Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add option to verify target cluster when running nyl template --apply #18

Open
NiklasRosenstein opened this issue Aug 22, 2024 · 0 comments
Open

Add option to verify target cluster when running nyl template --apply #18

NiklasRosenstein opened this issue Aug 22, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@NiklasRosenstein
Copy link
Collaborator

When using Nyl with nyl-profile.yaml, you might have NYL_PROFILE set to have it use a profile other than the "default" profile. Without the profiles configuration, the regular kubectl configuration is used (e.g. what you have in ~/.kube/config or KUBECONFIG).

It seems likely that eventually someone will make a mistake and think they're using a different NYL_PROFILE or default Kubernetes context and accidentally run nyl template --apply targeting the wrong Kubernetes cluster.

Hence, I think we should add an option to nyl-project.yaml that defines some kind of allow list of which Kubernetes clusters may be targeted. If the target cluster is not in this list, it should maybe error or at least ask for confirmation.

Notional example:

# nyl-project.yaml
allowed_target_clusters:
- aws-infrastructure-prod

This could be the name of a profile or Kubectl context.
@NiklasRosenstein NiklasRosenstein added the enhancement New feature or request label Aug 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@NiklasRosenstein