#wasm-module #policy #opa #policies #input #agent #evaluate

bin+lib opa-wasm

A crate to use OPA policies compiled to WASM

3 releases

0.1.2 Nov 12, 2024
0.1.1 Oct 7, 2024
0.1.0 Jul 1, 2024

#52 in WebAssembly

Download history 785/week @ 2024-07-30 504/week @ 2024-08-06 299/week @ 2024-08-13 70/week @ 2024-08-20 448/week @ 2024-08-27 205/week @ 2024-09-03 341/week @ 2024-09-10 318/week @ 2024-09-17 88/week @ 2024-09-24 1458/week @ 2024-10-01 302/week @ 2024-10-08 381/week @ 2024-10-15 904/week @ 2024-10-22 463/week @ 2024-10-29 224/week @ 2024-11-05 1160/week @ 2024-11-12

2,797 downloads per month

Apache-2.0

140KB
2.5K SLoC

Rust Open Policy Agent SDK

A crate to use OPA policies compiled to WASM.

Try it out

This includes a CLI tool to try out the SDK implementation.

cargo run --features=cli --      \
    --module ./policy.wasm       \
    --data-path ./data.json      \
    --input '{"hello": "world"}' \
    --entrypoint 'hello/world'

Set the RUST_LOG environment variable to info to show timings informations about the execution.

opa-wasm
Evaluates OPA policies compiled as WASM modules

USAGE:
    opa-eval [OPTIONS] --entrypoint <ENTRYPOINT> <--module <MODULE>|--bundle <BUNDLE>>

OPTIONS:
    -m, --module <MODULE>            Path to the WASM module
    -b, --bundle <BUNDLE>            Path to the OPA bundle
    -e, --entrypoint <ENTRYPOINT>    Entrypoint to use
    -d, --data <JSON>                JSON literal to use as data
    -D, --data-path <PATH>           Path to a JSON file to load as data
    -i, --input <JSON>               JSON literal to use as input
    -I, --input-path <PATH>          Path to a JSON file to load as data
    -h, --help                       Print help information

As a library

use std::collections::HashMap;

use anyhow::Result;

use opa_wasm::{wasmtime, Runtime};

#[tokio::main]
async fn main() -> Result<()> {
    // Configure the WASM runtime
    let mut config = wasmtime::Config::new();
    config.async_support(true);

    let engine = wasmtime::Engine::new(&config)?;

    // Load the policy WASM module
    let module = tokio::fs::read("./policy.wasm").await?;
    let module = wasmtime::Module::new(&engine, module)?;

    // Create a store which will hold the module instance
    let mut store = wasmtime::Store::new(&engine, ());

    let data = HashMap::from([("hello", "world")]);
    let input = HashMap::from([("message", "world")]);

    // Instantiate the module
    let runtime = Runtime::new(&mut store, &module).await?;

    let policy = runtime.with_data(&mut store, &data).await?;

    // Evaluate the policy
    let res: serde_json::Value = policy.evaluate(&mut store, "hello/world", &input).await?;

    println!("{}", res);

    Ok(())
}

Dependencies

~17–32MB
~506K SLoC