From 45df4d0d9b577fecee798d672695fe24ff57fb1b Mon Sep 17 00:00:00 2001 From: mo khan Date: Tue, 15 Jul 2025 16:37:08 -0600 Subject: feat: migrate from Cedar to SpiceDB authorization system This is a major architectural change that replaces the Cedar policy-based authorization system with SpiceDB's relation-based authorization. Key changes: - Migrate from Rust to Go implementation - Replace Cedar policies with SpiceDB schema and relationships - Switch from envoy `ext_authz` with Cedar to SpiceDB permission checks - Update build system and dependencies for Go ecosystem - Maintain Envoy integration for external authorization This change enables more flexible permission modeling through SpiceDB's Google Zanzibar inspired relation-based system, supporting complex hierarchical permissions that were difficult to express in Cedar. Breaking change: Existing Cedar policies and Rust-based configuration will no longer work and need to be migrated to SpiceDB schema. --- .../google/yamlfmt/formatters/basic/features.go | 72 ++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 vendor/github.com/google/yamlfmt/formatters/basic/features.go (limited to 'vendor/github.com/google/yamlfmt/formatters/basic/features.go') diff --git a/vendor/github.com/google/yamlfmt/formatters/basic/features.go b/vendor/github.com/google/yamlfmt/formatters/basic/features.go new file mode 100644 index 00000000..fc933f49 --- /dev/null +++ b/vendor/github.com/google/yamlfmt/formatters/basic/features.go @@ -0,0 +1,72 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package basic + +import ( + "github.com/google/yamlfmt" + yamlFeatures "github.com/google/yamlfmt/formatters/basic/features" + "github.com/google/yamlfmt/internal/features" + "github.com/google/yamlfmt/internal/hotfix" +) + +func ConfigureFeaturesFromConfig(config *Config) yamlfmt.FeatureList { + lineSep, err := config.LineEnding.Separator() + if err != nil { + lineSep = "\n" + } + configuredFeatures := []yamlfmt.Feature{} + if config.RetainLineBreaks || config.RetainLineBreaksSingle { + configuredFeatures = append( + configuredFeatures, + hotfix.MakeFeatureRetainLineBreak(lineSep, config.RetainLineBreaksSingle), + ) + } + if config.TrimTrailingWhitespace { + configuredFeatures = append( + configuredFeatures, + features.MakeFeatureTrimTrailingWhitespace(lineSep), + ) + } + if config.EOFNewline { + configuredFeatures = append( + configuredFeatures, + features.MakeFeatureEOFNewline(lineSep), + ) + } + if config.StripDirectives { + configuredFeatures = append( + configuredFeatures, + hotfix.MakeFeatureStripDirectives(lineSep), + ) + } + return configuredFeatures +} + +func ConfigureYAMLFeaturesFromConfig(config *Config) yamlFeatures.YAMLFeatureList { + var featureList yamlFeatures.YAMLFeatureList + + if config.DisallowAnchors { + featureList = append(featureList, yamlFeatures.Check) + } + + if config.ForceArrayStyle != "" { + featureList = append( + featureList, + yamlFeatures.FeatureForceSequenceStyle(config.ForceArrayStyle), + ) + } + + return featureList +} -- cgit v1.2.3