fix(go-policy): make LoadFromYAML replace rules; add MergeFromYAML#2162
Merged
imran-siddique merged 1 commit intoMay 12, 2026
Merged
Conversation
LoadFromYAML appended to PolicyEngine.rules on every call. Reloading the same YAML on a config refresh doubled the rule set each time: harmless for first-match-wins evaluation but quietly inflating memory and per-evaluation cost on long-lived processes. Replace semantics is the natural reading of a "load" verb (treat the file as the source of truth) and matches how YAML config reload is used in practice. To preserve the additive form for callers composing rules from multiple files, expose a new MergeFromYAML that retains the previous append behaviour. Behaviour changes for callers: - LoadFromYAML(path) discards the engine's existing rules on success. - On read or parse error LoadFromYAML leaves the existing rule set untouched, so a bad reload does not strip enforcement. - MergeFromYAML(path) appends YAML rules to the existing rule set (the previous LoadFromYAML semantics). Tests: - TestLoadFromYAMLReplacesExistingRules — assert replace semantics (rename of the previous additive test). - TestLoadFromYAMLReloadDoesNotDouble — load the same file three times, assert the rule count stays equal to the file's rule count. - TestLoadFromYAMLPreservesRulesOnError — read error and parse error both leave the existing rule set intact. - TestMergeFromYAMLAppendsToExistingRules — additive Merge variant. Docs: README.md and docs/tutorials/22-go-sdk.md updated to describe LoadFromYAML as a replace and to point callers at MergeFromYAML for the additive form.
🤖 AI Agent: breaking-change-detector — API CompatibilityAPI Compatibility
|
🤖 AI Agent: code-reviewer — View detailsTL;DR: 1 blocker, 0 warnings. The change introduces a breaking change in the policy engine's behavior without sufficient backward compatibility measures.
Action items: Update documentation to clearly indicate that Warnings: No warnings found. Fine as follow-up PRs. |
🤖 AI Agent: docs-sync-checker — Docs SyncDocs Sync
|
🤖 AI Agent: security-scanner — View detailsNo security issues found. |
🤖 AI Agent: test-generator — `policy.go`
|
|
🟡 Contributor Check: MEDIUM
Automated check by AGT Contributor Check. |
PR Review Summary
Verdict: ❌ Changes needed |
MohammadHaroonAbuomar
pushed a commit
to MohammadHaroonAbuomar/agt-acs
that referenced
this pull request
Jun 1, 2026
…icrosoft#2162) LoadFromYAML appended to PolicyEngine.rules on every call. Reloading the same YAML on a config refresh doubled the rule set each time: harmless for first-match-wins evaluation but quietly inflating memory and per-evaluation cost on long-lived processes. Replace semantics is the natural reading of a "load" verb (treat the file as the source of truth) and matches how YAML config reload is used in practice. To preserve the additive form for callers composing rules from multiple files, expose a new MergeFromYAML that retains the previous append behaviour. Behaviour changes for callers: - LoadFromYAML(path) discards the engine's existing rules on success. - On read or parse error LoadFromYAML leaves the existing rule set untouched, so a bad reload does not strip enforcement. - MergeFromYAML(path) appends YAML rules to the existing rule set (the previous LoadFromYAML semantics). Tests: - TestLoadFromYAMLReplacesExistingRules — assert replace semantics (rename of the previous additive test). - TestLoadFromYAMLReloadDoesNotDouble — load the same file three times, assert the rule count stays equal to the file's rule count. - TestLoadFromYAMLPreservesRulesOnError — read error and parse error both leave the existing rule set intact. - TestMergeFromYAMLAppendsToExistingRules — additive Merge variant. Docs: README.md and docs/tutorials/22-go-sdk.md updated to describe LoadFromYAML as a replace and to point callers at MergeFromYAML for the additive form.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
PolicyEngine.LoadFromYAMLappended toPolicyEngine.ruleson every call. Reloading the same YAML on a config refresh doubled the rule set each time: harmless for first-match-wins evaluation but quietly inflating memory and per-evaluation cost on long-lived processes.Change
LoadFromYAML(path)now replaces the engine's existing rules on success. On read or parse error the previous rule set is left intact, so a bad reload doesn't strip enforcement.MergeFromYAML(path)retains the previous additive behaviour for callers composing rules from multiple files.readPolicyRulesFromYAMLhelper factored out of both paths.docs/tutorials/22-go-sdk.mdupdated to describeLoadFromYAMLas a replace and to point callers atMergeFromYAMLfor the additive form.Behaviour change
The previous
LoadFromYAMLis nowMergeFromYAML— callers who relied on the additive behaviour need to switch to the new method. The previous form was undocumented as such outside of one tutorial sentence; the tutorial is updated in this PR.Tests
go test ./...fromagent-governance-golang/packages/agentmesh/passes. New / renamed tests:TestLoadFromYAMLReplacesExistingRules— rename of the previous additive test; now asserts replace semantics.TestLoadFromYAMLReloadDoesNotDouble— load the same file three times; assert the rule count stays equal to the file's rule count (regression for the double-append bug).TestLoadFromYAMLPreservesRulesOnError— read error and parse error both leave the existing rule set intact.TestMergeFromYAMLAppendsToExistingRules— additive Merge variant.Test plan
go test ./...passes fromagent-governance-golang/packages/agentmesh/.LoadFromYAMLcalls produce the file's rule count (not 3 x).LoadFromYAMLleaves the prior rules in place.MergeFromYAMLcontinues to append.Surfaced during independent audit conducted by @finnoybu (Ken Tannenbaum, AEGIS Initiative); [LOW, Go].