Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Operator: Support JSON-formatted Vault policies #978

Merged
merged 2 commits into from
May 14, 2020
Merged

Operator: Support JSON-formatted Vault policies #978

merged 2 commits into from
May 14, 2020

Conversation

chrlwrd
Copy link
Contributor

@chrlwrd chrlwrd commented May 13, 2020
edited

Q A
Bug fix? no
New feature? yes
API breaks? no
Deprecations? no
Related tickets fixes #979
License Apache 2.0

What's in this PR?

This adds support for Vault Policies to be provided as JSON strings, in addition to HCL-formatted strings. Current behaviour tries to use an HCL formatter to make it pretty, which won't work for JSON!

This change makes the operator attempt to parse the policy (with a Vault function which parses both JSON and HCL) and if it succeeds, applies it.

Why?

Vault supports policies in both HCL and JSON format so the operator should too!

Additional context

Our policies were becoming boilerplate-y and less maintainable so we decided to generate them via Jsonnet, where it's significantly easier to template JSON than HCL.

This has been tested with valid JSON and HCL policies and both are created successfully.

Checklist

@CLAassistant
Copy link

CLAassistant commented May 13, 2020
edited

CLA assistant check
All committers have signed the CLA.

@chrlwrd chrlwrd mentioned this pull request May 13, 2020
Closed
@chrlwrd chrlwrd marked this pull request as ready for review May 13, 2020 16:09
@bonifaido bonifaido self-requested a review May 14, 2020 07:11
@bonifaido bonifaido self-assigned this May 14, 2020
@bonifaido bonifaido requested a review from pbalogh-sa May 14, 2020 07:11
bonifaido
bonifaido approved these changes May 14, 2020
View reviewed changes
Copy link
Member

@bonifaido bonifaido left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks very much @chrlwrd !

@primeroz
Copy link
Collaborator

Good Job @chrlwrd , i won't approve since i work with him but i am glad to bring him on board on this project!

@bonifaido
Copy link
Member

Ah geat, nice job! Welcome!

@bonifaido bonifaido merged commit 2ab4b69 into bank-vaults:master May 14, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bonifaido bonifaido bonifaido approved these changes

@pbalogh-sa pbalogh-sa Awaiting requested review from pbalogh-sa

Assignees

@bonifaido bonifaido

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Operator: Add support for JSON-formatted Vault policies
4 participants
@chrlwrd @CLAassistant @primeroz @bonifaido