Sentinel v0.12.0 - introducing case statement support!

Greetings everyone!

We are happy to announce the release of version 0.12.0 of the Sentinel runtime.

For the most recent changes, see the release notes:

To download the latest version of the Sentinel Simulator, see the downloads page:

This release introduces the case statement, known by other names like switch, etc. Like what you would expect in other languages, it allows you to perform clause-based conditional logic by matching a value against any number of expressions (when) and a default (else). Both value-present and empty-value forms are supported.

case x {
    when "foo", "bar":
        return true
        return false
case {
    when x is "foo" or x is "bar":
        return true
        return false

See case in the language reference or case in the specification for more details.

There have also been a number of other bugfixes. One of note is the a long-overdue fix to the return value of append(), which was incorrectly returning the updated list as opposed to undefined. Moreover, we have added a semantic check to make sure that this behavior was not relied on - If you are relying on it, you will need to change your policy, as the runtime will now return an error if this is used.

Check the release notes for the rest of the changes!

What is the Sentinel Runtime?

The runtime represents the Sentinel language engine and is the technology that is integrated into the enterprise versions of our open source products such as Terraform, Vault, Consul, and Nomad. Updates to the runtime may fix bugs or add features that are generally associated with the language itself and the standard library.

Functionality specifically associated with one product (example: Terraform Cloud and Enterprise’s Terraform-related imports) are updated on a separate schedule and are generally tracked within that product’s release notes.

Watch that product’s release notes as well for when they update the runtime - each product tracks the runtime on different schedules.

What is the Sentinel Simulator?

The Sentinel Simulator is a command-line interface (CLI) for developing and testing policies. Having a standard workflow to develop policies is critical for our mission of policy as code. The simulator allows full use of the Sentinel engine, standard library, and supplied mock data to effectively test policies before they are added to a product that integrates Sentinel.

We ship an up-to-date version of the Sentinel Simulator for every release of the runtime. To use the newest changes, download the simulator at the downloads page referenced at the start of this message.

Thanks, and we hope you enjoy the release!

1 Like