This message was deleted Permit #opal

Join Slack

This message was deleted.

# opal

Slackbot

09/15/2023, 7:20 AM

This message was deleted.

Asaf Cohen

09/15/2023, 7:23 AM

Hi @Prakhar Saxena :) Could you please add your opal server and opal client config and also the http request you are sending? Would make it easier to reproduce and see what is misconfigured.

Prakhar Saxena

09/15/2023, 7:26 AM

Copy code

opal_server:
  image: permitio/opal-server:latest
  environment:
    - UVICORN_NUM_WORKERS=1
    - OPAL_POLICY_REPO_URL=(Github Repo for userManagement for policy)
    - OPAL_POLICY_REPO_POLLING_INTERVAL=30
    - OPAL_AUTH_PUBLIC_KEY=${OPAL_AUTH_PUBLIC_KEY}
    - OPAL_AUTH_PRIVATE_KEY=${OPAL_AUTH_PRIVATE_KEY}
    - OPAL_AUTH_MASTER_TOKEN=${OPAL_AUTH_MASTER_TOKEN}
    - OPAL_AUTH_JWT_AUDIENCE=<https://api.opal.ac/v1/>
    - OPAL_AUTH_JWT_ISSUER=<https://opal.ac/>
    - OPAL_BROADCAST_URI=<postgres://postgres:test@broadcast_channel:5432/usermanagement>
    - OPAL_DATA_CONFIG_SOURCES={"config":{"entries":[{"url":"<postgresql://db:5432/usermanagement?user=postgres&password=test>","config":{"headers":{"Authorization":"Bearer ${OPAL_CLIENT_TOKEN}"},"fetcher":"PostgresFetchProvider","query":"SELECT * from public.user;","connection_params":{"password":"test"}},"topics":["policy_data"],"dst_path":"user"}]}}
  ports:
    - "7002:7002"
  depends_on:
    - broadcast_channel
  networks:
        - network-ums


opal_client:
  container_name: opal-client
  build:
    context: ./
    dockerfile: Dockerfile_OPAL
  environment:
    - OPAL_SERVER_URL=<http://opal_server:7002>
    - OPAL_LOG_FORMAT_INCLUDE_PID=true
    - OPAL_CLIENT_TOKEN=${OPAL_CLIENT_TOKEN}
    - OPAL_INLINE_OPA_LOG_FORMAT=http
    - OPAL_FETCH_PROVIDER_MODULES=opal_common.fetcher.providers,opal_fetcher_postgres.provider
    - OPAL_AUTH_JWT_AUDIENCE=<https://api.opal.ac/v1/>
    - OPAL_AUTH_JWT_ISSUER=<https://opal.ac/>
  ports:
    - "7766:7000"
    - "8181:8181"
  depends_on:
   - opal_server
   - db

Prakhar Saxena

09/15/2023, 7:27 AM

The request i am sending on opal server using its rest api is: { "id": "randomid", "entries": [ { "url": "postgresql://db:5432/usermanagement?user=postgres&password=test", "config": { "headers": { "Authorization": "Bearer ${OPAL_CLIENT_TOKEN}" } }, "topics": [ "policy_data" ], "dst_path": "/user", "save_method": "PATCH", "data": [ { "op": "add", "path": "/result", "value": { "first_name": "abch", "id": 112, "last_name": "xyz", "password": "1234", "role": "Admin", "updated_at": "today", "username": "abcd" } } ] } ], "reason": "user abcd is added to the system", "callback": { "callbacks": [] } }

Asaf Cohen

09/15/2023, 8:08 AM

@Prakhar Saxena the url instructions you are sending will by default by processed by the built-in HTTP fetcher. What you need is to tell OPAL to use the postgres fetcher. There is an example docker compose file in the repo and also an example for the request you should be sending after OPAL is up:

Copy code

{
  "config": {
    "entries": [
      {
        "url": "<postgresql://postgres@example_db:5432/postgres>",
        "config": {
          "fetcher": "PostgresFetchProvider",
          "query": "SELECT * from city;",
          "connection_params": {
            "password": "postgres"
          }
        },
        "topics": [
          "policy_data"
        ],
        "dst_path": "cities"
      }
    ]
  }
}

Asaf Cohen

09/15/2023, 8:09 AM

(Please note that you need to both change the opal configuration according to the docker compose example i linked to and also change the http request. Only doing one will not work.)

Prakhar Saxena

09/15/2023, 10:40 AM

@Asaf Cohen Following your advice I have change my request json: Request Method: POST Request URI: http://localhost:7002/data/config But still I'm unable to get the desired output, I want to update the content of the user with id 1. Please help me where I'm doing wrong.

Copy code

{
  "id": "randomid",
  "entries": [
    {
      "url": "<postgresql://db:5432/usermanagement?user=postgres&password=test>",
      "config": {
        "fetcher": "PostgresFetchProvider",
        "query": "SELECT * from public.user;",
        "connection_params": {
          "password": "test"
        }
      },
      "topics": [
        "policy_data"
      ],
      "dst_path": "/user",
      "save_method": "PATCH",
      "data": [
        {
          "op": "remove",
          "path": "/user/1"
        }
      ]
    },
    {
      "config": {
        "headers": {
          "Authorization": "Bearer {$OPAL_CLIENT_TOKEN}"
        }
      }
    }
  ],
  "reason": "user 1 is removed from the system",
  "callback": {
    "callbacks": []
  }
}

Asaf Cohen

09/15/2023, 12:45 PM

Hi @Prakhar Saxena did you try to also change the OPAL server and client configuration as demonstrated by the example docker compose ? what are you seeing in the logs when sending this request?

Prakhar Saxena

09/16/2023, 10:01 AM

Hi, @Asaf Cohen (Permit.io) I am getting this in my logs when sending the above request

Asaf Cohen

09/18/2023, 9:03 AM

Hi @Prakhar Saxena, we can help you over a short zoom call to configure the postgres integration. Please click here to book time with us: https://calendly.com/asaf-cohen/30min?back=1&month=2023-09&date=2023-09-18

✅ 1

Isuru Akalanka

11/27/2023, 5:55 AM

Hi @Prakhar Saxena

Isuru Akalanka

11/27/2023, 5:56 AM

Did you able to get your OPAL and Postgres connection fixed?

Prakhar Saxena

11/27/2023, 6:21 AM

Hi, Yes !

Isuru Akalanka

11/27/2023, 6:23 AM

@Prakhar Saxena Thanks for your concern Can I ask for some doubts that I have form you?

Prakhar Saxena

11/27/2023, 6:24 AM

Yes, please !

Isuru Akalanka

11/27/2023, 6:31 AM

I went with the example that is given in the repo https://github.com/permitio/opal-fetcher-postgres/blob/master/docker-compose.yml But still, I can't figure out if I update the DB from another service how will it trigger OPAL client so that OPAL will fetch the new data from the db and update the OPA data could you please help me to figure out this. Really thanks

Prakhar Saxena

11/27/2023, 6:34 AM

for that there is one API you need to hit to update your OPA data. It is mentioned in the docs https://docs.opal.ac/tutorials/trigger_data_updates. In the url key you have to mention from where you want to fetch the data and in the destination key you have to add the path to you opa data.

Prakhar Saxena

11/27/2023, 6:34 AM

Check Option-2 in the doc

Isuru Akalanka

11/27/2023, 6:40 AM

Thanks I read and try that but in that way it update the OPA state and then how can I then update the DB? Then in the next time when I stop and start the process I loads the old DB data

Isuru Akalanka

11/27/2023, 6:42 AM

Then what I got is every time I update the DB from another service, I need to hit this endpoint and tell OPAL to load the new data? isn't it?

Prakhar Saxena

11/27/2023, 6:46 AM

You can create a webhook for this api and add that in your update or create api(s). Same for updating another DB as well.

Prakhar Saxena

11/27/2023, 6:47 AM

So you don't have to hit this again and again.

Isuru Akalanka

11/27/2023, 6:50 AM

Thank a lot Prakhar Do you know is there a way to trigger OPAL server from postgresDB when ever some update operation happen in the DB. In the docs they are telling about postgres triggers.

Prakhar Saxena

11/27/2023, 6:51 AM

You can use Listen/Notify in postgres.

Isuru Akalanka

11/27/2023, 6:53 AM

Ok Prakhar. I will look into that also. Thanks a lot for your time.

👍 1

7 Views

Open in Slack

Previous Next