add extension_list example

- Created an example of extension policy
- Added C# binding support of .NET framework 4.0 and created a Nuget
  spec for it.
- Added a pytest in python bindings to test the extension policy and the
  python binding
- Restructured the example and Csharp binding directories due to above
  changes.

.github/workflows/test-csharp.yml

@@ -19,8 +19,8 @@ jobs:
 
       - name: Build
         run: dotnet build
-        working-directory: ./bindings/csharp
+        working-directory: ./bindings/csharp/net8.0
 
       - name: Run
         run: LD_LIBRARY_PATH=. dotnet run
-        working-directory: ./bindings/csharp
+        working-directory: ./bindings/csharp/net8.0

.gitignore

@@ -1,6 +1,8 @@
 # Generated by Cargo
 # will have compiled files and executables
 /target/
+**/wheels/
+**/__pycache__/
 
 # Remove Cargo.lock from gitignore if creating an executable, leave it for libraries
 # More information here https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html

bindings/csharp/net40/Program.cs

@@ -0,0 +1,56 @@
+using System;
+using System.Text;
+
+using System.Diagnostics;
+using Microsoft.WindowsAzure.Regorus.IaaS;
+
+namespace regoregorus_test
+{
+    class Program
+    {
+        static void Main(string[] args)
+        {
+            long nanosecPerTick = (1000L * 1000L * 1000L) / Stopwatch.Frequency;
+            var w = new Stopwatch();
+            w.Restart();
+
+            var engine = new RegorusPolicyEngine();
+
+            w.Stop();
+            var newEngineTicks = w.ElapsedTicks;
+
+
+            w.Restart();
+
+            // Load policies and data.
+            engine.AddPolicyFromFile("../../../examples/extension_list/agent_extension_policy.rego");
+            engine.AddDataFromJsonFile("../../../examples/extension_list/agent-extension-data-allow-only.json");
+
+
+            w.Stop();
+            var loadPoliciesTicks = w.ElapsedTicks;
+
+
+            w.Restart();
+
+            // Set input and eval query.
+            engine.SetInputFromJsonFile("../../../examples/extension_list/agent-extension-input.json");
+            var results = engine.EvalQuery("data.agent_extension_policy.extensions_to_download=x");
+            Console.WriteLine("Download query test: \n {0}", results);
+
+            results = engine.EvalQuery("data.agent_extension_policy.extensions_validated");
+
+            Console.WriteLine("Signing validation test: \n {0}", results);
+
+            engine.Dispose();
+
+            w.Stop();
+            var evalTicks = w.ElapsedTicks;
+
+            Console.WriteLine("Engine creation took {0} msecs", (newEngineTicks * nanosecPerTick) / (1000.0 * 1000.0));
+            Console.WriteLine("Load policies and data took {0} msecs", (loadPoliciesTicks * nanosecPerTick) / (1000.0 * 1000.0));
+            Console.WriteLine("EvalQuery and print results took {0} msecs", (evalTicks * nanosecPerTick) / (1000.0 * 1000.0));
+        }
+    }
+}
+

bindings/csharp/net40/README

@@ -0,0 +1,4 @@
+The Regorus C# binding library can be built via command "dotnet build". We can use the Regorus C# binding library built from this 
+directory to create a Nuget. This Nuget will contain the Regorus C# binding library with definitions that 
+work for .NET framework 4.0 (net40) and above. Note the Nuget can only be created after the binding library has been built.
+RegorusCsharp-Lib-x64.nuspec is built for x64 architecture. 

bindings/csharp/net40/Regorus.cs

@@ -0,0 +1,203 @@
+//-----------------------------------------------------------------------
+// <copyright file="Regorus.cs" company="Microsoft">
+//    Copyright (c)2012 Microsoft. All rights reserved.
+// </copyright>
+// <summary>
+//    Contains code for the Regorus Policy Engine base class for C# and
+// .NET4.6 bindings. Currently this base class is not thread-safe. Make 
+// sure we use it in a signle-threaded environment or add additional 
+// protection when using it. 
+// </summary>
+//-----------------------------------------------------------------------
+
+
+using System;
+using System.Text;
+using System.IO;
+using System.Threading;
+
+namespace Microsoft.WindowsAzure.Regorus.IaaS
+{
+
+	public class RegorusPolicyEngine : ICloneable, IDisposable
+	{
+	unsafe private RegorusFFI.RegorusEngine* E;
+
+	public RegorusPolicyEngine()
+	{
+		unsafe
+	    {
+		E = RegorusFFI.API.regorus_engine_new();
+	    }
+	}
+
+
+	public void Dispose()
+	{
+		unsafe
+		{
+			if (E != null)
+			{
+				RegorusFFI.API.regorus_engine_drop(E);
+				// to avoid Dispose() being called multiple times by mistake.
+				E = null;
+			}
+
+		}
+
+	}
+
+	public object Clone()
+	{
+	    var clone = (RegorusPolicyEngine)this.MemberwiseClone();
+	    unsafe
+	    {
+		clone.E = RegorusFFI.API.regorus_engine_clone(E);
+	    }
+	    return clone;
+
+	}
+
+	public void AddPolicy(string path, string rego)
+	{
+	    var pathBytes = Encoding.UTF8.GetBytes(path);
+	    var regoBytes = Encoding.UTF8.GetBytes(rego);
+
+	    unsafe
+	    {
+		fixed (byte* pathPtr = pathBytes)
+		{
+		    fixed(byte* regoPtr = regoBytes)
+		    {
+			CheckAndDropResult(RegorusFFI.API.regorus_engine_add_policy(E, pathPtr, regoPtr));
+		    }
+		}		
+	    }
+	}
+
+	public void AddPolicyFromFile(string path)
+	{
+	    var pathBytes = Encoding.UTF8.GetBytes(path);
+
+	    unsafe
+	    {
+		fixed (byte* pathPtr = pathBytes)
+		{
+		    CheckAndDropResult(RegorusFFI.API.regorus_engine_add_policy_from_file(E, pathPtr));
+		}		
+	    }
+	}
+
+	public void AddPolicyFromPath(string path)
+	{
+		if (!Directory.Exists(path))
+		{
+			return;
+		}
+
+		string[] regoFiles = Directory.GetFiles(path, "*.rego", SearchOption.AllDirectories);
+		foreach (string file in regoFiles)
+		{
+			AddPolicyFromFile(file);
+		}
+	}
+
+	public void AddDataJson(string data)
+	{
+	    var dataBytes = Encoding.UTF8.GetBytes(data);
+
+	    unsafe
+	    {
+		fixed (byte* dataPtr = dataBytes)
+		{
+		    CheckAndDropResult(RegorusFFI.API.regorus_engine_add_data_json(E, dataPtr));
+
+		}		
+	    }
+	}
+
+	public void AddDataFromJsonFile(string path)
+	{
+	    var pathBytes = Encoding.UTF8.GetBytes(path);
+
+	    unsafe
+	    {
+		fixed (byte* pathPtr = pathBytes)
+		{
+		    CheckAndDropResult(RegorusFFI.API.regorus_engine_add_data_from_json_file(E, pathPtr));
+
+		}		
+	    }
+	}
+
+	public void SetInputJson(string input)
+	{
+	    var inputBytes = Encoding.UTF8.GetBytes(input);
+
+	    unsafe
+	    {
+		fixed (byte* inputPtr = inputBytes)
+		{
+		    CheckAndDropResult(RegorusFFI.API.regorus_engine_set_input_json(E, inputPtr));
+
+		}		
+	    }
+	}
+
+	public void SetInputFromJsonFile(string path)
+	{
+	    var pathBytes = Encoding.UTF8.GetBytes(path);
+
+	    unsafe
+	    {
+		fixed (byte* pathPtr = pathBytes)
+		{
+		    CheckAndDropResult(RegorusFFI.API.regorus_engine_set_input_from_json_file(E, pathPtr));
+
+		}		
+	    }
+	}
+
+	public string EvalQuery(string query)
+	{
+	    var queryBytes = Encoding.UTF8.GetBytes(query);
+
+	    var resultJson = "";
+	    unsafe
+	    {
+		fixed (byte* queryPtr = queryBytes)
+		{
+		    var result = RegorusFFI.API.regorus_engine_eval_query(E, queryPtr);
+		    if (result.status == RegorusFFI.RegorusStatus.RegorusStatusOk) {
+			if (result.output != null) {
+			    resultJson = System.Runtime.InteropServices.Marshal.PtrToStringAnsi((IntPtr)result.output);
+			}
+			RegorusFFI.API.regorus_result_drop(result);
+		    } else {
+			CheckAndDropResult(result);
+		    }
+
+		}		
+	    }
+	    if (resultJson != null) {
+		return resultJson;
+	    } else {
+		return "";
+	    }
+	}
+
+	void CheckAndDropResult(RegorusFFI.RegorusResult result)
+	{
+	    if (result.status != RegorusFFI.RegorusStatus.RegorusStatusOk) {
+		unsafe {
+		    var message = System.Runtime.InteropServices.Marshal.PtrToStringAnsi((IntPtr)result.error_message);
+		    var ex = new Exception(message);
+		    RegorusFFI.API.regorus_result_drop(result);
+		    throw ex;
+		}
+	    }
+	    RegorusFFI.API.regorus_result_drop(result);		    
+	}
+
+    }
+}

bindings/csharp/net40/RegorusCsharp-Lib-x64.nuspec

@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<package>
+  <metadata>
+    <id>RegorusCsharp-Lib-x64</id>
+    <version>0.0.3</version>
+    <title>RegorusCsharp-Lib-x64</title>
+    <authors>[email protected]</authors>
+    <owners>[email protected]</owners>
+    <projectUrl>https://www.microsoft.com</projectUrl>
+    <requireLicenseAcceptance>false</requireLicenseAcceptance>
+    <description>Regorus C# library for x64</description>
+    <releaseNotes>remove Regorus.cs from Nuget</releaseNotes>
+    <copyright>Copyright (C) Microsoft Corp</copyright>
+    <summary></summary>
+  </metadata>
+  <files>
+    <file src="RegorusFFI.g.cs" target="RegorusFFI.g.cs"/>
+    <file src="regorus_ffi.dll" target="lib\regorusc.dll" />
+    <file src="README" target="README" />
+  </files>
+</package>

bindings/csharp/net40/regorus-test.csproj

@@ -0,0 +1,25 @@
+<Project Sdk="Microsoft.NET.Sdk" InitialTargets="BuildRegorusFFI"> 
+
+  <Target Name="BuildRegorusFFI">
+    <Exec Command="cargo build -r --manifest-path ../../ffi/Cargo.toml" />
+    <Copy SourceFiles="../../ffi/RegorusFFI.g.cs" DestinationFolder="." />
+    <ItemGroup>
+        <RegorusDylib Include="..\..\..\target\release\*regorus_ffi*" />
+    </ItemGroup>    
+    <Copy SourceFiles="@(RegorusDylib)" DestinationFolder="." />
+    <Copy SourceFiles=".\regorus_ffi.dll"  DestinationFiles="$(OutDir)regorusc.dll" />
+  </Target>
+
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net40</TargetFramework>
+    <RootNamespace>regorus_test</RootNamespace>
+    <StartupObject>regoregorus_test.Program</StartupObject>
+    <ImplicitUsings>enable</ImplicitUsings> 
+    <AllowUnsafeBlocks>true</AllowUnsafeBlocks>
+  </PropertyGroup>
+
+
+
+</Project>

bindings/csharp/Program.cs → bindings/csharp/net8.0/Program.cs

@@ -21,10 +21,10 @@
 w.Restart();
 
 // Load policies and data.
-engine.AddPolicyFromFile("../../tests/aci/framework.rego");
-engine.AddPolicyFromFile("../../tests/aci/api.rego");
-engine.AddPolicyFromFile("../../tests/aci/policy.rego");
-engine.AddDataFromJsonFile("../../tests/aci/data.json");
+engine.AddPolicyFromFile("../../../tests/aci/framework.rego");
+engine.AddPolicyFromFile("../../../tests/aci/api.rego");
+engine.AddPolicyFromFile("../../../tests/aci/policy.rego");
+engine.AddDataFromJsonFile("../../../tests/aci/data.json");
 
 
 w.Stop();
@@ -34,7 +34,7 @@
 w.Restart();
 
 // Set input and eval rule.
-engine.SetInputFromJsonFile("../../tests/aci/input.json");
+engine.SetInputFromJsonFile("../../../tests/aci/input.json");
 var value = engine.EvalQuery("data.framework.mount_overlay");
 var valueDoc = System.Text.Json.JsonDocument.Parse(value);
 

bindings/csharp/regorus-test.csproj → bindings/csharp/net8.0/regorus-test.csproj

@@ -1,10 +1,10 @@
 <Project Sdk="Microsoft.NET.Sdk" InitialTargets="BuildRegorusFFI"> 
 
   <Target Name="BuildRegorusFFI">
-    <Exec Command="cargo build -r --manifest-path ../ffi/Cargo.toml" />
-    <Copy SourceFiles="../ffi/RegorusFFI.g.cs" DestinationFolder="." />
+    <Exec Command="cargo build -r --manifest-path ../../ffi/Cargo.toml" />
+    <Copy SourceFiles="../../ffi/RegorusFFI.g.cs" DestinationFolder="." />
     <ItemGroup>
-        <RegorusDylib Include="..\..\target\release\*regorus_ffi*" />
+        <RegorusDylib Include="..\..\..\target\release\*regorus_ffi*" />
     </ItemGroup>    
     <Copy SourceFiles="@(RegorusDylib)" DestinationFolder="." />
   </Target>