Merge branch 'main' into Xe/ci-multiple-go-versions

Signed-off-by: Xe Iaso <xe.iaso@techaro.lol>
fix: add cel iterator (#1465 )
2026-04-10 10:38:45 +00:00 · 2026-03-21 19:31:02 +00:00 · 2026-03-21 19:30:05 +00:00 · 2026-01-16 11:21:06 -05:00 · 2026-01-16 11:18:31 -05:00
7 changed files with 121 additions and 8 deletions
--- a/.github/actions/spelling/expect.txt
+++ b/.github/actions/spelling/expect.txt
@@ -253,6 +253,7 @@ oci
 OCOB
 ogtag
 oklch
 oldstable
 omgili
 omgilibot
 openai
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -12,6 +12,11 @@ permissions:
 jobs:
  go_tests:
    strategy:
      matrix:
        go_version:
          - oldstable
          - stable
    #runs-on: alrest-techarohq
    runs-on: ubuntu-24.04
    steps:
@@ -26,10 +31,11 @@ jobs:
      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
-          node-version: "24.11.0"
+          node-version: "latest"
-      - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
+
      - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
        with:
-          go-version: "stable"
+          go-version: ${{ matrix.go_version }}
      - name: Cache playwright binaries
        uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
--- a/docs/docs/CHANGELOG.md
+++ b/docs/docs/CHANGELOG.md
@@ -16,6 +16,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Fixed mixed tab/space indentation in Caddy documentation code block
 <!-- This changes the project to: -->
 - Fix CEL internal errors when iterating `headers`/`query` map wrappers by implementing map iterators for `HTTPHeaders` and `URLValues` ([#1465](https://github.com/TecharoHQ/anubis/pull/1465)).
 ## v1.25.0: Necron
--- a/lib/policy/celchecker_test.go
+++ b/lib/policy/celchecker_test.go
@@ -0,0 +1,44 @@
 package policy
 import (
 	"net/http"
 	"testing"
 	"github.com/TecharoHQ/anubis/internal/dns"
 	"github.com/TecharoHQ/anubis/lib/config"
 	"github.com/TecharoHQ/anubis/lib/store/memory"
 )
 func newTestDNS(t *testing.T) *dns.Dns {
 	t.Helper()
 	ctx := t.Context()
 	memStore := memory.New(ctx)
 	cache := dns.NewDNSCache(300, 300, memStore)
 	return dns.New(ctx, cache)
 }
 func TestCELChecker_MapIterationWrappers(t *testing.T) {
 	cfg := &config.ExpressionOrList{
 		Expression: `headers.exists(k, k == "Accept") && query.exists(k, k == "format")`,
 	}
 	checker, err := NewCELChecker(cfg, newTestDNS(t))
 	if err != nil {
 		t.Fatalf("creating CEL checker failed: %v", err)
 	}
 	req, err := http.NewRequest(http.MethodGet, "https://example.com/?format=json", nil)
 	if err != nil {
 		t.Fatalf("making request failed: %v", err)
 	}
 	req.Header.Set("Accept", "application/json")
 	got, err := checker.Check(req)
 	if err != nil {
 		t.Fatalf("checking expression failed: %v", err)
 	}
 	if !got {
 		t.Fatal("expected expression to evaluate true")
 	}
 }
--- a/lib/policy/expressions/http_headers.go
+++ b/lib/policy/expressions/http_headers.go
@@ -66,7 +66,9 @@ func (h HTTPHeaders) Get(key ref.Val) ref.Val {
 	return result
 }
-func (h HTTPHeaders) Iterator() traits.Iterator { panic("TODO(Xe): implement me") }
+func (h HTTPHeaders) Iterator() traits.Iterator {
 	return newMapIterator(h.Header)
 }
 func (h HTTPHeaders) IsZeroValue() bool {
 	return len(h.Header) == 0
--- a/lib/policy/expressions/map_iterator.go
+++ b/lib/policy/expressions/map_iterator.go
@@ -0,0 +1,60 @@
 package expressions
 import (
 	"errors"
 	"maps"
 	"reflect"
 	"slices"
 	"github.com/google/cel-go/common/types"
 	"github.com/google/cel-go/common/types/ref"
 	"github.com/google/cel-go/common/types/traits"
 )
 var ErrNotImplemented = errors.New("expressions: not implemented")
 type stringSliceIterator struct {
 	keys []string
 	idx  int
 }
 func (s *stringSliceIterator) Value() any {
 	return s
 }
 func (s *stringSliceIterator) ConvertToNative(typeDesc reflect.Type) (any, error) {
 	return nil, ErrNotImplemented
 }
 func (s *stringSliceIterator) ConvertToType(typeValue ref.Type) ref.Val {
 	return types.NewErr("can't convert from %q to %q", types.IteratorType, typeValue)
 }
 func (s *stringSliceIterator) Equal(other ref.Val) ref.Val {
 	return types.NewErr("can't compare %q to %q", types.IteratorType, other.Type())
 }
 func (s *stringSliceIterator) Type() ref.Type {
 	return types.IteratorType
 }
 func (s *stringSliceIterator) HasNext() ref.Val {
 	return types.Bool(s.idx < len(s.keys))
 }
 func (s *stringSliceIterator) Next() ref.Val {
 	if s.HasNext() != types.True {
 		return nil
 	}
 	val := s.keys[s.idx]
 	s.idx++
 	return types.String(val)
 }
 func newMapIterator(m map[string][]string) traits.Iterator {
 	return &stringSliceIterator{
 		keys: slices.Collect(maps.Keys(m)),
 		idx:  0,
 	}
 }
--- a/lib/policy/expressions/url_values.go
+++ b/lib/policy/expressions/url_values.go
@@ -1,7 +1,6 @@
 package expressions
 import (
 	"errors"
 	"net/url"
 	"reflect"
 	"strings"
@@ -11,8 +10,6 @@ import (
 	"github.com/google/cel-go/common/types/traits"
 )
 var ErrNotImplemented = errors.New("expressions: not implemented")
 // URLValues is a type wrapper to expose url.Values into CEL programs.
 type URLValues struct {
 	url.Values
@@ -69,7 +66,9 @@ func (u URLValues) Get(key ref.Val) ref.Val {
 	return result
 }
-func (u URLValues) Iterator() traits.Iterator { panic("TODO(Xe): implement me") }
+func (u URLValues) Iterator() traits.Iterator {
 	return newMapIterator(u.Values)
 }
 func (u URLValues) IsZeroValue() bool {
 	return len(u.Values) == 0
Author	SHA1	Message	Date
Xe Iaso	e0e8a9044d	Merge branch 'main' into Xe/ci-multiple-go-versions Signed-off-by: Xe Iaso <xe.iaso@techaro.lol>	2026-03-21 19:31:02 +00:00
Jason Cameron	11c4adc6b4	fix: add cel iterator (#1465 ) * fix: enable CEL iterators Signed-off-by: Jason Cameron <jason.cameron@stanwith.me> * test: add unit tests for CELChecker map iteration Signed-off-by: Jason Cameron <jason.cameron@stanwith.me> * fix: implement map iterators for HTTPHeaders and URLValues to resolve CEL internal errors Signed-off-by: Jason Cameron <jason.cameron@stanwith.me> * fix: replace checker.NewMapIterator with newMapIterator for HTTPHeaders and URLValues Signed-off-by: Jason Cameron <jason.cameron@stanwith.me> --------- Signed-off-by: Jason Cameron <jason.cameron@stanwith.me>	2026-03-21 19:30:05 +00:00
Xe Iaso	e9969ba22a	chore: update spelling check-spelling run (pull_request) for Xe/ci-multiple-go-versions Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com> on-behalf-of: @check-spelling <check-spelling-bot@check-spelling.dev>	2026-01-16 11:21:06 -05:00
Xe Iaso	7db2c9ebb5	ci: test against multiple go versions Several Linux distributions and other open source package managers build Anubis against Go oldstable. Eventually this will have to expand to at least what FreeBSD supports. I hope they can bump the versions of Go as soon as upstream makes new code available. Signed-off-by: Xe Iaso <me@xeiaso.net>	2026-01-16 11:18:31 -05:00