For this to work with Oak's use-cases we need this binary to support a CLI similar to the one the rust binary had. You can download a release of that binary here -- the binary is called auth-logic-prototype.

Here is the help provided by the binary from the CLI:

╰─➤  ./auth-logic-prototype --help                                                                   
auth-logic 0.1.0
An authorization logic compiler.

USAGE:
    auth-logic-prototype [FLAGS] [OPTIONS] <input-filename> --output_queries_directory <output-queries-directory> --souffle-output-file <souffle-output-file>

FLAGS:
    -h, --help            Prints help information
        --skip-souffle    Whether to skip running Souffle on the compiled datalog
    -V, --version         Prints version information

OPTIONS:
    -s, --skip <decl-skip>...
            List of declarations to skip when generating Souffle code

    -q, --output_queries_directory <output-queries-directory>
            Output directory, where the CSVs containing the results of evaluating queries will be saved [env:
            PWD=/usr/local/google/home/aferr/tmp]
    -o, --souffle-output-file <souffle-output-file>
            Output file path where compiled souffle program will be saved


ARGS:
    <input-filename>    The path of the input auth logic program to compile

Internally, for this to work we'll also need a top level function that takes the input and output file paths, calls the parser on the input file to generate the AST and then calls the compiler passes on the right order to generate the souffle file and the results of running the queries on the souffle file.

The rust implementation code for doing this is:

• here. This part gets the AST data structures from the input file
  and also
• here. Note that the order for the compiler passes that run in the AST are: 1) universe translation, 2) lowering to DLIR, 3) emitting the souffle.

(Maybe the C++ implementation already has this, but I thought I would leave references just in case).

Actually, since the rust implementation has a ton of tests and we will have done all of the work to port this, it would be great if we could take the tests from the rust implementation here and port them into the C++ version. Those tests run on input authorization logic files here, and it should be possible to run the tests on those same test input files. Some of those tests were also written to ensure compatibility with transparent release, so this will help make sure we are not missing something in the new implementation.

OK the "minimum requirements" for making the migration easy are actually less strict than exactly the CLI we had before. We need the CLI to have all of the following on the command line:

• the path to the input authorization logic file
• the path to the output souffle file
• the path to a directory where where a separate CSV for each query is saved. The name of each CSV file is the name of the query in the input program and it is empty if the query was false or it contains just "dummy_var" if it was true.*
  We need the above three things to show up somewhere on the command line because as long as those are on the command line it is easy to write a blaze genrule that can read those values.

We don't need:

• the help screen
• the version option
• the decl-skip / skip option
• we don't need conventional options with dashes at all, though these are nice to have because they are conventional

As long as we have those minimum requirements, I can go and make some small tweaks on the transparent release side for any adjustments that needed to be made to the CLI.

*(this is probably a hacky interface for testing queries, and this means the C++ implementation would be inheriting some tech debt from the old rust version. We should re-think this interface but probably not right now)

For outputting queries, this is how the rust implmentation generates an output CSV:here

For the queries directory all the rust version did was run the souffle program and pass the queries output directory to souffle's -D option. Here is where the rust version did this as a reference:

This was fixed a while ago