This repository has been archived by the owner on Jan 25, 2023. It is now read-only.
Add support for defining encryption key #11
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
josh-padnick
suggested changes
May 24, 2018
modules/run-consul/run-consul
Outdated
| @@ -150,6 +151,7 @@ function generate_consul_config { | |||
| local readonly user="$4" | |||
| local readonly cluster_tag_name="$5" | |||
| local readonly cluster_size_instance_metadata_key_name="$6" | |||
| local readonly encrypt="$7" | |||
There was a problem hiding this comment.
Let's use a var name like encrypt_key so users don't confuse this with a boolean.
modules/run-consul/run-consul
Outdated
| @@ -341,7 +354,8 @@ function run { | |||
| "$config_dir" \ | |||
| "$user" \ | |||
| "$cluster_tag_name" \ | |||
| "$CLUSTER_SIZE_INSTANCE_METADATA_KEY_NAME" | |||
| "$CLUSTER_SIZE_INSTANCE_METADATA_KEY_NAME" \ | |||
| "$encrypt" | |||
There was a problem hiding this comment.
My concern with this line is that if we add any additional vars in the future and $encrypt is empty, the Bash function will ignore $encrypt entirely and the function arguments won't be passed to the correct argument position. Therefore, we need a null equivalent in Bash, but since Bash doesn't give us one, we should define a readonly var at the top like this:
readonly EMPTY_VAL="__EMPTY__"Then we replace
local encrypt=""with
local encrypt="$EMPTY_VAL"Finally, we can update the code as follows:
# old
local encrypt_config=""
if [[ "$encrypt" != "" ]]; then
encrypt_config="\"encrypt\": \"$encrypt\","
fi
...
"ui": true,
$encrypt_config,
...# new
if [[ "$encrypt" == "$EMPTY_VAL" ]]; then
encrypt=""
fi
...
"ui": true,
"encrypt": "$encrypt",
...
josh-padnick
approved these changes
May 24, 2018
|
Alright, just uploaded the changes and manually validated so we're good now. Merging! |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds a CLI flag for defining encryption keys to Consul configuration. This is a non-breaking change as
encryptkey uses an empty string as a default value.