Closed ronenh closed 3 weeks ago
This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.
Changes Missing Coverage | Covered Lines | Changed/Added Lines | % | ||
---|---|---|---|---|---|
pkg/cc/config/generator.go | 0 | 2 | 0.0% | ||
<!-- | Total: | 0 | 2 | 0.0% | --> |
Totals | |
---|---|
Change from base Build 10758496717: | 0.0% |
Covered Lines: | 1307 |
Relevant Lines: | 4633 |
We should ensure symmetry with topaz config new
which currently exposes the --local-policy-image
flag.
topaz config new --help
create new configuration
Flags:
-h, --help Show context-sensitive help.
-N, --no-check disable local container status check ($TOPAZ_NO_CHECK)
--no-color disable colored terminal output ($TOPAZ_NO_COLOR)
-v, --verbosity log level
-n, --name=CONFIG-NAME config name
-l, --local-policy-image=STRING local policy image name
-r, --resource=STRING resource url
-p, --stdout print to stdout
-d, --edge-directory enable edge directory
-f, --force skip confirmation prompt
I suggest we update topaz config new
add
--local
to indicate a local image, and only use --resource
to pass the resource value,
and mark --local-policy-image
as obsolete/deprecated.
This yields the next question regarding local bundles, which are currently manual config changes users have to make themselves.
We can make --local
a string enum, defaulting to policy
or policy-image,
so the user only has to provide --local
and a second enum option for bundle.
This way, we can add support for local bundles as well. The question is, what would that imply to support local bundles in a template file?
I have asked @carabasdaniel to look into this.
If we agree to add --local
to topaz config new
, finish this PR and create a new one for updating topaz config new
Great idea @gertd. I pushed a commit that adds the --local
flag to config new
and deprecates --local-poilcy-image
.
This makes it possible to use
topaz templates install
with a policy image that has been built locally but not pushed to a remote registry.It is especially useful in policy repos when testing local changes or validating pull requests in CI.
In addition, there are some changes to the
config new
command:--from [remote|local]
enum option is introduced. Iflocal
, topaz loads the image specified in--resource
from the local policy registry. The default isremote
.--local-policy-image
option is deprecated (but still implemented for backward-compatibility).