Nyl facilitates the orchestration of infrastructure and application deployment pipelines across different tools, making them work together in a seamless manner.
When using Nyl with nyl-profile.yaml, you might have NYL_PROFILE set to have it use a profile other than the "default" profile. Without the profiles configuration, the regular kubectl configuration is used (e.g. what you have in ~/.kube/config or KUBECONFIG).
It seems likely that eventually someone will make a mistake and think they're using a different NYL_PROFILE or default Kubernetes context and accidentally run nyl template --apply targeting the wrong Kubernetes cluster.
Hence, I think we should add an option to nyl-project.yaml that defines some kind of allow list of which Kubernetes clusters may be targeted. If the target cluster is not in this list, it should maybe error or at least ask for confirmation.
When using Nyl with
nyl-profile.yaml
, you might haveNYL_PROFILE
set to have it use a profile other than the"default"
profile. Without the profiles configuration, the regularkubectl
configuration is used (e.g. what you have in~/.kube/config
orKUBECONFIG
).It seems likely that eventually someone will make a mistake and think they're using a different
NYL_PROFILE
or default Kubernetes context and accidentally runnyl template --apply
targeting the wrong Kubernetes cluster.Hence, I think we should add an option to
nyl-project.yaml
that defines some kind of allow list of which Kubernetes clusters may be targeted. If the target cluster is not in this list, it should maybe error or at least ask for confirmation.Notional example:
This could be the name of a
profile
or Kubectl context.