Skip to content

Commit

Permalink
Docs: suggest using opa-config.yaml as name for config file (open-p…
Browse files Browse the repository at this point in the history
…olicy-agent#6966)

And update some references throughout the docs.

Fixes open-policy-agent#6959

Signed-off-by: Anders Eknert <anders@styra.com>
  • Loading branch information
anderseknert authored Aug 27, 2024
1 parent 8412289 commit 7b535a7
Show file tree
Hide file tree
Showing 5 changed files with 21 additions and 13 deletions.
2 changes: 1 addition & 1 deletion ast/policy.go
Original file line number Diff line number Diff line change
Expand Up @@ -570,7 +570,7 @@ func (pkg *Package) MarshalJSON() ([]byte, error) {
}

// IsValidImportPath returns an error indicating if the import path is invalid.
// If the import path is invalid, err is nil.
// If the import path is valid, err is nil.
func IsValidImportPath(v Value) (err error) {
switch v := v.(type) {
case Var:
Expand Down
14 changes: 11 additions & 3 deletions docs/content/configuration.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,19 @@ required must be specified if the parent is defined. For example, when the
configuration contains a `status` key, the `status.service` field must be
defined.

{{< info >}}
OPA accepts any name for the configuration file. Some tooling may however benefit from knowing what name to associate
with OPA's configuration file (for auto-completion of attributes, linting, etc.). The following names could be
considered idiomatic for that purpose:
- `opa-config.yaml` (or `.json`)
- `opa-conf.yaml` (or `.json`)
{{< /info >}}

The configuration file path is specified with the `-c` or `--config-file`
command line argument:

```bash
opa run -s -c config.yaml
opa run -s -c opa-config.yaml
```

The file can be either JSON or YAML format. The following is an example
Expand Down Expand Up @@ -1019,7 +1027,7 @@ It will read the contents of the file and set the config value with the token.
If using arrays/lists in the configuration the `--set` and `--set-file` overrides will not be able to
patch sub-objects of the list. They will overwrite the entire index with the new object.

For example, a `config.yaml` file with contents:
For example, a `opa-config.yaml` file with contents:

```yaml
services:
Expand All @@ -1034,7 +1042,7 @@ Used with overrides:

```shell
opa run \
--config-file config.yaml
--config-file opa-config.yaml
--set-file "services[0].credentials.bearer.token=/var/run/secrets/bearer_token.txt"
```

Expand Down
6 changes: 3 additions & 3 deletions docs/content/docker-authorization.md
Original file line number Diff line number Diff line change
Expand Up @@ -97,21 +97,21 @@ decision_logs:
console: true
```
Save the above file as `config.yaml`. We'll need to place this somewhere where the plugin can find it.
Save the above file as `opa-config.yaml`. We'll need to place this somewhere where the plugin can find it.
The `/etc/docker` directory will be mounted as `/opa` in the container running the plugin, so let's create a
sub-directory for our configuration file there.

```shell
sudo mkdir -p /etc/docker/config
sudo mv config.yaml /etc/docker/config/
sudo mv opa-config.yaml /etc/docker/config/
```

### 3. Install the opa-docker-authz plugin.

Install the `opa-docker-authz` plugin and point it to the config file just created.

```shell
docker plugin install openpolicyagent/opa-docker-authz-v2:0.9 opa-args="-config-file /opa/config/config.yaml"
docker plugin install openpolicyagent/opa-docker-authz-v2:0.9 opa-args="-config-file /opa/config/opa-config.yaml"
```

You need to configure the Docker daemon to use the plugin for authorization.
Expand Down
4 changes: 2 additions & 2 deletions docs/content/extensions.md
Original file line number Diff line number Diff line change
Expand Up @@ -332,7 +332,7 @@ go build -o opa++

Define an OPA configuration file that will use your plugin:

**config.yaml**:
**opa-config.yaml**:

```yaml
decision_logs:
Expand All @@ -345,7 +345,7 @@ plugins:
Start OPA with the configuration file:
```bash
./opa++ run --server --config-file config.yaml
./opa++ run --server --config-file opa-config.yaml
```

Exercise the plugin via the OPA API:
Expand Down
8 changes: 4 additions & 4 deletions docs/content/management-discovery.md
Original file line number Diff line number Diff line change
Expand Up @@ -201,7 +201,7 @@ with `region: "US"`, then the `bundle_name` will be `example/test1/p`.

Start an OPA with a boot configuration as shown below:

**config.yaml**
**opa-config.yaml**

```yaml
services:
Expand All @@ -220,7 +220,7 @@ labels:
Run OPA:
```bash
opa run -s -c config.yaml
opa run -s -c opa-config.yaml
```

You should see a log like below, which shows the bundle being downloaded. In
Expand All @@ -233,7 +233,7 @@ INFO Bundle downloaded and activated successfully. name=example/test1/p plugin=b
Now start another OPA with a boot configuration as shown below. Notice the
`region` is `UK`:

**config.yaml**
**opa-config.yaml**

```yaml
services:
Expand All @@ -252,7 +252,7 @@ labels:
Run OPA:
```bash
opa run -s -c config.yaml
opa run -s -c opa-config.yaml
```

In this case, the bundle being downloaded is `example/test2/p` as `region` is
Expand Down

0 comments on commit 7b535a7

Please sign in to comment.