Skip to main content

regorus/
compile.rs

1// Copyright (c) Microsoft Corporation.
2// Licensed under the MIT License.
3
4use crate::{compiled_policy::CompiledPolicy, engine::Engine, value::Value, *};
5
6use anyhow::Result;
7
8/// Represents a Rego policy module with an identifier and content.
9#[derive(Debug, Clone)]
10pub struct PolicyModule {
11    pub id: Rc<str>,
12    pub content: Rc<str>,
13}
14
15/// Compiles a target-aware policy from data and modules.
16///
17/// This is a convenience function that sets up an [`Engine`] and calls
18/// [`Engine::compile_for_target`]. For more control over the compilation process
19/// or to reuse an engine, use the engine method directly.
20///
21/// # Arguments
22///
23/// * `data` - Static data to be available during policy evaluation
24/// * `modules` - Array of Rego policy modules to compile together
25///
26/// # Returns
27///
28/// Returns a [`CompiledPolicy`] for target-aware evaluation.
29///
30/// # Note
31///
32/// This function is only available when the `azure_policy` feature is enabled.
33///
34/// # See Also
35///
36/// - [`Engine::compile_for_target`] for detailed documentation and examples
37/// - [`compile_policy_with_entrypoint`] for explicit rule-based compilation
38#[cfg(feature = "azure_policy")]
39#[cfg_attr(docsrs, doc(cfg(feature = "azure_policy")))]
40pub fn compile_policy_for_target(data: Value, modules: &[PolicyModule]) -> Result<CompiledPolicy> {
41    let mut engine = setup_engine_with_modules(data, modules)?;
42    engine.compile_for_target()
43}
44
45/// Compiles a policy from data and modules with a specific entry point rule.
46///
47/// This is a convenience function that sets up an [`Engine`] and calls
48/// [`Engine::compile_with_entrypoint`]. For more control over the compilation process
49/// or to reuse an engine, use the engine method directly.
50///
51/// # Arguments
52///
53/// * `data` - Static data to be available during policy evaluation
54/// * `modules` - Array of Rego policy modules to compile together
55/// * `entry_point_rule` - The specific rule path to evaluate (e.g., "data.policy.allow")
56///
57/// # Returns
58///
59/// Returns a [`CompiledPolicy`] focused on the specified entry point rule.
60///
61/// # See Also
62///
63/// - [`Engine::compile_with_entrypoint`] for detailed documentation and examples
64/// - [`compile_policy_for_target`] for target-aware compilation
65pub fn compile_policy_with_entrypoint(
66    data: Value,
67    modules: &[PolicyModule],
68    entry_point_rule: Rc<str>,
69) -> Result<CompiledPolicy> {
70    let mut engine = setup_engine_with_modules(data, modules)?;
71    engine.compile_with_entrypoint(&entry_point_rule)
72}
73
74/// Helper function to set up an engine with data and modules.
75fn setup_engine_with_modules(data: Value, modules: &[PolicyModule]) -> Result<Engine> {
76    let mut engine = Engine::new();
77
78    // Add data to the engine
79    engine.add_data(data)?;
80    engine.set_gather_prints(true);
81
82    // Add all modules to the engine
83    for module in modules {
84        engine.add_policy(module.id.to_string(), module.content.to_string())?;
85    }
86
87    Ok(engine)
88}