Introduce CEL Policy Conformance Test Runner for Java

PiperOrigin-RevId: 907725999

Author: l46kok

policy/BUILD.bazel

@@ -5,6 +5,8 @@ package(
     default_visibility = ["//visibility:public"],
 )
 
+exports_files(["cel_policy_conformance_test.bzl"])
+
 java_library(
     name = "policy",
     exports = ["//policy/src/main/java/dev/cel/policy"],

policy/cel_policy_conformance_test.bzl

@@ -0,0 +1,50 @@
+# Copyright 2026 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Macro to run CEL policy conformance tests."""
+
+load("@rules_java//java:defs.bzl", "java_test")
+
+def cel_policy_conformance_test_java(name, testdata_dir = "testdata", skip_tests = []):
+    """Macro to run CEL policy conformance tests for Java.
+
+    Args:
+        name: The name of the test target.
+        testdata_dir: The directory containing test cases.
+        skip_tests: List of test case names (directory names) to skip.
+    """
+
+    # Find all policy.yaml files to determine test directories
+    policy_files = native.glob([testdata_dir + "/*/policy.yaml"])
+
+    # Extract directory names as test case names
+    # e.g., "testdata/nested_rule/policy.yaml" -> "nested_rule"
+    test_cases = []
+    for f in policy_files:
+        parts = f.split("/")
+        if len(parts) >= 2:
+            test_cases.append(parts[-2])
+
+    java_test(
+        name = name,
+        jvm_flags = [
+            "-Ddev.cel.policy.conformance.tests=" + ",".join(test_cases),
+            "-Ddev.cel.policy.conformance.testdata_dir=" + native.package_name() + "/" + testdata_dir,
+            "-Ddev.cel.policy.conformance.skip_tests=" + ",".join(skip_tests),
+        ],
+        data = native.glob([testdata_dir + "/**"]),
+        size = "small",
+        test_class = "dev.cel.policy.conformance.PolicyConformanceTests",
+        runtime_deps = ["//policy/src/test/java/dev/cel/policy/conformance:run"],
+    )

policy/src/test/java/dev/cel/policy/conformance/BUILD.bazel

@@ -0,0 +1,26 @@
+load("@rules_java//java:defs.bzl", "java_library")
+
+package(
+    default_applicable_licenses = ["//:license"],
+    default_testonly = True,
+    default_visibility = ["//visibility:public"],
+)
+
+java_library(
+    name = "run",
+    srcs = glob(["*.java"]),
+    deps = [
+        "//bundle:cel",
+        "//common:compiler_common",
+        "//common/types",
+        "//runtime:function_binding",
+        "//testing/testrunner:cel_expression_source",
+        "//testing/testrunner:cel_test_context",
+        "//testing/testrunner:cel_test_suite",
+        "//testing/testrunner:cel_test_suite_text_proto_parser",
+        "//testing/testrunner:cel_test_suite_yaml_parser",
+        "//testing/testrunner:test_runner_library",
+        "@maven//:com_google_guava_guava",
+        "@maven//:junit_junit",
+    ],
+)

policy/src/test/java/dev/cel/policy/conformance/PolicyConformanceTest.java

@@ -0,0 +1,90 @@
+// Copyright 2026 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package dev.cel.policy.conformance;
+
+import dev.cel.bundle.Cel;
+import dev.cel.bundle.CelFactory;
+import dev.cel.common.CelFunctionDecl;
+import dev.cel.common.CelOverloadDecl;
+import dev.cel.common.types.SimpleType;
+import dev.cel.runtime.CelFunctionBinding;
+import dev.cel.testing.testrunner.CelExpressionSource;
+import dev.cel.testing.testrunner.CelTestContext;
+import dev.cel.testing.testrunner.CelTestSuite.CelTestSection.CelTestCase;
+import dev.cel.testing.testrunner.TestRunnerLibrary;
+import java.io.File;
+import org.junit.runners.model.Statement;
+
+/** Statement representing a single CEL policy conformance test case. */
+public final class PolicyConformanceTest extends Statement {
+
+  private final String name;
+  private final CelTestCase testCase;
+  private final String dirPath;
+
+  public PolicyConformanceTest(String name, CelTestCase testCase, String dirPath) {
+    this.name = name;
+    this.testCase = testCase;
+    this.dirPath = dirPath;
+  }
+
+  public String getName() {
+    return name;
+  }
+
+  @Override
+  public void evaluate() throws Throwable {
+    String policyFile = dirPath + "/policy.yaml";
+
+    Cel cel =
+        CelFactory.standardCelBuilder()
+            .addFunctionDeclarations(
+                CelFunctionDecl.newFunctionDeclaration(
+                    "locationCode",
+                    CelOverloadDecl.newGlobalOverload(
+                        "location_code_string", SimpleType.STRING, SimpleType.STRING)))
+            .addFunctionBindings(
+                CelFunctionBinding.from(
+                    "location_code_string",
+                    String.class,
+                    (String arg) -> {
+                      switch (arg) {
+                        case "10.0.0.1":
+                          return "us";
+                        case "10.0.0.2":
+                          return "de";
+                        default:
+                          return "ir";
+                      }
+                    }))
+            .build();
+
+    CelTestContext.Builder contextBuilder =
+        CelTestContext.newBuilder()
+            .setCelExpression(CelExpressionSource.fromSource(policyFile))
+            .setCel(cel);
+
+    String yamlConfigPath = dirPath + "/config.yaml";
+    String textprotoConfigPath = dirPath + "/config.textproto";
+
+    if (new File(yamlConfigPath).exists()) {
+      contextBuilder.setConfigFile(yamlConfigPath);
+    } else if (new File(textprotoConfigPath).exists()) {
+      contextBuilder.setConfigFile(textprotoConfigPath);
+    }
+
+    TestRunnerLibrary.runTest(testCase, contextBuilder.build());
+  }
+}

policy/src/test/java/dev/cel/policy/conformance/PolicyConformanceTestRunner.java

@@ -0,0 +1,126 @@
+// Copyright 2026 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package dev.cel.policy.conformance;
+
+import static java.nio.charset.StandardCharsets.UTF_8;
+
+import com.google.common.base.Splitter;
+import com.google.common.base.Strings;
+import com.google.common.collect.ImmutableList;
+import com.google.common.io.Files;
+import dev.cel.testing.testrunner.CelTestSuite;
+import dev.cel.testing.testrunner.CelTestSuite.CelTestSection;
+import dev.cel.testing.testrunner.CelTestSuite.CelTestSection.CelTestCase;
+import dev.cel.testing.testrunner.CelTestSuiteTextProtoParser;
+import dev.cel.testing.testrunner.CelTestSuiteYamlParser;
+import java.io.File;
+import java.util.List;
+import org.junit.runner.Description;
+import org.junit.runner.notification.RunNotifier;
+import org.junit.runners.ParentRunner;
+import org.junit.runners.model.InitializationError;
+
+/** Custom JUnit runner for CEL policy conformance tests. */
+public final class PolicyConformanceTestRunner extends ParentRunner<PolicyConformanceTest> {
+
+  private static final Splitter SPLITTER = Splitter.on(",").omitEmptyStrings();
+  private static final String TESTS_YAML_FILE_NAME = "tests.yaml";
+  private static final String TESTS_TEXTPROTO_FILE_NAME = "tests.textproto";
+
+  private final ImmutableList<PolicyConformanceTest> tests;
+
+  public PolicyConformanceTestRunner(Class<?> clazz) throws InitializationError {
+    super(clazz);
+    this.tests = loadTests();
+  }
+
+  private ImmutableList<PolicyConformanceTest> loadTests() {
+    ImmutableList.Builder<PolicyConformanceTest> testsBuilder = ImmutableList.builder();
+    String testDirsProp = System.getProperty("dev.cel.policy.conformance.tests");
+    String testdataDir = System.getProperty("dev.cel.policy.conformance.testdata_dir", "testdata");
+    String skipTestsProp = System.getProperty("dev.cel.policy.conformance.skip_tests");
+    ImmutableList<String> testsToSkip =
+        Strings.isNullOrEmpty(skipTestsProp)
+            ? ImmutableList.of()
+            : ImmutableList.copyOf(SPLITTER.splitToList(skipTestsProp));
+
+    if (Strings.isNullOrEmpty(testDirsProp)) {
+      return ImmutableList.of();
+    }
+
+    ImmutableList<String> testDirs = ImmutableList.copyOf(SPLITTER.splitToList(testDirsProp));
+
+    for (String dir : testDirs) {
+      String fullDirPath = testdataDir + "/" + dir;
+      try {
+        CelTestSuite testSuite = readTestSuite(fullDirPath);
+        for (CelTestSection section : testSuite.sections()) {
+          for (CelTestCase testCase : section.tests()) {
+            String name = String.format("%s/%s/%s", dir, section.name(), testCase.name());
+            if (!shouldSkipTest(name, testsToSkip)) {
+              testsBuilder.add(new PolicyConformanceTest(name, testCase, fullDirPath));
+            }
+          }
+        }
+      } catch (Exception e) {
+        throw new RuntimeException("Failed to load test suite in " + fullDirPath, e);
+      }
+    }
+    return testsBuilder.build();
+  }
+
+  private static boolean shouldSkipTest(String name, List<String> testsToSkip) {
+    for (String testToSkip : testsToSkip) {
+      if (name.startsWith(testToSkip)) {
+        String consumedName = name.substring(testToSkip.length());
+        if (consumedName.isEmpty() || consumedName.startsWith("/")) {
+          return true;
+        }
+      }
+    }
+    return false;
+  }
+
+  private static CelTestSuite readTestSuite(String dirPath) throws Exception {
+    File dir = new File(dirPath);
+    File yamlFile = new File(dir, TESTS_YAML_FILE_NAME);
+    if (yamlFile.exists()) {
+      return CelTestSuiteYamlParser.newInstance().parse(Files.asCharSource(yamlFile, UTF_8).read());
+    }
+    File textprotoFile = new File(dir, TESTS_TEXTPROTO_FILE_NAME);
+    if (textprotoFile.exists()) {
+      return CelTestSuiteTextProtoParser.newInstance()
+          .parse(Files.asCharSource(textprotoFile, UTF_8).read());
+    }
+    throw new IllegalArgumentException(
+        String.format(
+            "No %s or %s found in %s", TESTS_YAML_FILE_NAME, TESTS_TEXTPROTO_FILE_NAME, dirPath));
+  }
+
+  @Override
+  protected ImmutableList<PolicyConformanceTest> getChildren() {
+    return tests;
+  }
+
+  @Override
+  protected Description describeChild(PolicyConformanceTest child) {
+    return Description.createTestDescription(getTestClass().getJavaClass(), child.getName());
+  }
+
+  @Override
+  protected void runChild(PolicyConformanceTest child, RunNotifier notifier) {
+    runLeaf(child, describeChild(child), notifier);
+  }
+}

policy/src/test/java/dev/cel/policy/conformance/PolicyConformanceTests.java

@@ -0,0 +1,21 @@
+// Copyright 2026 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package dev.cel.policy.conformance;
+
+import org.junit.runner.RunWith;
+
+/** Main test class for CEL policy conformance tests. */
+@RunWith(PolicyConformanceTestRunner.class)
+public class PolicyConformanceTests {}