sentinel: remove default scope for Sentinel apply command (#24601)

When we add a Sentinel scope for dynamic host volumes, having a default `-scope` value for `sentinel apply` risks accidentally adding policies for volumes to the job scope. This would immediately prevent any job from being submitted. Forcing the administrator to pass a `-scope` will prevent accidental misuse. Ref: https://github.com/hashicorp/nomad-enterprise/pull/2087 Ref: https://github.com/hashicorp/nomad/pull/24479
2026-01-01 16:05:42 +03:00 · 2024-12-03 14:30:15 -05:00
parent d700538921
commit 787fbbe671
3 changed files with 23 additions and 3 deletions
--- a/api/sentinel.go
+++ b/api/sentinel.go
@@ -82,3 +82,9 @@ type SentinelPolicyListStub struct {
 	CreateIndex      uint64
 	ModifyIndex      uint64
 }
+
+// Possible Sentinel scopes
+const (
+	SentinelScopeSubmitJob        = "submit-job"
+	SentinelScopeSubmitHostVolume = "submit-host-volume"
+)