Upgrade dependent version: github.com/open-policy-agent/opa (#5315)

Upgrade dependent version: github.com/open-policy-agent/opa v0.18.0 -> v0.45.0 Signed-off-by: hongzhouzi <hongzhouzi@kubesphere.io> Signed-off-by: hongzhouzi <hongzhouzi@kubesphere.io>
2022-10-31 10:58:55 +08:00
parent 668fca1773
commit ef03b1e3df
363 changed files with 277341 additions and 13544 deletions
--- a/vendor/github.com/open-policy-agent/opa/topdown/builtins.go
+++ b/vendor/github.com/open-policy-agent/opa/topdown/builtins.go
@@ -6,10 +6,17 @@ package topdown

 import (
 	"context"
+	"encoding/binary"
 	"fmt"
+	"io"
+	"math/rand"

 	"github.com/open-policy-agent/opa/ast"
+	"github.com/open-policy-agent/opa/metrics"
 	"github.com/open-policy-agent/opa/topdown/builtins"
+	"github.com/open-policy-agent/opa/topdown/cache"
+	"github.com/open-policy-agent/opa/topdown/print"
+	"github.com/open-policy-agent/opa/tracing"
 )

 type (
@@ -28,14 +35,25 @@ type (
 	// BuiltinContext contains context from the evaluator that may be used by
 	// built-in functions.
 	BuiltinContext struct {
-		Context  context.Context // request context that was passed when query started
-		Cancel   Cancel          // atomic value that signals evaluation to halt
-		Runtime  *ast.Term       // runtime information on the OPA instance
-		Cache    builtins.Cache  // built-in function state cache
-		Location *ast.Location   // location of built-in call
-		Tracers  []Tracer        // tracer objects for trace() built-in function
-		QueryID  uint64          // identifies query being evaluated
-		ParentID uint64          // identifies parent of query being evaluated
+		Context                context.Context       // request context that was passed when query started
+		Metrics                metrics.Metrics       // metrics registry for recording built-in specific metrics
+		Seed                   io.Reader             // randomization source
+		Time                   *ast.Term             // wall clock time
+		Cancel                 Cancel                // atomic value that signals evaluation to halt
+		Runtime                *ast.Term             // runtime information on the OPA instance
+		Cache                  builtins.Cache        // built-in function state cache
+		InterQueryBuiltinCache cache.InterQueryCache // cross-query built-in function state cache
+		NDBuiltinCache         builtins.NDBCache     // cache for non-deterministic built-in state
+		Location               *ast.Location         // location of built-in call
+		Tracers                []Tracer              // Deprecated: Use QueryTracers instead
+		QueryTracers           []QueryTracer         // tracer objects for trace() built-in function
+		TraceEnabled           bool                  // indicates whether tracing is enabled for the evaluation
+		QueryID                uint64                // identifies query being evaluated
+		ParentID               uint64                // identifies parent of query being evaluated
+		PrintHook              print.Hook            // provides callback function to use for printing
+		DistributedTracingOpts tracing.Options       // options to be used by distributed tracing.
+		rand                   *rand.Rand            // randomization source for non-security-sensitive operations
+		Capabilities           *ast.Capabilities
 	}

 	// BuiltinFunc defines an interface for implementing built-in functions.
@@ -46,6 +64,25 @@ type (
 	BuiltinFunc func(bctx BuiltinContext, operands []*ast.Term, iter func(*ast.Term) error) error
 )

+// Rand returns a random number generator based on the Seed for this built-in
+// context. The random number will be re-used across multiple calls to this
+// function. If a random number generator cannot be created, an error is
+// returned.
+func (bctx *BuiltinContext) Rand() (*rand.Rand, error) {
+
+	if bctx.rand != nil {
+		return bctx.rand, nil
+	}
+
+	seed, err := readInt64(bctx.Seed)
+	if err != nil {
+		return nil, err
+	}
+
+	bctx.rand = rand.New(rand.NewSource(seed))
+	return bctx.rand, nil
+}
+
 // RegisterBuiltinFunc adds a new built-in function to the evaluation engine.
 func RegisterBuiltinFunc(name string, f BuiltinFunc) {
 	builtinFunctions[name] = builtinErrorWrapper(name, f)
@@ -142,7 +179,7 @@ func handleBuiltinErr(name string, loc *ast.Location, err error) error {
 	switch err := err.(type) {
 	case BuiltinEmpty:
 		return nil
-	case *Error:
+	case *Error, Halt:
 		return err
 	case builtins.ErrOperand:
 		return &Error{
@@ -158,3 +195,12 @@ func handleBuiltinErr(name string, loc *ast.Location, err error) error {
 		}
 	}
 }
+
+func readInt64(r io.Reader) (int64, error) {
+	bs := make([]byte, 8)
+	n, err := io.ReadFull(r, bs)
+	if n != len(bs) || err != nil {
+		return 0, err
+	}
+	return int64(binary.BigEndian.Uint64(bs)), nil
+}