-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add P2F docs for using custom templates #391
Conversation
ee50e7c
to
f3ac451
Compare
a6cbfb6
to
d38e934
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great! Just need to wait for #390 now
a29a4c7
to
c68b74e
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice work on documenting the custom template function!
Just a couple of minor comments, otherwise looks good-to-go.
``` | ||
{"api-url":"value-dev/redis/api-url","admin-username":"value-dev/redis/username","admin-password | ||
":"value-dev/redis/password"} | ||
username | admin |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we need a couple of words before this example secret file output, e.g. "The Secrets Provider will create a secret file with the content:" or something like that.
Same comment applies to other sample custom template output below.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added this in. For each custom template example, I made sure to include the conjur.org/secret-file-path
annotation, because it's required as of now, and I didn't want to spark confusion. Added comments before the output snippets:
Secrets Provider will render the following content for the file
/conjur/secrets/<added-file>
conjur.org/secret-file-path.cache: "./testdata/redis.sh" | ||
conjur.org/secret-file-format.cache: "bash" | ||
conjur.org/secret-file-template.iterative-reference: | | ||
{{- range $index, $secret := .SecretsArray -}} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It might help users to have some background context for the .SecretsArray
reference here. Maybe something like:
"Here, the .SecretsArray
is a reference to Secrets Provider's internal array of secrets that have been retrieved from Conjur. For each entry in this array, there is a secret Alias
and a secret Value
field that can be referenced in the custom template."
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh, good idea. Added!
c68b74e
to
b233f69
Compare
a12a19c
to
fb0c8b6
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approving, but there is one minor typo, otherwise GTG!
PUSH_TO_FILE.md
Outdated
|
||
Here, `.SecretsArray` is a reference to Secret Provider's internal array of | ||
secrets that have been retrieved from Conjur. For each entry in this array, | ||
there is a secret `Alias` and `Value` field tat can be referenced in the custom |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you have to rebase anyway, there's a typo: tat can be referenced
should be that can be referenced
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rats, my bad. Fixed, rebased, and (officially) opened for review.
fb0c8b6
to
6922ede
Compare
Code Climate has analyzed commit 6922ede and detected 0 issues on this pull request. The test coverage on the diff in this pull request is 100.0% (50% is the threshold). This pull request will bring the total coverage in the repository to 91.4% (0.0% change). View more on Code Climate. |
Depends on #390
Desired Outcome
From ONYX-14031:
Implemented Changes
Makes a few additions to
PUSH_TO_FILE.md
:Reference Table of Configuration Annotations
forconjur.org/secret-file-template.{secret-group}
Custom Templates For Secret Files
, which includestext/template
packageConnected Issue/Story
CyberArk internal issue link: ONYX-14031
Definition of Done
At least 1 todo must be completed in the sections below for the PR to be
merged.
Changelog
CHANGELOG update
Test coverage
changes, or
Documentation
README
s) were updated in this PRBehavior
Security