Nyl facilitates the orchestration of infrastructure and application deployment pipelines across different tools, making them work together in a seamless manner.
When using Nyl with nyl-profile.yaml, you might have NYL_PROFILE set to have it use a profile other than the "default" profile. Without the profiles configuration, the regular kubectl configuration is used (e.g. what you have in ~/.kube/config or KUBECONFIG).
It seems likely that eventually someone will make a mistake and think they're using a different NYL_PROFILE or default Kubernetes context and accidentally run nyl template --apply targeting the wrong Kubernetes cluster.
Hence, I think we should add an option to nyl-project.yaml that defines some kind of allow list of which Kubernetes clusters may be targeted. If the target cluster is not in this list, it should maybe error or at least ask for confirmation.
When using Nyl with
nyl-profile.yaml, you might haveNYL_PROFILEset to have it use a profile other than the"default"profile. Without the profiles configuration, the regularkubectlconfiguration is used (e.g. what you have in~/.kube/configorKUBECONFIG).It seems likely that eventually someone will make a mistake and think they're using a different
NYL_PROFILEor default Kubernetes context and accidentally runnyl template --applytargeting the wrong Kubernetes cluster.Hence, I think we should add an option to
nyl-project.yamlthat defines some kind of allow list of which Kubernetes clusters may be targeted. If the target cluster is not in this list, it should maybe error or at least ask for confirmation.Notional example:
This could be the name of a
profileor Kubectl context.