Do not embed the WASM-compiled policies in the binary

2025-07-29 22:01:14 +03:00 · 2022-11-18 19:28:16 +01:00
parent a86798d2b3
commit 834214bcac
20 changed files with 124 additions and 92 deletions
--- a/crates/cli/src/commands/debug.rs
+++ b/crates/cli/src/commands/debug.rs
@ -18,7 +18,7 @@ use hyper::{Response, Uri};
 use mas_config::PolicyConfig;
 use mas_http::HttpServiceExt;
 use mas_policy::PolicyFactory;
-use tokio::io::{AsyncRead, AsyncWriteExt};
+use tokio::io::AsyncWriteExt;
 use tower::{Service, ServiceExt};
 use tracing::info;

@ -121,19 +121,12 @@ impl Options {
            SC::Policy => {
                let config: PolicyConfig = root.load_config()?;
                info!("Loading and compiling the policy module");
-                let mut policy: Box<dyn AsyncRead + std::marker::Unpin> =
-                    if let Some(path) = &config.wasm_module {
-                        Box::new(
-                            tokio::fs::File::open(path)
-                                .await
-                                .context("failed to open OPA WASM policy file")?,
-                        )
-                    } else {
-                        Box::new(mas_policy::default_wasm_policy())
-                    };
+                let policy_file = tokio::fs::File::open(&config.wasm_module)
+                    .await
+                    .context("failed to open OPA WASM policy file")?;

                let policy_factory = PolicyFactory::load(
-                    &mut policy,
+                    policy_file,
                    config.data.clone().unwrap_or_default(),
                    config.register_entrypoint.clone(),
                    config.client_registration_entrypoint.clone(),
--- a/crates/cli/src/commands/server.rs
+++ b/crates/cli/src/commands/server.rs
@ -28,7 +28,7 @@ use mas_router::UrlBuilder;
 use mas_storage::MIGRATOR;
 use mas_tasks::TaskQueue;
 use mas_templates::Templates;
-use tokio::{io::AsyncRead, signal::unix::SignalKind};
+use tokio::signal::unix::SignalKind;
 use tracing::{error, info, log::warn};

 #[derive(Parser, Debug, Default)]
@ -144,19 +144,12 @@ impl Options {

        // Load and compile the WASM policies (and fallback to the default embedded one)
        info!("Loading and compiling the policy module");
-        let mut policy: Box<dyn AsyncRead + std::marker::Unpin> =
-            if let Some(path) = &config.policy.wasm_module {
-                Box::new(
-                    tokio::fs::File::open(path)
-                        .await
-                        .context("failed to open OPA WASM policy file")?,
-                )
-            } else {
-                Box::new(mas_policy::default_wasm_policy())
-            };
+        let policy_file = tokio::fs::File::open(&config.policy.wasm_module)
+            .await
+            .context("failed to open OPA WASM policy file")?;

        let policy_factory = PolicyFactory::load(
-            &mut policy,
+            policy_file,
            config.policy.data.clone().unwrap_or_default(),
            config.policy.register_entrypoint.clone(),
            config.policy.client_registration_entrypoint.clone(),