diff --git a/pkg/cc/config/generator.go b/pkg/cc/config/generator.go index 614c1f6b..bcd0a780 100644 --- a/pkg/cc/config/generator.go +++ b/pkg/cc/config/generator.go @@ -22,8 +22,8 @@ func (g *Generator) WithVersion(version int) *Generator { return g } -func (g *Generator) WithLocalPolicyImage(image string) *Generator { - g.LocalPolicyImage = image +func (g *Generator) WithLocalPolicy(local bool) *Generator { + g.LocalPolicy = local return g } diff --git a/pkg/cc/config/templates.go b/pkg/cc/config/templates.go index 9420f4f3..735c899f 100644 --- a/pkg/cc/config/templates.go +++ b/pkg/cc/config/templates.go @@ -2,10 +2,10 @@ package config type templateParams struct { Version int - LocalPolicyImage string PolicyName string Resource string Authorization string + LocalPolicy bool EdgeDirectory bool SeedMetadata bool EnableDirectoryV2 bool @@ -34,7 +34,7 @@ opa: graceful_shutdown_period_seconds: 2 # max_plugin_wait_time_seconds: 30 set as default local_bundles: - local_policy_image: {{ .LocalPolicyImage }} + local_policy_image: {{ .Resource }} watch: true skip_verification: true ` @@ -148,8 +148,8 @@ jwt: # authentication configuration auth: api_keys: - # "": - # "": + # "": + # "": options: default: enable_api_key: false @@ -457,7 +457,7 @@ api: read_header_timeout: 2s write_timeout: 2s idle_timeout: 30s - + authorizer: needs: - reader diff --git a/pkg/cli/cmd/configure/new.go b/pkg/cli/cmd/configure/new.go index 85bf2716..148b5a50 100644 --- a/pkg/cli/cmd/configure/new.go +++ b/pkg/cli/cmd/configure/new.go @@ -13,19 +13,28 @@ import ( "github.com/pkg/errors" ) +const ( + FromRemote = "remote" + FromLocal = "local" +) + type NewConfigCmd struct { Name ConfigName `short:"n" help:"config name"` - LocalPolicyImage string `short:"l" help:"local policy image name"` - Resource string `short:"r" help:"resource url"` - Stdout bool `short:"p" help:"print to stdout"` + Resource string `short:"r" help:"policy uri (e.g. ghcr.io/org/policy:tag)"` + From string `enum:"remote,local" default:"remote" help:"load policy from remote or local image"` + Stdout bool `short:"p" help:"print to stdout" default:"false"` EdgeDirectory bool `short:"d" help:"enable edge directory" default:"false"` - Force bool `flag:"" default:"false" short:"f" required:"false" help:"skip confirmation prompt"` + Force bool `short:"f" flag:"" default:"false" required:"false" help:"skip confirmation prompt"` + LocalPolicyImage string `short:"l" help:"[deprecated: use --local instead] local policy image name"` } func (cmd *NewConfigCmd) Run(c *cc.CommonCtx) error { - if cmd.Name == "" && cmd.Resource == "" { + if cmd.Resource == "" { if cmd.LocalPolicyImage == "" { - return errors.New("you either need to provide a local policy image or the resource and the policy name for the configuration") + return errors.New("no policy specified. Please provide a policy URI with the --resource (-r) option") + } else { + c.Con().Warn().Msg("The --local-policy-image options (-l) is deprecated and will be removed in a future release. " + + "Please use the --local flag instead.") } } @@ -39,11 +48,17 @@ func (cmd *NewConfigCmd) Run(c *cc.CommonCtx) error { c.Con().Info().Msg(">>> configure policy\n") } + // Backward-compatibility with deprecated LocalPolicyImage option. + resource, local := cmd.Resource, cmd.From == FromLocal + if cmd.LocalPolicyImage != "" { + resource, local = cmd.LocalPolicyImage, true + } + configGenerator := config.NewGenerator(cmd.Name.String()). WithVersion(config.ConfigFileVersion). - WithLocalPolicyImage(cmd.LocalPolicyImage). WithPolicyName(cmd.Name.String()). - WithResource(cmd.Resource). + WithResource(resource). + WithLocalPolicy(local). WithEdgeDirectory(cmd.EdgeDirectory) _, err := configGenerator.CreateConfigDir() @@ -85,8 +100,8 @@ func (cmd *NewConfigCmd) Run(c *cc.CommonCtx) error { } if !cmd.Stdout { - if cmd.LocalPolicyImage != "" { - c.Con().Info().Msg("using local policy image: %s", cmd.LocalPolicyImage) + if local { + c.Con().Info().Msg("using local policy image: %s", resource) return configGenerator.GenerateConfig(w, config.LocalImageTemplate) } diff --git a/pkg/cli/cmd/templates/install.go b/pkg/cli/cmd/templates/install.go index 7f5315ea..06d7fa40 100644 --- a/pkg/cli/cmd/templates/install.go +++ b/pkg/cli/cmd/templates/install.go @@ -14,6 +14,7 @@ import ( "github.com/aserto-dev/topaz/pkg/cli/cmd/configure" "github.com/aserto-dev/topaz/pkg/cli/cmd/directory" "github.com/aserto-dev/topaz/pkg/cli/cmd/topaz" + "github.com/samber/lo" ) type InstallTemplateCmd struct { @@ -177,6 +178,7 @@ func (cmd *InstallTemplateCmd) prepareTopaz(c *cc.CommonCtx, tmpl *template, cus command := configure.NewConfigCmd{ Name: configure.ConfigName(name), Resource: tmpl.Assets.Policy.Resource, + From: lo.Ternary(tmpl.Assets.Policy.Local, configure.FromLocal, configure.FromRemote), Force: true, } if err := command.Run(c); err != nil { diff --git a/pkg/cli/cmd/templates/template.go b/pkg/cli/cmd/templates/template.go index 84cb231e..e44a9aca 100644 --- a/pkg/cli/cmd/templates/template.go +++ b/pkg/cli/cmd/templates/template.go @@ -46,6 +46,7 @@ type template struct { Policy struct { Name string `json:"name"` Resource string `json:"resource"` + Local bool `json:"local"` } `json:"policy,omitempty"` IdentityData []string `json:"idp_data,omitempty"` DomainData []string `json:"domain_data,omitempty"`