feat(config): custom weight thresholds via CEL (#688)

* feat(config): add Thresholds to the top level config file Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(config): make String() on ExpressionOrList join the component expressions Signed-off-by: Xe Iaso <me@xeiaso.net> * test(config): ensure unparseable json fails Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(config): if no thresholds are set, use the default thresholds Signed-off-by: Xe Iaso <me@xeiaso.net> * feat(policy): half implement thresholds Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(policy): continue wiring things up Signed-off-by: Xe Iaso <me@xeiaso.net> * feat(lib): wire up thresholds Signed-off-by: Xe Iaso <me@xeiaso.net> * test(lib): handle behavior from legacy configurations Signed-off-by: Xe Iaso <me@xeiaso.net> * docs: document thresholds Signed-off-by: Xe Iaso <me@xeiaso.net> * docs: update CHANGELOG, refer to threshold configuration Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(lib): fix build Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(lib): fix U1000 Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net> Signed-off-by: Jason Cameron <git@jasoncameron.dev> Co-authored-by: Jason Cameron <git@jasoncameron.dev>
2025-06-18 16:58:31 -04:00 · 2025-06-18 16:58:31 -04:00 · 226cf36bf7
commit 226cf36bf7
parent 1d5fa49eb0
22 changed files with 683 additions and 305 deletions
--- a/lib/policy/thresholds.go
+++ b/lib/policy/thresholds.go
@ -0,0 +1,47 @@
+package policy
+
+import (
+	"github.com/TecharoHQ/anubis/lib/policy/config"
+	"github.com/TecharoHQ/anubis/lib/policy/expressions"
+	"github.com/google/cel-go/cel"
+)
+
+type Threshold struct {
+	config.Threshold
+	Program cel.Program
+}
+
+func ParsedThresholdFromConfig(t config.Threshold) (*Threshold, error) {
+	result := &Threshold{
+		Threshold: t,
+	}
+
+	env, err := expressions.ThresholdEnvironment()
+	if err != nil {
+		return nil, err
+	}
+
+	program, err := expressions.Compile(env, t.Expression.String())
+	if err != nil {
+		return nil, err
+	}
+
+	result.Program = program
+
+	return result, nil
+}
+
+type ThresholdRequest struct {
+	Weight int
+}
+
+func (tr *ThresholdRequest) Parent() cel.Activation { return nil }
+
+func (tr *ThresholdRequest) ResolveName(name string) (any, bool) {
+	switch name {
+	case "weight":
+		return tr.Weight, true
+	default:
+		return nil, false
+	}
+}