#wasm-module #policy #opa #policies #input #agent #evaluate

bin+lib opa-wasm

A crate to use OPA policies compiled to WASM

4 releases

0.1.3 Nov 21, 2024
0.1.2 Nov 12, 2024
0.1.1 Oct 7, 2024
0.1.0 Jul 1, 2024

#53 in WebAssembly

Download history 67/week @ 2024-08-21 509/week @ 2024-08-28 244/week @ 2024-09-04 395/week @ 2024-09-11 177/week @ 2024-09-18 376/week @ 2024-09-25 1215/week @ 2024-10-02 339/week @ 2024-10-09 742/week @ 2024-10-16 661/week @ 2024-10-23 293/week @ 2024-10-30 618/week @ 2024-11-06 792/week @ 2024-11-13 790/week @ 2024-11-20 453/week @ 2024-11-27 710/week @ 2024-12-04

3,192 downloads per month

Apache-2.0

140KB
2.5K SLoC

Rust Open Policy Agent SDK

A crate to use OPA policies compiled to WASM.

Try it out

This includes a CLI tool to try out the SDK implementation.

cargo run --features=cli --      \
    --module ./policy.wasm       \
    --data-path ./data.json      \
    --input '{"hello": "world"}' \
    --entrypoint 'hello/world'

Set the RUST_LOG environment variable to info to show timings informations about the execution.

opa-wasm
Evaluates OPA policies compiled as WASM modules

USAGE:
    opa-eval [OPTIONS] --entrypoint <ENTRYPOINT> <--module <MODULE>|--bundle <BUNDLE>>

OPTIONS:
    -m, --module <MODULE>            Path to the WASM module
    -b, --bundle <BUNDLE>            Path to the OPA bundle
    -e, --entrypoint <ENTRYPOINT>    Entrypoint to use
    -d, --data <JSON>                JSON literal to use as data
    -D, --data-path <PATH>           Path to a JSON file to load as data
    -i, --input <JSON>               JSON literal to use as input
    -I, --input-path <PATH>          Path to a JSON file to load as data
    -h, --help                       Print help information

As a library

use std::collections::HashMap;

use anyhow::Result;

use opa_wasm::{wasmtime, Runtime};

#[tokio::main]
async fn main() -> Result<()> {
    // Configure the WASM runtime
    let mut config = wasmtime::Config::new();
    config.async_support(true);

    let engine = wasmtime::Engine::new(&config)?;

    // Load the policy WASM module
    let module = tokio::fs::read("./policy.wasm").await?;
    let module = wasmtime::Module::new(&engine, module)?;

    // Create a store which will hold the module instance
    let mut store = wasmtime::Store::new(&engine, ());

    let data = HashMap::from([("hello", "world")]);
    let input = HashMap::from([("message", "world")]);

    // Instantiate the module
    let runtime = Runtime::new(&mut store, &module).await?;

    let policy = runtime.with_data(&mut store, &data).await?;

    // Evaluate the policy
    let res: serde_json::Value = policy.evaluate(&mut store, "hello/world", &input).await?;

    println!("{}", res);

    Ok(())
}

Dependencies

~16–31MB
~496K SLoC