mirror of
https://github.com/kemko/nomad.git
synced 2026-01-08 11:25:41 +03:00
e16a3339ad
* Add ent policy enforcement stubs to CSI Volume create/register * Wire policy override/warnings through CSI volume register/create * Add new scope to sentinel apply * Sanitize CSISecrets & CSIMountOptions * Add sentinel policy scope to ui * Update docs for new sentinel scope/policy * Create new api funcs for CSI endpoints * fix sentinel csi ui test * Update sentinel-policy docs * Add changelog * Update docs from feedback
106 lines
3.0 KiB
Handlebars
106 lines
3.0 KiB
Handlebars
{{!
|
|
Copyright (c) HashiCorp, Inc.
|
|
SPDX-License-Identifier: BUSL-1.1
|
|
~}}
|
|
|
|
<form class="acl-form" autocomplete="off" {{on "submit" this.save}}>
|
|
{{#if @policy.isNew }}
|
|
<Hds::Form::TextInput::Field
|
|
@isRequired={{true}}
|
|
data-test-policy-name-input
|
|
@value={{@policy.name}}
|
|
{{on "input" this.updatePolicyName}}
|
|
{{autofocus}}
|
|
as |F|>
|
|
<F.Label>Policy Name</F.Label>
|
|
</Hds::Form::TextInput::Field>
|
|
{{/if}}
|
|
|
|
<div class="boxed-section">
|
|
<div class="boxed-section-head">
|
|
Policy Definition
|
|
</div>
|
|
<div class="boxed-section-body is-full-bleed">
|
|
<div
|
|
class="policy-editor"
|
|
data-test-policy-editor
|
|
{{code-mirror
|
|
screenReaderLabel="Policy definition"
|
|
theme="hashi"
|
|
mode="ruby"
|
|
content=@policy.policy
|
|
onUpdate=this.updatePolicy
|
|
autofocus=false
|
|
extraKeys=(hash Cmd-Enter=this.save)
|
|
}} />
|
|
</div>
|
|
</div>
|
|
|
|
<div>
|
|
<label>
|
|
<span>
|
|
Description (optional)
|
|
</span>
|
|
<Input
|
|
data-test-policy-description
|
|
@value={{@policy.description}}
|
|
class="input"
|
|
/>
|
|
</label>
|
|
</div>
|
|
|
|
<div>
|
|
<Hds::Form::Radio::Group @layout="horizontal" @name="method-demo1" {{on "change" this.updatePolicyEnforcementLevel}} as |G|>
|
|
<G.Legend>Enforcement Level</G.Legend>
|
|
<G.HelperText>See <Hds::Link::Inline @href="https://developer.hashicorp.com/sentinel/docs/concepts/enforcement-levels">Sentinel Policy documentation</Hds::Link::Inline> for more information.</G.HelperText>
|
|
<G.RadioField
|
|
@id="advisory"
|
|
checked={{eq @policy.enforcementLevel "advisory"}}
|
|
data-test-enforcement-level="advisory"
|
|
as |F|>
|
|
<F.Label>Advisory</F.Label>
|
|
</G.RadioField>
|
|
<G.RadioField
|
|
@id="soft-mandatory"
|
|
checked={{eq @policy.enforcementLevel "soft-mandatory"}}
|
|
data-test-enforcement-level="soft-mandatory"
|
|
as |F|>
|
|
<F.Label>Soft Mandatory</F.Label>
|
|
</G.RadioField>
|
|
<G.RadioField
|
|
@id="hard-mandatory"
|
|
checked={{eq @policy.enforcementLevel "hard-mandatory"}}
|
|
data-test-enforcement-level="hard-mandatory"
|
|
as |F|>
|
|
<F.Label>Hard Mandatory</F.Label>
|
|
</G.RadioField>
|
|
</Hds::Form::Radio::Group>
|
|
</div>
|
|
|
|
<div>
|
|
<Hds::Form::Radio::Group @layout="horizontal" @name="method-demo1" {{on "change" this.updatePolicyScope}} as |G|>
|
|
<G.Legend>Scope</G.Legend>
|
|
<G.RadioField @id="submit-job" checked={{eq @policy.scope "submit-job"}} data-test-scope="submit-job" as |F|>
|
|
<F.Label>Submit Job</F.Label>
|
|
</G.RadioField>
|
|
<G.RadioField @id="submit-host-volume" checked={{eq @policy.scope "submit-host-volume"}} data-test-scope="submit-host-volume" as |F|>
|
|
<F.Label>Submit Host Volume</F.Label>
|
|
</G.RadioField>
|
|
<G.RadioField @id="submit-csi-volume" checked={{eq @policy.scope "submit-csi-volume"}} data-test-scope="submit-csi-volume" as |F|>
|
|
<F.Label>Submit CSI Volume</F.Label>
|
|
</G.RadioField>
|
|
</Hds::Form::Radio::Group>
|
|
</div>
|
|
|
|
<footer>
|
|
{{#if (can "update sentinel-policy")}}
|
|
<Hds::Button
|
|
@text="Save Policy"
|
|
@type="submit"
|
|
data-test-save-policy
|
|
{{on "click" this.save}}
|
|
/>
|
|
{{/if}}
|
|
</footer>
|
|
</form>
|