From #150
As Amos says:
The tricky part is to decide what unit of code is covered by an annotation I suppose.. (the entire subtree?)
I don't have a good answer on the spot, but some motivating examples:
- as specifying a workflow that on happens in GitHub Actions
r[dist.upload]
A newly built package must be made available immediately via the distribution.
- name: Clear cache # r[impl dist.upload]
run: aws cloudfront create-invalidation --distribution-id=EGADSAD15TR0 --paths '/package-name/*'
- as tests against Kubernetes policies
r[policy.load-balancers]
An internal namespace must not allow load balancers to be created.
// r[impl policy.load-balancers]
new k8s.core.v1.ResourceQuota({
metadata: {
name: 'no-load-balancers',
namespace: 'internal',
},
spec: {
hard: {
'services.loadbalancers': '0',
},
},
});# in tests/fixtures/LoadBalancer.yaml
---
# r[verify policy.load-balancers]: should fail
apiVersion: v1
kind: Service
metadata:
name: example-service
namespace: internal
spec:
selector:
app: example
ports:
- port: 8765
targetPort: 9376
type: LoadBalancer
From #150
As Amos says:
I don't have a good answer on the spot, but some motivating examples: