Remove comma separated path support#117
Conversation
This feature does not make sense. A node should only have one role anyway. Also, the feature breaks using '/' as a path.
|
Can you explain more about the issue you are trying to solve? The feature you are proposing removing has uses besides the example of multiple roles (whether people should be doing that or not). Removing it could be disruptive. |
yakatz
left a comment
There was a problem hiding this comment.
Needs a better justification for why this change is necessary.
|
The issue with the current For our use case, the root path (
For example, with a path list like:
We can resolve secrets like this in profile::cool::access_key: "%{lookup('provider/s3/access-keys/fancy-prd.key')}"This would map to the vault path We’re migrating all our secrets to explicit lookups, and this path list allows us to do it gradually, rather than in a big-bang migration. However, the current implementation makes this difficult. #83 addresses this issue but introduces new problems, such as breaking the comma-separated path functionality. To preserve both the root path and comma separation, we could add a simple check at the start: if path == '/'
allowed_paths += ['/']
next
endThis ensures |
|
Thank you for the detail. If you can open a PR with just a fix for the problem and not break existing features, that would be great. |
Pull Request (PR) description
This feature does not make sense. A node should only have one role anyway.
This Pull Request (PR) fixes the following issues
Can not use '/' as a path.