opal
opal copied to clipboard
Track git tags
This change was discussed on slack and @orweis said a contribution adding tracking of git tags could be considered.
Changes proposed
Why tracking git tags instead of branch
In a way this could be considered "against" how git is supposed to be used - some say tags should be immutable. However, mutable tags are defacto sometimes used, the most clear example being using a "latest" tag or a "v1-latest" tag.
Using tags this way could let you use a policy repo with a single base branch, while still giving control of what is rolled out in each env. Consider the traditional dev/prod setup:
- the
dev
instance of OPAL is tracking the base branch (ex.master
) - the
prod
instance of OPAL is tracking aprod
tag which can be moved at will once the changes in dev/master is tested properly.
This current way of doing this is to have multiple long lived branches in the same repo - this can be cumbersome and lead to a bunch of manual merging of branches.
Changes
- Add env variable
POLICY_REPO_TAG
and cli arg--policy-repo-tag
, defaulting to None. When used, OPAL will track the tag.
POLICY_REPO_TAG
and POLICY_REPO_MAIN_BRANCH
The two variables are obviously dependent on eachother. My idea was to not break default behaviour.
POLICY_REPO_TAG | POLICY_REPO_MAIN_BRANCH | Behaviour |
---|---|---|
Empty | Empty | OPAL tracks the master branch |
Empty | Not Empty | OPAL tracks the given branch |
Not Empty | Empty | OPAL tracks the given tag |
Not Empty | Not Empty | OPAL fails (cannot decide what to track) |
Check List (Check all the applicable boxes)
- [x] I sign off on contributing this submission to open-source
- [x] My code follows the code style of this project.
- [x] My change requires changes to the documentation.
- [x] I have updated the documentation accordingly.
- [x] All new and existing tests passed.
- [x] This PR does not contain plagiarized content.
- [x] The title of my pull request is a short description of the requested changes.
Note to reviewers
- Some of tests are a bit flaky on my local machine - but all relevant and new tests should pass
- I have updated documentation where applicable (I think) - let me know if I've missed anywhere
- This PR only affects polling a git repo - not via webhooks. I am not sure whether you think webhooks + tag is a strong use case. If you want, I can look into that use case as well.