Hazel Boyle
09/14/2022, 1:28 PMwatchForChanges
turned on with the disk storage, and when i update my policy i can see the changes immediately reflected in /admin/policy
, but /api/check
is still making outdated decisions based on the old policy. if this is the case, how can i change this behaviour? /admin/store/reload
didn't work, and even if it did i wouldn't want to be regularly needing to call that, obviouslyAlex Olivier (Cerbos)
Hazel Boyle
09/14/2022, 1:39 PMHazel Boyle
09/14/2022, 1:39 PMAlex Olivier (Cerbos)
Alex Olivier (Cerbos)
Hazel Boyle
09/14/2022, 1:43 PM/api/check/resources
. version is 0.20.0Alex Olivier (Cerbos)
Hazel Boyle
09/14/2022, 1:44 PMHazel Boyle
09/14/2022, 1:45 PMHazel Boyle
09/14/2022, 1:45 PMAlex Olivier (Cerbos)
Charith (Cerbos)
cerbos compile
on your policies? https://docs.cerbos.dev/cerbos/latest/policies/compile.html#_validating_policiesHazel Boyle
09/14/2022, 1:47 PMHazel Boyle
09/14/2022, 1:47 PMHazel Boyle
09/14/2022, 1:48 PMaudit:
accessLogsEnabled: true
decisionLogsEnabled: true
enabled: true
backend: local
local:
storagePath: /data/audit_logs
auxData:
jwt:
cacheSize: -1
server:
httpListenAddr: ":3592"
playgroundEnabled: true
adminAPI:
enabled: true
adminCredentials:
[snip]
storage:
driver: "disk"
disk:
directory: /data/policies
watchForChanges: true
(auxData was just a shot in the dark - i'm not actually sending a jwt and it doesn't make a difference to the issue i'm seeing whether those config settings are there or not)Charith (Cerbos)
Hazel Boyle
09/14/2022, 1:49 PMHazel Boyle
09/14/2022, 5:38 PMHazel Boyle
09/14/2022, 5:39 PMHazel Boyle
09/14/2022, 5:39 PMCharith (Cerbos)
Hazel Boyle
09/14/2022, 5:42 PMCharith (Cerbos)
Hazel Boyle
09/14/2022, 5:53 PMHazel Boyle
09/14/2022, 5:54 PMCharith (Cerbos)
Charith (Cerbos)
file
protocol so you don't have to push it to GitHub or anything like that. The only annoying bit is that you'll have to commit your changes in order for Cerbos to notice the changes.