cargo-aprz-lib 0.2.0

Internal library for cargo-aprz
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

//! Expression-based crate evaluation using CEL
//!
//! This module implements the policy evaluation engine that determines whether
//! crates should be accepted or denied based on user-defined expressions. It
//! uses the CEL (Common Expression Language) to provide a safe, sandboxed
//! evaluation environment.
//!
//! # Implementation Model
//!
//! The evaluation process follows a three-tier policy model:
//!
//! 1. **Deny-if-any**: If any expression evaluates to true, immediately deny
//! 2. **Accept-if-any**: If any expression evaluates to true, accept (unless denied)
//! 3. **Accept-if-all**: Accept only if all expressions evaluate to true (unless denied)
//!
//! Each tier contains a list of [`Expression`] objects parsed from user configuration.
//! Expressions are compiled once at startup for efficiency and validated to ensure
//! they reference only valid metric names.
//!
//! The [`evaluate`] function is the main entry point. For each crate, it:
//! - Builds a CEL context with all metric values as variables
//! - Adds a `now` variable for datetime comparisons
//! - Evaluates expressions in order (deny-if-any, then accept-if-any, then accept-if-all)
//! - Returns an [`EvaluationOutcome`] with the final acceptance status and reasons
//!
//! The CEL context is created once per crate and reused for all expressions,
//! significantly improving performance when evaluating multiple expressions.

mod evaluation_outcome;
mod evaluator;
mod expression;

pub use evaluation_outcome::EvaluationOutcome;
pub use evaluator::evaluate;
pub use expression::Expression;