ACLs render incorrectly when using attributes filters - Githubissues

voxpupuli / puppet-rundeck

Module for managing the installatation and configuration of the rundeck orchestration tool

https://forge.puppet.com/puppet/rundeck

MIT License

39 stars 128 forks source link

ACLs render incorrectly when using attributes filters #512

Closed nosrio closed 1 year ago

nosrio commented 1 year ago

When creating an acl to filter using nodes attributes the acl file is rendered incorrectly

Affected Puppet, Ruby, OS and module versions/distributions

Puppet: 7
Ruby:
Distribution:
Module version: 8

How to reproduce (e.g Puppet code you use)

Using this ACL

rundeck::config::aclpolicyfile { 'read-qa-nodes':
  acl_policies => [
     {
        'description' => 'Read qa nodes',
        'context' => {
          'project' => '.*'
        },
        'for' => {
          'node' => [
            { 'match' => { 'environment' => 'qa' }, 'allow' => ['read'] }
          ]
        },
        'by' => [
          { 'group' => ['qa'] }
        ]
      }
  ]
}

What are you seeing

The ACL rendered is this:

description: 'Read qa nodes'
context:
  project: '.*'
for:
  node:
    - match:
      environment: 'qa'    ### <-- THIS IS INCORRECT
      allow: ["read"]
by:
  group:
    - 'qa'

What behaviour did you expect instead

The ACL should be this (with the extra indent)

description: 'Read qa nodes'
context:
  project: '.*'
for:
  node:
    - match:
        environment: 'qa'
      allow: ["read"]
by:
  group:
    - 'qa'

Output log

Any additional information you'd like to impart