Go to file
2023-10-24 13:03:20 +03:00
.github OPS-268: Setups user in Dockerfile (#31) 2023-07-06 10:20:05 +03:00
config Disable dns cache (#33) 2023-09-01 20:58:17 +05:00
src TD-686: Adopts opentelemetry API (#35) 2023-10-24 13:03:20 +03:00
test TD-431: Return timeout error upon negative timeout leftover after end… (#29) 2023-02-22 10:28:36 +03:00
.dockerignore TD-187: Add CI/CD (#4) 2022-02-21 11:56:58 +03:00
.env TD-222: Reuse valitydev/action-deploy-docker@v2 (#24) 2022-07-13 11:15:36 +03:00
.gitignore TD-187: Add CI/CD (#4) 2022-02-21 11:56:58 +03:00
compose.tracing.yaml TD-686: Adopts opentelemetry API (#35) 2023-10-24 13:03:20 +03:00
compose.yaml TD-686: Adopts opentelemetry API (#35) 2023-10-24 13:03:20 +03:00
Dockerfile OPS-268: Adds default logger permissions (#32) 2023-07-13 15:30:13 +03:00
Dockerfile.dev TD-222: Reuse valitydev/action-deploy-docker@v2 (#24) 2022-07-13 11:15:36 +03:00
elvis.config TD-222: Reuse valitydev/action-deploy-docker@v2 (#24) 2022-07-13 11:15:36 +03:00
LICENSE Update file(s) from valitydev/.github 2022-02-21 22:05:01 +00:00
Makefile TD-686: Adopts opentelemetry API (#35) 2023-10-24 13:03:20 +03:00
README.md Fix a typo in README.md file (#34) 2021-08-24 09:27:43 +03:00
rebar.config TD-686: Adopts opentelemetry API (#35) 2023-10-24 13:03:20 +03:00
rebar.lock TD-686: Adopts opentelemetry API (#35) 2023-10-24 13:03:20 +03:00
renovate.json Update renovate config 2022-02-21 13:43:28 +03:00

Bouncer

Does someone look like a troublemaker?

Primary Arbiter thrift service implementation.

In a nutshell this service maps incoming contexts into OPA input documents and asks OPA to compute a judgement allowing, restricting or forbidding actions under given input context.

From the service's point of view a ruleset id is a path to OPA document that define a subdocument named judgement with a rudimentary schema. See https://github.com/rbkmoney/bouncer-policies#authoring for more detailed information.

Things to keep in mind

  • When upgrading service to a newer Erlang OTP release please be aware of potential breakages in bouncer_audit_log not strictly related to usual API deprecations and removals which is an essintial part of a release. That is because this module relies on some OTP libraries' internal implementation details. See module-level notes for additional details.