Allow templates to use local policies

[ronenh]

This makes it possible to use topaz templates install with a policy image that has been built locally but not pushed to a remote registry.

It is especially useful in policy repos when testing local changes or validating pull requests in CI.

In addition, there are some changes to the config new command:

• A new --from [remote|local] enum option is introduced. If local, topaz loads the image specified in --resource from the local policy registry. The default is remote.
• The --local-policy-image option is deprecated (but still implemented for backward-compatibility).

[coveralls]

Pull Request Test Coverage Report for Build 10813919165

Warning: This coverage report may be inaccurate.

This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.

• For more information on this, see Tracking coverage changes with pull request builds.
• To avoid this issue with future PRs, see these Recommended CI Configurations.
• For a quick fix, rebase this PR at GitHub. Your next report should be accurate.

Details

• 0 of 2 (0.0%) changed or added relevant lines in 1 file are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage remained the same at 28.211%

---

Changes Missing Coverage	Covered Lines	Changed/Added Lines	%
pkg/cc/config/generator.go	0	2	0.0%
<!--	Total:	0	2	0.0%	-->

Totals
Change from base Build 10758496717:	0.0%
Covered Lines:	1307
Relevant Lines:	4633

---

💛 - Coveralls

[gertd]

We should ensure symmetry with topaz config new which currently exposes the --local-policy-image flag.

topaz config new --help

create new configuration

Flags:
  -h, --help                         Show context-sensitive help.
  -N, --no-check                     disable local container status check ($TOPAZ_NO_CHECK)
      --no-color                     disable colored terminal output ($TOPAZ_NO_COLOR)
  -v, --verbosity                    log level

  -n, --name=CONFIG-NAME             config name
  -l, --local-policy-image=STRING    local policy image name
  -r, --resource=STRING              resource url
  -p, --stdout                       print to stdout
  -d, --edge-directory               enable edge directory
  -f, --force                        skip confirmation prompt

I suggest we update topaz config new add

--local 

to indicate a local image, and only use --resource to pass the resource value, and mark --local-policy-image as obsolete/deprecated.

This yields the next question regarding local bundles, which are currently manual config changes users have to make themselves.

We can make --local a string enum, defaulting to policy or policy-image, so the user only has to provide --local and a second enum option for bundle. This way, we can add support for local bundles as well. The question is, what would that imply to support local bundles in a template file?

I have asked @carabasdaniel to look into this.

If we agree to add --local to topaz config new, finish this PR and create a new one for updating topaz config new

[ronenh]

Great idea @gertd. I pushed a commit that adds the --local flag to config new and deprecates --local-poilcy-image.