You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Bundles currently own the roots they've defined, or all roots if none have been provided. Some tools extending OPA embed a bundle of their own to e.g. provide Rego rules and functions as an embedded library. This easily creates conflicts if the same tool loads user provided policy directories as bundles unless these have provided .manifest files where non-conflicting bundle roots are defined. For this scenario, it would be helpful if the Rego API allowed a mode where defined bundle roots had precedence, but where a bundle loaded without defined roots instead of trying to claim all roots would claim all roots not previously defined.
If there are better ways to do this available already, that would be even better :)
The text was updated successfully, but these errors were encountered:
Bundles currently own the roots they've defined, or all roots if none have been provided. Some tools extending OPA embed a bundle of their own to e.g. provide Rego rules and functions as an embedded library. This easily creates conflicts if the same tool loads user provided policy directories as bundles unless these have provided .manifest files where non-conflicting bundle roots are defined. For this scenario, it would be helpful if the Rego API allowed a mode where defined bundle roots had precedence, but where a bundle loaded without defined roots instead of trying to claim all roots would claim all roots not previously defined.
If there are better ways to do this available already, that would be even better :)
The text was updated successfully, but these errors were encountered: