HCL2 support? - Githubissues

hashicorp / vault

A tool for secrets management, encryption as a service, and privileged access management

https://www.vaultproject.io/

Other

31.16k stars 4.21k forks source link

HCL2 support? #5318

Closed tamalsaha closed 4 years ago

tamalsaha commented 6 years ago

I curious to know what are the plans for supporting HCL2 in Vault? If yes, is there a tentative timeline (6 months? 1 yr?) for that?

My use-case is that I want to overwrite a HCL file with another HCL file. Currently I am trying to do that by converting them to Json, then overwrite in json format and then convert back to HCL. Unfortunately Vault rejects the merged json/hcl format. Given HCL2 will be 1-1 with Json, this problem should go away.

chrishoffman commented 6 years ago

HCL is already JSON compatible so I am not sure the issue you are running into. It would be good to see what a generated policy looks like to help identify the issue.

nightfury1204 commented 6 years ago

For example: config1:

listener "tcp" {
  address = "0.0.0.0:8200"
}

storage "file" {
  path = "/home/ac/go/src/github.com/kubevault/hq/dist/vault/data"
}

disable_mlock= true

ui = true

config2:

listener "tcp" {
  address = "127.0.0.1:8200"
}

After merge operation: mergedJson:

{
  "disable_mlock": true,
  "listener": [
    {
      "tcp": [
        {
          "address": "127.0.0.1:8200"
        }
      ]
    }
  ],
  "storage": [
    {
      "file": [
        {
          "path": "/home/ac/go/src/github.com/kubevault/hq/dist/vault/data"
        }
      ]
    }
  ],
  "ui": true
}

mergedHcl:

"disable_mlock" = true

"listener" = {
  "tcp" = {
    "address" = "127.0.0.1:8200"
  }
}

"storage" = {
  "file" = {
    "path" = "/home/ac/go/src/github.com/kubevault/hq/dist/vault/data"
  }
}

"ui" = true

jefferai commented 6 years ago

I'm not sure what you're using to convert but it's making the storage block into an array. It should be a straight dict.

nightfury1204 commented 6 years ago

step 1: used github.com/hashicorp/hcl this library to Unmarshal hcl into map[string]interface{}.
step 2: used github.com/appscode/mergo this library to merge the maps.
step 3: used json.Marshal() to get json of the merged maps.
step 4: used github.com/hashicorp/hcl/json/parser to parse the json .
step 5: used github.com/hashicorp/hcl/hcl/printer to write ast in file. code can be found here https://github.com/kubevault/hq/blob/mrg/main.go#L50

raskchanky commented 4 years ago

There are no plans that I'm currently aware of to support HCL2. That doesn't mean it won't happen, just that it's not high on the priority list. I'm going to close this for now, as I don't see that there's much for us to do here.