This repository has been archived by the owner on Jul 2, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 4
Slim down client from the problematic hashicorp/vault dependency #23
Merged
wojciecholszewski-form3
merged 14 commits into
master
from
wojciech-bump-hashicorp-vault-version
Aug 20, 2020
Merged
Slim down client from the problematic hashicorp/vault dependency #23
wojciecholszewski-form3
merged 14 commits into
master
from
wojciech-bump-hashicorp-vault-version
Aug 20, 2020
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rkorkosz
previously approved these changes
Aug 20, 2020
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
Great changes! |
owenrumney
previously approved these changes
Aug 20, 2020
wojciecholszewski-form3
dismissed stale reviews from owenrumney and rkorkosz
via
August 20, 2020 13:14
21c0e4a
wojciecholszewski-form3
force-pushed
the
wojciech-bump-hashicorp-vault-version
branch
from
August 20, 2020 13:14
ddd585f
to
21c0e4a
Compare
owenrumney
approved these changes
Aug 20, 2020
wojciecholszewski-form3
deleted the
wojciech-bump-hashicorp-vault-version
branch
August 20, 2020 13:27
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Objective
The purpose of this PR is to slim down the client from the problematic
hashicorp/vault
dependency to mitigate the following issues:1. hashicorp/vault package management
The hashicorp/vault repository is organized in a way that
hashicorp/vault/api
&hashicorp/vault/sdk
are configured as individual modules. According to the hashicorp/vault maintainers, onlyapi
andsdk
should be imported. Other packages are consideredinternal
and shouldn't be imported.See thread
2. hashicorp/vault package versioning
Politely speaking packages versioning there is messed up. The most recent, at the moment of writing, release tagged
v1.5.0
requiresgithub.com/hashicorp/vault/api v1.0.5-0.20200630205458-1a16f3c699c6
, which is impossible to resolve because1a16f3c699c6
revision is not on the v.1.5.0 tag 🤷♂️ 😅TL;DR Whenever we import
hashicorp/vault
we have to deal with the messed up versioning and fix it ourselves by incorporating thereplace
directive (see issue). Examples (only a few, I believe there are more):Conclusions
hashicorp/vault
is solely imported by the tests. The regular client doesn't need it.hashicorp/vault
pollutes the maingo.mod
with the dependency which is imported by the tests only.hashicorp/vault
and importhashicorp/vault/{api,sdk}
only.Solution
Move the tests to the own module and isolate the
hashicorp/vault
to the scope of the tests only. Ultimately the list of client dependencies is much thinner and contains only a few entries.Before: (the most recent commit on master at the moment of writing 50d2e128f7fe83ea61ba912c115839a5398e343e)
After: (commit ad25fc86f644ed1e87684daf9b191cf631bb2557)