OPA rules - implications and explanation

[NathanDotTo]

In the bin/config_build.sh we have:

# Uncomment the line below if you want to enforce the OPA rules in `config/policy/config.rego`
#set -e

That probably needs some additional explanation, but I am not sure how to explain that. Any ideas please?

[ljakab]

https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html

When there are multiple commands in a script, if one fails, by default Bash continues with the next, and the exit code of the failed command is lost. By setting set -e we instruct Bash to exit the script after a failed command. So if bin/config_build.sh right now the script will continue even if checks fail. If we un-comment that line, that won't be the case anymore.