diff options
| author | mo khan <mo@mokhan.ca> | 2025-07-15 16:37:08 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-07-17 16:30:22 -0600 |
| commit | 45df4d0d9b577fecee798d672695fe24ff57fb1b (patch) | |
| tree | 1b99bf645035b58e0d6db08c7a83521f41f7a75b /vendor/github.com/envoyproxy/protoc-gen-validate/validate/BUILD | |
| parent | f94f79608393d4ab127db63cc41668445ef6b243 (diff) | |
feat: migrate from Cedar to SpiceDB authorization system
This is a major architectural change that replaces the Cedar policy-based
authorization system with SpiceDB's relation-based authorization.
Key changes:
- Migrate from Rust to Go implementation
- Replace Cedar policies with SpiceDB schema and relationships
- Switch from envoy `ext_authz` with Cedar to SpiceDB permission checks
- Update build system and dependencies for Go ecosystem
- Maintain Envoy integration for external authorization
This change enables more flexible permission modeling through SpiceDB's
Google Zanzibar inspired relation-based system, supporting complex
hierarchical permissions that were difficult to express in Cedar.
Breaking change: Existing Cedar policies and Rust-based configuration
will no longer work and need to be migrated to SpiceDB schema.
Diffstat (limited to 'vendor/github.com/envoyproxy/protoc-gen-validate/validate/BUILD')
| -rw-r--r-- | vendor/github.com/envoyproxy/protoc-gen-validate/validate/BUILD | 74 |
1 files changed, 74 insertions, 0 deletions
diff --git a/vendor/github.com/envoyproxy/protoc-gen-validate/validate/BUILD b/vendor/github.com/envoyproxy/protoc-gen-validate/validate/BUILD new file mode 100644 index 00000000..ef634dd8 --- /dev/null +++ b/vendor/github.com/envoyproxy/protoc-gen-validate/validate/BUILD @@ -0,0 +1,74 @@ +load("@com_google_protobuf//bazel:cc_proto_library.bzl", "cc_proto_library") +load("@io_bazel_rules_go//go:def.bzl", "go_library") +load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library") +load("@rules_cc//cc:defs.bzl", "cc_library") +load("@rules_java//java:defs.bzl", "java_proto_library") +load("@rules_proto//proto:defs.bzl", "proto_library") +load("@rules_python//python:proto.bzl", "py_proto_library") + +package( + default_visibility = + ["//visibility:public"], +) + +proto_library( + name = "validate_proto", + srcs = ["validate.proto"], + deps = [ + "@com_google_protobuf//:descriptor_proto", + "@com_google_protobuf//:duration_proto", + "@com_google_protobuf//:timestamp_proto", + ], +) + +cc_proto_library( + name = "validate_cc", + deps = [":validate_proto"], +) + +py_proto_library( + name = "validate_py", + deps = [":validate_proto"], +) + +go_proto_library( + name = "validate_go_proto", + importpath = "github.com/envoyproxy/protoc-gen-validate/validate", + proto = ":validate_proto", +) + +cc_library( + name = "cc_validate", + hdrs = ["validate.h"], +) + +go_library( + name = "validate_go", + embed = [":validate_go_proto"], + importpath = "github.com/envoyproxy/protoc-gen-validate/validate", +) + +java_proto_library( + name = "validate_java", + deps = [":validate_proto"], +) + +filegroup( + name = "validate_src", + srcs = ["validate.proto"], +) + +alias( + name = "go_default_library", + actual = ":validate", + deprecation = "Use :validate instead of :go_default_library. Details about the new naming convention: https://github.com/bazelbuild/bazel-gazelle/pull/863", + visibility = ["//visibility:public"], +) + +# this alias allows build files generated with Gazelle in other repositories +# to find validate as an external dependency +alias( + name = "validate", + actual = ":validate_go", + visibility = ["//visibility:public"], +) |