Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dynamic host volumes: policy-override flag on CLI #24592

Merged
merged 2 commits into from
Dec 3, 2024
Merged

dynamic host volumes: policy-override flag on CLI #24592

merged 2 commits into from
Dec 3, 2024

Conversation

tgross
Copy link
Member

@tgross tgross commented Dec 2, 2024
edited
Loading

The create/register volume RPCs support a policy override flag for soft-mandatory Sentinel policies, but the CLI and Go API were missing support for it.

Also add support for Sentinel warnings to the Go API and CLI.

Ref: #24479

Testing with the following policy file:

has_tag = func() {
  print("volume is missing tag")
  tag = volume.parameters["tag"] else 0
  return tag is not 0
}

main = rule { has_tag() }

After applying this branch on top of https://github.com/hashicorp/nomad-enterprise/pull/2087:

$ nomad sentinel apply -scope=submit-volume -level=soft-mandatory no-untagged-volumes ./policy.hcl
Successfully wrote "no-untagged-volumes" Sentinel policy!

$ nomad volume create ./demo/hostvolume/host.volume.hcl
Error creating volume: Unexpected response code: 500 (1 error occurred:
        * no-untagged-volumes : Result: false

Print messages:

volume is missing tag

no-untagged-volumes:7:1 - Rule "main"
  Value:
    false)

$ nomad volume create -policy-override ./demo/hostvolume/host.volume.hcl
==> Created host volume test with ID 533bd0e0-ec17-2607-97b4-56eb2079aaad
  ⠦ Monitoring volume "533bd0e0" in progress...

    2024-12-02T16:07:59-05:00
    ID        = 533bd0e0-ec17-2607-97b4-56eb2079aaad
    Name      = test
    Namespace = default
    Plugin ID = example-host-volume
    Node ID   = 876ae9a8-4a89-1f50-2d87-a8ecdd01be5b
    Node Pool = default
    Capacity  = 47 MiB
    State     = pending
    Host Path = /run/nomad/dev/alloc_mounts/533bd0e0-ec17-2607-97b4-56eb2079aaad^C

@tgross
dynamic host volumes: policy-override flag on CLI
34b84ea 
The create/register volume RPCs support a policy override flag for
soft-mandatory Sentinel policies, but the CLI and Go API were missing support
for it.

Ref: #24479
@tgross tgross added theme/enterprise Issues related to Enterprise features theme/storage type/enhancement labels Dec 2, 2024
@tgross tgross added this to the 1.10.0 milestone Dec 2, 2024
@tgross tgross marked this pull request as ready for review December 2, 2024 21:09
@tgross tgross requested review from a team as code owners December 2, 2024 21:09
pkazmierczak
pkazmierczak approved these changes Dec 3, 2024
View reviewed changes
Copy link
Contributor

@pkazmierczak pkazmierczak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@tgross tgross requested a review from pkazmierczak December 3, 2024 14:17
@tgross tgross merged commit bef9714 into dynamic-host-volumes Dec 3, 2024
17 checks passed
@tgross tgross deleted the dhv-cli-sentinel-override branch December 3, 2024 14:48
tgross added a commit that referenced this pull request Dec 3, 2024
@tgross
dynamic host volumes: Sentinel improvements for CLI (#24592)
8c3d8fe 
The create/register volume RPCs support a policy override flag for
soft-mandatory Sentinel policies, but the CLI and Go API were missing support
for it.

Also add support for Sentinel warnings to the Go API and CLI.

Ref: #24479
tgross added a commit that referenced this pull request Dec 9, 2024
@tgross
dynamic host volumes: Sentinel improvements for CLI (#24592)
6d5d99c 
The create/register volume RPCs support a policy override flag for
soft-mandatory Sentinel policies, but the CLI and Go API were missing support
for it.

Also add support for Sentinel warnings to the Go API and CLI.

Ref: #24479
tgross added a commit that referenced this pull request Dec 13, 2024
@tgross
dynamic host volumes: Sentinel improvements for CLI (#24592)
9076695 
The create/register volume RPCs support a policy override flag for
soft-mandatory Sentinel policies, but the CLI and Go API were missing support
for it.

Also add support for Sentinel warnings to the Go API and CLI.

Ref: #24479
tgross added a commit that referenced this pull request Dec 19, 2024
@tgross
dynamic host volumes: Sentinel improvements for CLI (#24592)
d700538 
The create/register volume RPCs support a policy override flag for
soft-mandatory Sentinel policies, but the CLI and Go API were missing support
for it.

Also add support for Sentinel warnings to the Go API and CLI.

Ref: #24479
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pkazmierczak pkazmierczak pkazmierczak approved these changes

@gulducat gulducat Awaiting requested review from gulducat

Assignees
No one assigned
Labels
theme/enterprise Issues related to Enterprise features theme/storage type/enhancement
Projects
None yet
Milestone
1.10.0
Development

Successfully merging this pull request may close these issues.
2 participants
@tgross @pkazmierczak