Hi All, i installed OPA gatekeeper on a downstream cluster from Rancher UI. The requirement is to create a custom OPA policy template which matches two arrays. The arrays are definition of port numbers. For simplicity sake, i have the following:

import <http://future.keywords.in|future.keywords.in>

violation[{"msg": msg}] {
    allowedPorts := [8161, 9404, 61616, 5445, 9999, 2022]
    actualPorts := [8161, 9404, 61616, 5445]

	some port in actualPorts; not port in allowedPorts
    msg := sprintf("service has forbidden exposed ports: %v", [actualPorts])
}

the idea is that if a port in

actualPorts

doesn't match any in

allowedPorts

, it should result in a violation. this works fine on the OPA playground. but it doesn't work when used as OPA template in Rancher. it seems the

import

doesn't work. i've tried

import data.lib.future.keywords

and

import '<http://github.com/open-policy-agent/opa/internal/future|github.com/open-policy-agent/opa/internal/future>'

, Q> any ideas on how i can compare the arrays or import the required module?