docs(config): add descriptions to all configuration variables and tests #682
Conversation
Signed-off-by: David Anyatonwu <[email protected]>
Signed-off-by: David Anyatonwu <[email protected]>
✅ Deploy Preview for opal-docs canceled.
|
|
The PR is ready for review @gemanor |
| POLICY_STORE_URL = confi.str( | ||
| "POLICY_STORE_URL", | ||
| "http://localhost:8181", | ||
| description="URL of the policy store" |
There was a problem hiding this comment.
This is exactly what written on the key, please explain more...
| INLINE_OPA_ENABLED = confi.bool( | ||
| "INLINE_OPA_ENABLED", | ||
| True, | ||
| description="Whether to run OPA inline within OPAL" |
There was a problem hiding this comment.
Even the code comment has more description of this description. The task is to write descriptions of the variables, not just mark them as solved. Please do some understanding work around OPAL, and explain the configuration variables in a concise but descriptive way.
Signed-off-by: David Anyatonwu <[email protected]>
Done. |
|
@gemanor Please review. |
|
Hi @gemanor, I don't know if you have got time to review this. |
1 similar comment
|
Hi @gemanor, I don't know if you have got time to review this. |
There was a problem hiding this comment.
@onyedikachi-david nice job. Please see my comments inside. Almost there. good luck and don't hesitate to contact me for any help needed.
| "POLICY_STORE_TYPE", | ||
| PolicyStoreTypes, | ||
| PolicyStoreTypes.OPA, | ||
| description="Specifies the type of policy store to use. Currently supports OPA (Open Policy Agent) and Cedar. This determines how OPAL interacts with the policy engine." |
There was a problem hiding this comment.
@onyedikachi-david I would add how it affects the interaction.
| @@ -65,14 +74,14 @@ class OpalClientConfig(Confi): | |||
| "attempts": 5, | |||
| "wait_time": 1, | |||
| }, | |||
| description="retry options when connecting to the policy source (e.g. the policy bundle server)", | |||
| description="Retry options when connecting to the policy source (e.g., the policy bundle server). Configures how OPAL handles connection failures when fetching policy updates." | |||
There was a problem hiding this comment.
@onyedikachi-david wait time in seconds
| INLINE_CEDAR_ENABLED = confi.bool( | ||
| "INLINE_CEDAR_ENABLED", | ||
| True, | ||
| description="Determines whether OPAL should run the Cedar agent inline within its own container. Similar to INLINE_OPA_ENABLED, but for Cedar policy engine." |
There was a problem hiding this comment.
@onyedikachi-david please add if both options could be enabled at the same time opa and cedar
| ) | ||
|
|
||
| OPAL_CLIENT_STAT_ID = confi.str( | ||
| "OPAL_CLIENT_STAT_ID", | ||
| None, | ||
| description="Unique client statistics identifier", | ||
| description="Unique identifier for client statistics. This can be used to track and differentiate between multiple OPAL clients in a distributed setup." | ||
| ) | ||
|
|
||
| OPA_HEALTH_CHECK_POLICY_PATH = "engine/healthcheck/opal.rego" |
| @@ -5,18 +5,24 @@ | |||
| from opal_common.confi import Confi, confi | |||
|
|
|||
| _LOG_FORMAT_WITHOUT_PID = "<green>{time}</green> | <blue>{name: <40}</blue>|<level>{level:^6} | {message}</level>\n{exception}" | |||
| _LOG_FORMAT_WITH_PID = "<green>{time}</green> | {process} | <blue>{name: <40}</blue>|<level>{level:^6} | {message}</level>\n{exception}" | |||
| _LOG_FORMAT_WITH_PID = "<green>{time}</green> | {process} | <blue>{name: <40></blue>|<level>{level:^6} | {message}</level>\n{exception}" | |||
| POLICY_REPO_MANIFEST_PATH = confi.str( | ||
| "POLICY_REPO_MANIFEST_PATH", | ||
| "", | ||
| "Path of the directory holding the '.manifest' file (new fashion), or of the manifest file itself (old fashion). Repo's root is used by default", | ||
| "Path to the directory containing the '.manifest' file, or to the manifest file itself. " | ||
| "The manifest file is used to specify which files in the repo should be treated as policies.", |
There was a problem hiding this comment.
@onyedikachi-david where is the spec about that file, and its content format?
| "LEADER_LOCK_FILE_PATH", "/tmp/opal_server_leader.lock" | ||
| "LEADER_LOCK_FILE_PATH", | ||
| "/tmp/opal_server_leader.lock", | ||
| description="Path to the leader lock file. Used in multi-server setups to determine the primary server." |
There was a problem hiding this comment.
@onyedikachi-david multi server might be a bit confusing. I think this is for the number of uviworkers in the server, to set the process that is the leader. am I right?
| ) | ||
| POLICY_BUNDLE_GIT_ADD_PATTERN = confi.str( | ||
| "POLICY_BUNDLE_GIT_ADD_PATTERN", | ||
| "*", | ||
| description="File pattern to add files to git default to all the files (*)", | ||
| description="File pattern to add files to git. Default is all files (*).", |
There was a problem hiding this comment.
@onyedikachi-david not clear what is this? which files are added to git?
|
|
||
| SCOPES_REPO_CLONES_SHARDS = confi.int( | ||
| "SCOPES_REPO_CLONES_SHARDS", | ||
| 1, | ||
| description="The max number of local clones to use for the same repo (reused across scopes)", | ||
| description="The maximum number of local clones to use for the same repo (reused across scopes). This helps in managing multiple scopes efficiently." |
There was a problem hiding this comment.
@onyedikachi-david this one needs more explanation. what are those shards and their relationship to the scopes
|
|
||
| # Policy refresh configuration | ||
| POLICY_REFRESH_INTERVAL = confi.int( |
There was a problem hiding this comment.
@onyedikachi-david isn't this POLICY_REPO_POLLING_INTERVAL? What is the difference between the two?
|
@iwphonedo, I thought it's closed. Even though I open a PR first and my re-review request was pending when the other PR was opened. Should I reopen? |
|
@onyedikachi-david send like another PR was already merged for this. Sorry I didn't notice prior to my review. Best |
|
Okay |
Closes #40
/claim #40
Changes proposed
Check List (Check all the applicable boxes)