From 1ec324500388de36436842bc67e7f7aa8888e134 Mon Sep 17 00:00:00 2001 From: Fabrizio Sestito Date: Tue, 18 Jun 2024 13:33:26 +0200 Subject: [PATCH] docs: add dx related story/example Signed-off-by: Fabrizio Sestito --- rfc/0020-policy-group.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/rfc/0020-policy-group.md b/rfc/0020-policy-group.md index 298b6a8..ff91568 100644 --- a/rfc/0020-policy-group.md +++ b/rfc/0020-policy-group.md @@ -25,6 +25,7 @@ and enables the creation of custom policies using a DSL-like configuration. [examples]: #examples - As a user, I want to create a policy that is composed of other policies and is evaluated using a boolean expression. +- As a user, I want to develop and test a policy group with the help of kwctl. # Detailed design @@ -275,6 +276,11 @@ Also, we could consider creating a [custom package](https://rhai.rs/book/rust/pa The policy server will support [raw policy](https://docs.kubewarden.io/tutorials/writing-policies/wasi/raw-policies) groups out of the box, since the group evaluation logic is implemented in the `EvaluationEnvironment`. It will be possible to define a policy group with raw policies only, and evaluate the expression by calling the `validate_raw/` endpoint. +## Development + +The `kwctl` tool will be extended to support the policy groups, to allow users to develop and test policy groups locally. +For this reason, it might be necessary to move the `EvaluationEnvironment` to the `policy-evaluator` crate and to refactor `kwctl` accordingly. + ## Preliminary benchmark The following results are based on the [Kubewarden k6 load test](https://github.com/kubewarden/load-testing/tree/k6) using the [psp-apparmor policy](https://github.com/kubewarden/apparmor-psp-policy)