WARNING: THIS SITE IS A MIRROR OF GITHUB.COM / IT CANNOT LOGIN OR REGISTER ACCOUNTS / THE CONTENTS ARE PROVIDED AS-IS / THIS SITE ASSUMES NO RESPONSIBILITY FOR ANY DISPLAYED CONTENT OR LINKS / IF YOU FOUND SOMETHING MAY NOT GOOD FOR EVERYONE, CONTACT ADMIN AT ilovescratch@foxmail.com
Skip to content

feat(policy): implement policy eval #2611

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Piskoo wants to merge 7 commits into from
Closed

feat(policy): implement policy eval #2611

Piskoo wants to merge 7 commits into from
+292 −3

Conversation

@Piskoo
Copy link
Collaborator

@Piskoo Piskoo commented Dec 7, 2025
edited
Loading

Summary

Introduces a new chainloop policy eval command that evaluates policies using the control plane with organization settings, supporting both generic and material-based policy evaluation.

Differences

Feature policy eval policy develop eval
Authentication Required Optional
Allowed Hostnames From org config Manual --allowed-hostnames
Debug Mode Not supported Supported

@Piskoo Piskoo marked this pull request as ready for review December 8, 2025 07:40
@Piskoo Piskoo marked this pull request as draft December 11, 2025 10:34
@Piskoo Piskoo changed the title feat(policy): support remote execution feat(policy): add policy eval Dec 11, 2025
@Piskoo Piskoo changed the title feat(policy): add policy eval feat(policy): implement policy eval Dec 11, 2025
@Piskoo Piskoo marked this pull request as ready for review December 11, 2025 13:39
migmartri
migmartri requested changes Dec 15, 2025
View reviewed changes
Copy link
Member

@migmartri migmartri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See inline comments, I am not sure why we need to move the evaluation server-side for this change cc/ @jiparis

@Piskoo Piskoo marked this pull request as draft December 16, 2025 12:00
@Piskoo
Copy link
Collaborator Author

Piskoo commented Dec 16, 2025

is it possible that this PR contains too much information, including remote evaluations or smth like that?

Yes, this PR before was only about remote execution, the idea was to use server side execution as part of declarative control gates (which we decided to not implement). But remote execution was moved out of scope for this project so I cleaned up the PR. Now it contains only changes related to the new command. Sorry about that.

@Piskoo Piskoo marked this pull request as ready for review December 16, 2025 12:27
@Piskoo
expose generic evaluation
caab45b 
Signed-off-by: Sylwester Piskozub <[email protected]>
@Piskoo
add policy eval command
3b129c0 
Signed-off-by: Sylwester Piskozub <[email protected]>
@Piskoo
missing cli ref
3b85c57 
Signed-off-by: Sylwester Piskozub <[email protected]>
@Piskoo
fix accidental config push
4c1b313 
Signed-off-by: Sylwester Piskozub <[email protected]>
@Piskoo
clean up and refactor
8659bef 
Signed-off-by: Sylwester Piskozub <[email protected]>
@Piskoo
cli ref
d5ed560 
Signed-off-by: Sylwester Piskozub <[email protected]>
@Piskoo
missing new kind
bd39b27 
Signed-off-by: Sylwester Piskozub <[email protected]>
@Piskoo Piskoo closed this Dec 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@migmartri migmartri migmartri requested changes

@jiparis jiparis Awaiting requested review from jiparis

@javirln javirln Awaiting requested review from javirln

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Piskoo @migmartri