Open Dziubey opened 2 years ago
I can duplicate this, though I currently see a slightly different exception.
path "sys/auth" {
capabilities = ["read"]
}
parses;
path "sys/auth"
{
capabilities = ["read"]
}
generates an exception.
raise UnexpectedCharacters(lex_state.text, line_ctr.char_pos, line_ctr.line, line_ctr.column,
lark.exceptions.UnexpectedCharacters: <exception str() failed>
This appears to fix the problem:
--- a/hcl2/hcl2.lark
+++ b/hcl2/hcl2.lark
@@ -1,7 +1,7 @@
start : body
body : (new_line_or_comment? (attribute | block))* new_line_or_comment?
attribute : identifier "=" expression
-block : identifier (identifier | STRING_LIT)* "{" body "}"
+block : identifier (identifier | STRING_LIT)* new_line_or_comment? "{" body "}"
new_line_and_or_comma: new_line_or_comment | "," | "," new_line_or_comment
new_line_or_comment: ( /\n/ | /#.*\n/ | /\/\/.*\n/ )+
We have recently discovered that some of our users have been deploying Vault policies formatted like below, where the opening curly bracket is placed below the line:
However, Vault accepts that as a valid HCL whether you use CLI, UI or Terraform for the deployment. When parsing this to hcl2, it throws the following error:
We are using python-hcl2 to create a policy object and then lookup its capabilities. This works very well for most of the policies, but there are some formatted like above that can't be properly parsed. Is there a way to fix this. or an easy workaround other than manipulating the policy with some regex before pushing to hcl2?