New #Regal release is out! v0.8.0 brings a bunch of new features and improvements to your favorite #Rego linter, including a #GitHub output format which will annotate PRs with linter violations. Also four new #linter rules to catch both issues as well as non-idiomatic coding style. Check it out!

#OPA #OpenPolicyAgent #DevOps #DevSecOps #Development

https://github.com/StyraInc/regal/releases/tag/v0.8.0

Does anyone know if #GitLab has anything similar to the "workflow commands" ( https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions ) that #GitHub has?

I'd love to integrate my linter #Regal in GitLab CI pipelines, and it would be sweet if the output could actually annotate the #Rego source code at the location of a violation.

Looking at the GitLab docs I'm thinking "no", but I'd love to be wrong about that!

Leaving the work week behind with a bang! 💥 Just pushed v0.7.0 of #Regal, the linter for #Rego. Featuring a new 'custom' category where *you* decide the rules, allowing teams and orgs to enforce things like their own naming conventions. Lots of other good stuff added this summer. If you ever work with #OPA and Rego, make sure to check it out!

Oh, and please give the project a ⭐️ if you'd like to make my weekend even better 😃

https://github.com/styraInc/regal

#DevOps #DevSecOps #CloudNative #CNCF

Good morning from #Munich! 🇩🇪 Two days of #Kubernetes Community Days ahead. I’ll talk #OPA for authorization later today, and a lightning talk on learning OPA and #Rego tomorrow. Good times!

#KCD #KCDMunich #CloudNative

It's not much, but it's honest work! Pushed a new release of #Regal the #Rego linter yesterday. v0.2.0 adds a new "idiomatic" category and two new linter rules to that, flagging code that uses custom constructs where more idiomatic ones are available. If you're using #OPA, check it out!

https://github.com/StyraInc/regal/releases/tag/v0.2.0

And on the topic of checking out, I'm out for midsummer. To those who celebrate, and to those who don't, have a good one! ☀️🌳🍺

New blog just dropped! On using a #linter as a tool for learning a new #programming language, and how I tried to apply some of those ideas while building #Regal, the new linter for #Rego.

https://www.styra.com/blog/guarding-the-guardrails-introducing-regal-the-rego-linter/

#OpenPolicyAgent #OPA #CloudNative #CNCF #PolicyAsCode

It's hot outside, but you know what's even hotter? The #CloudNative meetup taking place at the Google office in #Stockholm this evening. I'll be talking about how to translate "real" policy, like the upcoming #EUCS framework into #PolicyAsCode using #OpenPolicyAgent and #Rego. Also, my buddy Abdel to present on ambient service mesh and #Istio. Good times!

https://community.cncf.io/events/details/cncf-stockholm-presents-stockholm-cloud-native-community-group-june-2023-meetup/

#CloudNativeNordics #CNCF #DevOps #DevSecOps #Code

My #Rego linter #Regal featured in both the #DevOps weekly newsletter and the #CloudSecList 😃 Not too often I’m proud of something, but now is one of those occasions.

https://github.com/StyraInc/regal/

#PolicyAsCode #OPA #DevSecOps #Development #Code #OpenSource

Announced yesterday, Regal is a new linter for #Rego, with the ambitious goal of both catching bugs/mistakes in policy code, *and* to help people learn the language! If you ever work with #OPA, I’m sure you’ll find it useful. Check it out, and if you’d like to help kick-start the project by giving at star ⭐️ I’d be overjoyed!

https://github.com/StyraInc/regal/

#CloudNative #Linter #Code #Development #Co

My #KubeCon talk from Amsterdam a few weeks ago is now up on YouTube! The #EUCS — a compliance certification scheme for service providers in the cloud — is on its way, and will have a big impact on how organizations work with #security, #compliance and #automation. A holistic framework like the EUCS provides #policy controls applicable to the whole stack. How would we codify and enforce such rules?

#OPA #PolicyAsCode #Rego #OSCAL @enisa_eu

https://www.youtube.com/watch?v=XoWf4QcSbDw

If you want to talk #OPA, #Rego and #PolicyAsCode — or just say hi 👋 — I’ll be in the OPA kiosk at #KubeCon today between 13:00 - 16:00. See you there! 😃

It's been a long week. But when you start making memes about compiler stages, it's probably time to hit the sack.

#OPA #Rego #development #coding

Some late night excursions in #Rego land, and a huge input structure to traverse, which performed terribly. Got evaluation time down from 17 seconds to 1, with some "opa eval --profile" chasing. Certainly not a representative use case, but a fun one.

https://github.com/anderseknert/rego-perf-tuning

Using #OPA with #Rego policy compiled to #Wasm, and #Nix to create CLI tools... sure ticks a lot of my nerd checkboxes 😄 Awesome!

https://github.com/DeterminateSystems/nix-policy

Awesome new addition to the #OPA ecosystem! A proxy in front of the #HashiCorp #Nomad API, which allows policy-powered "admission control", similar to that in #Kubernetes.

#CloudNative #DevOps #DevSecOps #Rego #OpenPolicyAgent

https://github.com/mxab/nacp

The "tree" command is awesome! Tip: you can have it output a directory structure as JSON using the -J flag, and pipe the output to "opa eval" to enforce policy on the directory structure, or require certain files to be present, in any directory 😃

#OPA #Rego #tree

Eventful week last one! I turned 40, and #OPA turned v0.50.0! Lots of good stuff in this release, like new built-in functions for JSON schema verification, a new shorthand syntax for fetching remote bundles, performance improvements, and more. Check it out!

#OpenPolicyAgent #JSONSchema #Rego

https://github.com/open-policy-agent/opa/releases/tag/v0.50.0

@hrefna @kevinswiber has done a lot of good work in the #Rego + #OpenAPI field, so I’m hoping he can chip in here. Let’s see if this will have him summoned 🧙

Newbie question on #rego since this is a use case I've been noodling with but haven't done the legwork on yet:

If I have a definition file written for #OpenAPI that contains some custom extensions, what is the best way to get that information into rego in a way that will let me make decisions with it?

@anderseknert @charlieegan3 @chat_with_matt In fairness, I do agree that it is a lot like inverting your brain and a lot of engineers—many who want to get a job done who are often avoidant of SQL and have no experience with #datalog—struggle with it at first ^^

There's a steep learning curve w/ limited resources to get you where you need to be in a hurry.

On the other side I can come up with about eight million reasons I don't like doing the sorts of things that #Rego does in #Go or #Python.