Skip to content

Add fragment reference from_image command #9459

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
DomAyre wants to merge 8 commits into
base: main
Choose a base branch
from
Draft

Add fragment reference from_image command #9459

DomAyre wants to merge 8 commits into from

Conversation

@DomAyre
Copy link
Contributor

@DomAyre DomAyre commented Dec 7, 2025

Why

Allows the user to generate the fragment reference rego for building policies and insert that in the final policy.

How

  • Add a command to generate the fragment reference
  • Add the --with-fragments flag to acipolicygen
  • Add testing

This checklist is used to make sure that common guidelines for a pull request are followed.

Related command

General Guidelines

  • Have you run azdev style <YOUR_EXT> locally? (pip install azdev required)
  • Have you run python scripts/ci/test_index.py -q locally? (pip install wheel==0.30.0 required)
  • My extension version conforms to the Extension version schema

@azure-client-tools-bot-prd
Copy link

azure-client-tools-bot-prd bot commented Dec 7, 2025
edited
Loading

⚠️Azure CLI Extensions Breaking Change Test
⚠️confcom
rule cmd_name rule_message suggest_message
⚠️ 1006 - ParaAdd confcom acifragmentgen cmd confcom acifragmentgen added parameter out_signed_fragment
⚠️ 1006 - ParaAdd confcom acipolicygen cmd confcom acipolicygen added parameter fragment_definitions
⚠️ 1011 - SubgroupAdd confcom fragment sub group confcom fragment added

@yonzhan
Copy link
Collaborator

yonzhan commented Dec 7, 2025

Thank you for your contribution! We will review the pull request and get back to you soon.

@azure-client-tools-bot-prd
Copy link

azure-client-tools-bot-prd bot commented Dec 7, 2025

Hi @DomAyre,
Please write the description of changes which can be perceived by customers into HISTORY.rst.
If you want to release a new extension version, please update the version in setup.py as well.

@github-actions
Copy link

github-actions bot commented Dec 7, 2025

The git hooks are available for azure-cli and azure-cli-extensions repos. They could help you run required checks before creating the PR.

Please sync the latest code with latest dev branch (for azure-cli) or main branch (for azure-cli-extensions).
After that please run the following commands to enable git hooks:

pip install azdev --upgrade
azdev setup -c <your azure-cli repo path> -r <your azure-cli-extensions repo path>

@yonzhan yonzhan requested a review from jsntcy December 7, 2025 23:15
@DomAyre DomAyre force-pushed the fragment-reference-from-image branch from 3612a9b to 19e9e16 Compare December 8, 2025 10:17
@github-actions
Copy link

github-actions bot commented Dec 8, 2025

@DomAyre DomAyre force-pushed the fragment-reference-from-image branch 4 times, most recently from 819a575 to 403c16f Compare December 8, 2025 17:51
@DomAyre
Restore the behaviour of --upload-fragment for acifragmentgen (#13)
646e4a5 
Addresses
- Azure#9222

- [x] Update the code to restore the "attach to first image in input" behaviour
- [x] Add two new commands: `fragment push` and `fragment attach` to allow the user to explicitly do one or the other (or both!)
- [x] Add new tests which run a local docker registry, and test that the fragments are generated, signed, pushed and attached as expected (as well as the default behaviour)

---

This checklist is used to make sure that common guidelines for a pull request are followed.

<!--- Please provide the related command with az {command} if you can, so that we can quickly route to the related person to review. --->

- [x] Have you run `azdev style <YOUR_EXT>` locally? (`pip install azdev` required)
- [x] Have you run `python scripts/ci/test_index.py -q` locally? (`pip install wheel==0.30.0` required)
- [x] My extension version conforms to the [Extension version schema](https://github.com/Azure/azure-cli/blob/release/doc/extensions/versioning_guidelines.md)
@DomAyre
Add fragment references from_image command
be3520d
@DomAyre
Add tests
f5544d4
@DomAyre
Fix style failures
fd25c51
@DomAyre
Rename fragment reference lib code file
22d7889
@DomAyre
Fix style and linter issues
9be0f11
@DomAyre
Fix comamnd without opa
7115f86
@DomAyre DomAyre force-pushed the fragment-reference-from-image branch from 403c16f to 7115f86 Compare December 16, 2025 16:07
@DomAyre DomAyre mentioned this pull request Dec 16, 2025
Open
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jsntcy jsntcy Awaiting requested review from jsntcy

@kairu-ms kairu-ms Awaiting requested review from kairu-ms kairu-ms will be requested when the pull request is marked ready for review kairu-ms is a code owner

@wangzelin007 wangzelin007 Awaiting requested review from wangzelin007 wangzelin007 will be requested when the pull request is marked ready for review wangzelin007 is a code owner

Copilot code review Copilot Awaiting requested review from Copilot Copilot will automatically review once the pull request is marked ready for review

At least 1 approving review is required to merge this pull request.

Assignees

@kairu-ms kairu-ms

Labels

None yet

Projects

None yet

Milestone

January 2026 (2026-01-13)

Development

Successfully merging this pull request may close these issues.

3 participants

@DomAyre @yonzhan @kairu-ms