Use precompiled regexes and move OpenAPI call to tests #15170
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
averche
reviewed
Apr 25, 2022
VinnyHC
reviewed
Apr 25, 2022
averche
reviewed
Apr 25, 2022
averche
reviewed
Apr 25, 2022
digivava
requested review from
averche and
VinnyHC
and removed request for
VinnyHC
averche
approved these changes
Apr 26, 2022
VinnyHC
approved these changes
Apr 26, 2022
digivava
added a commit
that referenced
this pull request
Apr 27, 2022
…#14899) * WIP: output policy * Outputs example policy HCL for given request * Simplify conditional * Add PATCH capability * Use OpenAPI spec and regex patterns to determine if path is sudo * Add test for isSudoPath * Add changelog * Fix broken CLI tests * Add output-policy to client cloning code * Smaller fixes from PR comments * Clone client instead of saving and restoring custom values * Fix test * Address comments * Don't unset output-policy flag on KV requests otherwise the preflight request will fail and not populate LastOutputPolicyError * Print errors saved in buffer from preflight KV requests * Unescape characters in request URL * Rename methods and properties to improve readability * Put KV-specificness at front of KV-specific error * Simplify logic by doing more direct returns of strings and errors * Use precompiled regexes and move OpenAPI call to tests * Remove commented out code * Remove legacy MFA paths * Remove unnecessary use of client * Move sudo paths map to plugin helper * Remove unused error return * Add explanatory comment * Remove need to pass in address * Make {name} regex less greedy * Use method and path instead of info from retryablerequest * Add test for IsSudoPaths, use more idiomatic naming * Use precompiled regexes and move OpenAPI call to tests (#15170) * Use precompiled regexes and move OpenAPI call to tests * Remove commented out code * Remove legacy MFA paths * Remove unnecessary use of client * Move sudo paths map to plugin helper * Remove unused error return * Add explanatory comment * Remove need to pass in address * Make {name} regex less greedy * Use method and path instead of info from retryablerequest * Add test for IsSudoPaths, use more idiomatic naming * Make stderr writing more obvious, fix nil pointer deref
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The
digivava/output-policybranch currently grabs the sudo paths from the OpenAPI spec at runtime.This way, like @averche 's suggestion, the sudo paths will be a static list which we will update only when the TestSudoPaths test fails.
The keys in the
sudoPathsmap are strings so we can quickly grab a URL by its string-key name in the scenario where no regex matching is needed, and so that anyone who wants a list of sudo paths can fetch it from this endpoint in the format the OpenAPI spec originally returned. The values of the map are regexes, so that consumers of the map can do regex matching when needed.