Skip to content

feat: Complete target system with C# bindings and resource inference#458

Merged
anakrish merged 2 commits into
microsoft:mainfrom
anakrish:regorus-targets
Aug 20, 2025
Merged

feat: Complete target system with C# bindings and resource inference#458
anakrish merged 2 commits into
microsoft:mainfrom
anakrish:regorus-targets

Conversation

@anakrish

@anakrish anakrish commented Aug 14, 2025
edited
Loading

Copy link
Copy Markdown
Collaborator
  • Add comprehensive target system with TargetRegistry and target-aware compilation
  • Implement resource type inference from policy equality expressions
  • Create modular C# bindings with separate wrapper classes for each concept
  • Add thread-safe CompiledPolicy with reference counting for safe disposal
  • Enhance FFI with detailed error propagation and target functionality
  • Create TargetExampleApp demonstrating Azure Policy integration
  • Add CI/CD pipeline testing for all C# applications
  • Support target definitions with schema validation and resource selectors
  • Implement PolicyModule struct and target-aware compilation methods
  • Add comprehensive test coverage for target functionality

Signed-off-by: Anand Krishnamoorthi anakrish@microsoft.com

github-advanced-security[bot]
github-advanced-security AI found potential problems Aug 14, 2025
View reviewed changes
Comment thread src/target/deserialize.rs Fixed
@anakrish anakrish force-pushed the regorus-targets branch 6 times, most recently from 0e7b009 to ba707c0 Compare August 17, 2025 01:21
github-advanced-security[bot]
github-advanced-security AI found potential problems Aug 17, 2025
View reviewed changes
Comment thread src/compiled_policy.rs Fixed
Comment thread src/interpreter.rs Fixed
Comment thread src/interpreter/target/infer.rs Fixed
Comment thread src/interpreter/target/infer.rs Fixed
Comment thread src/interpreter/target/infer.rs Fixed
Comment thread src/interpreter/target/infer.rs Fixed
Comment thread src/interpreter/target/infer.rs Fixed
@anakrish anakrish force-pushed the regorus-targets branch 6 times, most recently from ddabcfe to 6cda429 Compare August 18, 2025 18:17
@anakrish
feat: Add Schema Registry and Validation Framework
f34cdc0 
This commit introduces a comprehensive schema registry and validation framework, providing schema-based validation of resources and policy effects.

- Thread-safe, in-memory registry for schema storage and management
- Global registry patterns for effects and resources
- Concurrent access with proper error handling
- Unicode schema names support

- JSON Schema-compliant validation for all primitive types
- Advanced constraint validation (patterns, ranges, length limits)
- Discriminated union support with anyOf schemas
- Detailed error reporting with nested validation paths
- Discriminated subobject validation for polymorphic schemas

- **Registry Tests**: All registry operations
- **Effect Tests**: Policy effect validation
- **Resource Tests**: Resource validation
- **Validation Tests**: Core validation engine
- Thread-safety, error handling, integration scenarios, edge cases

- **Dependencies**: dashmap, once_cell, regex
- **Thread Safety**: Minimal locking with Rc<Schema> sharing
- **Error Types**: TypeMismatch, OutOfRange, PatternMismatch, etc.

- Complete schema registry and validation subsystem
- Comprehensive test coverage
- Foundation for policy validation in Regorus

Benchmarks:

- Criterion benchmarks for basic types, effects and Azure resources
- Performance range: 3.22ns (string) to 34.74µs (Azure VM resource schema validation)
- String withs patterns validation: 30.2µs. Need to explore whether regex caching helps
  bring this down.
- Azure policy effects: 188ns-1.4µs

Signed-off-by: Anand Krishnamoorthi <anakrish@microsoft.com>
@anakrish anakrish force-pushed the regorus-targets branch 3 times, most recently from a065ded to fbe6120 Compare August 18, 2025 21:19
@anakrish anakrish changed the title Regorus targets feat: Complete target system with C# bindings and resource inference Aug 18, 2025
@anakrish anakrish force-pushed the regorus-targets branch 2 times, most recently from 65b2eac to 02076aa Compare August 18, 2025 22:00
@anakrish anakrish marked this pull request as ready for review August 19, 2025 09:52
@anakrish
feat: Complete target system with C# bindings and resource inference
8e012e8 
- Add comprehensive target system with TargetRegistry and target-aware compilation
- Implement resource type inference from policy equality expressions
- Create modular C# bindings with separate wrapper classes for each concept
- Add thread-safe CompiledPolicy with reference counting for safe disposal
- Enhance FFI with detailed error propagation and target functionality
- Create TargetExampleApp demonstrating Azure Policy integration
- Add CI/CD pipeline testing for all C# applications
- Support target definitions with schema validation and resource selectors
- Implement PolicyModule struct and target-aware compilation methods
- Add comprehensive test coverage for target functionality

Signed-off-by: Anand Krishnamoorthi <anakrish@microsoft.com>
cemheren
cemheren reviewed Aug 19, 2025
View reviewed changes
Comment thread bindings/csharp/Regorus/Compiler.cs
cemheren
cemheren approved these changes Aug 19, 2025
View reviewed changes

@cemheren cemheren left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:shipit:

@anakrish anakrish merged commit cc917ea into microsoft:main Aug 20, 2025
33 of 34 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cemheren cemheren cemheren approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@anakrish @cemheren @github-advanced-security