diff options
| author | mo khan <mo@mokhan.ca> | 2025-07-14 11:34:18 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-07-14 11:34:18 -0600 |
| commit | fa92e7d1b3a61deb3d16db2f6546677040e395cd (patch) | |
| tree | e7d13b5a30daa201b4c864917a4b0d2b0c03a64e | |
| parent | a0de68067e3077481d526ef42bbb1c5708b044c8 (diff) | |
chore: add make targets to setup spice schema
| -rw-r--r-- | Makefile | 10 | ||||
| -rw-r--r-- | etc/authzd/spice.schema | 7 |
2 files changed, 17 insertions, 0 deletions
@@ -78,3 +78,13 @@ production-entities: $(AUTHZD_BIN) check-gitlab-token @$(AUTHZD_BIN) generate --project gitlab-org/gitlab --output etc/authzd/gitlab.com/gitlab-org/gitlab/entities.json @$(AUTHZD_BIN) generate --project gitlab-org/software-supply-chain-security/authorization/authzd --output etc/authzd/gitlab.com/gitlab-org/software-supply-chain-security/authorization/authzd/entities.json @$(AUTHZD_BIN) generate --project gitlab-org/software-supply-chain-security/authorization/sparkled --output etc/authzd/gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/entities.json + +# spice target +run-spicedb: + @spicedb serve --grpc-preshared-key "secret" + +run-spice-schema-load: + @zed --endpoint ":50051" --token "secret" --insecure schema write etc/authzd/spice.schema + +run-spice-schema-read: + @zed --endpoint ":50051" --token "secret" --insecure schema read diff --git a/etc/authzd/spice.schema b/etc/authzd/spice.schema new file mode 100644 index 00000000..74d0a7d6 --- /dev/null +++ b/etc/authzd/spice.schema @@ -0,0 +1,7 @@ +definition user {} +definition post { + relation reader: user + relation writer: user + permission read = reader + writer + permission write = writer +} |