized instance of OPA needs the policies (opa/policy.rego) and the data (opa/data.json) used to evaluate the input.
The following docker-compose file:
- copies in the
/fedmgrfolder the./opafolder contained in this repository. - starts opa in server mode
- loads the
fedmgrpackage and serves it onlocalhost:8181/v1/data/fedmgr.
# compose.yaml
services:
opa:
image: openpolicyagent/opa
ports:
- 8181:8181
volumes:
- ./opa:/fedmgr:ro
command: run --server --log-level debug /fedmgrdocker compose up -dOnce OPA is up and running we can interrogate its endpoints to evaluate the inpute contained in v1-data-input.json. Here we give an example of the input to provide to the OPA REST API.
# v1-data-input.json
{
"input": {
"authorization": "Bearer <token>"
}
}curl localhost:8181/v1/data/fedmgr/user_roles -d @v1-data-input.json -H 'Content-Type: application/json'In the examples folder we provide a python script with a Socket.IO client. It tries to connect to the /site_admin namespace and emit a message.
Since endpoints requires a valid token, this example expects the access token as an input to the --token (or -t) argument. Alternatively you can set the $SOCKETIO_CLIENT_TOKEN env var.
python examples/client.py -t <TOKEN>For the example client to work you need a running instance of the application.
You can copy and edit that file to make more complexes examples or tests.