fix(cli): honor server graph for policy tooling

2026-06-15 01:55:13 +02:00 · 2026-06-01 21:55:05 +02:00 · 2026-06-01 21:55:05 +02:00 · b1cbb96197
commit b1cbb96197
parent 4bf3f3fd14
4 changed files with 86 additions and 19 deletions
--- a/crates/omnigraph-cli/src/main.rs
+++ b/crates/omnigraph-cli/src/main.rs
@ -800,21 +800,17 @@ struct ResolvedPolicyContext {
 }

 fn resolve_policy_context(config: &OmnigraphConfig) -> Result<ResolvedPolicyContext> {
-    let selected = config.cli_graph_name().map(str::to_string);
-    config.resolve_graph_selection(selected.as_deref())?;
+    let selected = config.resolve_policy_tooling_graph_selection()?;
    let policy_file = config
-        .resolve_policy_file_for(selected.as_deref())
+        .resolve_policy_file_for(selected)
        .ok_or_else(|| {
            color_eyre::eyre::eyre!(
                "policy.file or graphs.<name>.policy.file must be set in omnigraph.yaml"
            )
        })?;
-    let graph_id = match selected.as_deref() {
+    let graph_id = match selected {
        Some(name) => graph_resource_id_for_selection(Some(name), ""),
-        None => {
-            let anonymous_graph_id = anonymous_policy_graph_id(config)?;
-            graph_resource_id_for_selection(None, &anonymous_graph_id)
-        }
+        None => graph_resource_id_for_selection(None, "default"),
    };
    Ok(ResolvedPolicyContext {
        policy_file,
@ -871,16 +867,6 @@ fn normalize_policy_graph_uri(uri: &str) -> Result<String> {
    }
 }

-fn anonymous_policy_graph_id(config: &OmnigraphConfig) -> Result<String> {
-    let raw_uri = config
-        .resolve_target_uri(None, None, config.server_graph_name())
-        .or_else(|_| config.resolve_target_uri(None, None, config.cli_graph_name()));
-    match raw_uri {
-        Ok(uri) => normalize_policy_graph_uri(&uri),
-        Err(_) => Ok("default".to_string()),
-    }
-}
-
 fn resolve_remote_bearer_token(
    config: &OmnigraphConfig,
    explicit_uri: Option<&str>,
@ -3483,6 +3469,30 @@ server:
        assert!(context.policy_file.ends_with("server-policy.yaml"));
    }

+    #[test]
+    fn graph_identity_resolve_policy_context_anonymous_uses_top_level_default_identity() {
+        let temp = tempdir().unwrap();
+        let config_path = temp.path().join("omnigraph.yaml");
+        fs::write(
+            &config_path,
+            r#"
+project:
+  name: misleading-project
+graphs:
+  local:
+    uri: /tmp/local-policy-graph.omni
+policy:
+  file: ./top-policy.yaml
+"#,
+        )
+        .unwrap();
+
+        let config = load_config(Some(&config_path)).unwrap();
+        let context = resolve_policy_context(&config).unwrap();
+        assert_eq!(context.graph_id, "default");
+        assert!(context.policy_file.ends_with("top-policy.yaml"));
+    }
+
    #[test]
    fn graph_identity_resolve_cli_graph_named_target_uses_graph_key_not_project_name_or_uri() {
        let temp = tempdir().unwrap();