Open michelleN opened 6 months ago
None of our plugins are technically "audited" even the ones that come from the registry. The original design of the plugin system follows the apt
style package managers. I would still be in favor of styling and having the user acknowledge that they are installing an explicit action.
That being said I like the idea of having an environment variable similar to how we have SPIN_ALWAYS_BUILD
that a user can set so that they can avoid the --yes
flag.
I'm assuming krew doesn't automatically install plugins and then run them with just a warning? I think that's the main difference here.
Edit: Oh wait we install cloud
without even a warning... :thinking:
Oh I guess if you're talking about --yes
you mean the actual spin plugins install
command. Yeah I think it would be fine to just display a warning there, or at least default to "yes".
Separately, we might want to be a wee bit more explicit about the information displayed when we suggest installing if you run spin kube
without the plugin already installed. Its weird that the message on explicit spin plugins install kube
:
You are trying to install the `kube` plugin with Apache-2.0 license from https://github.com/spinkube/spin-plugin-kube/releases/download/v0.1.0/spin-plugin-kube-0.1.0-linux-amd64.tar.gz
Are you sure you want to continue?
has more information than the prompt on spin kube
:
Warning: `kube` is not a known Spin command, but there is a plugin with that name.
Would you like to install and run it now?
Also weird that the former defaults to "no" and the latter has no default.
TL;DR, I'd suggest:
spin plugins install
prompt default to "yes" (if not removing it entirely). I feel like the current behavior might have been my suggestion but people can change their minds OK? :sweat_smile:
krew
,kubectl
s plugin manager displays the following message instead of prompting to confirm installation of the plugin:It would be nice to let people know they installed something we have not audited and skip the prompt step. I don't there is ever going to be a time when I say no and I always forget to use the
--yes
flag.I'd love to see either of the following:
--yes
flag so that you could set false if you are more cautious and want to be prompted.krew
's warning rather than prompting to confirm installation