Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support JSON values for secretKey #126

Merged
merged 3 commits into from
Jan 11, 2022
Merged

Conversation

tomhjp
Copy link
Contributor

@tomhjp tomhjp commented Jan 10, 2022

Resolves #115 and based on code from #122. You can put arbitrary JSON data into kv's values (and theoretically other secret engines could do the same) using a JSON file and a command like vault kv put secret/test @test.json, and this PR allows vault-csi-provider to specifically select that JSON data without having to escape your secret JSON into a big ugly string when storing it in Vault.

This PR does not address arbitrary paths within the JSON though. Vault's API itself enforces that the top-level data object is a map, and users should be able to select any single top-level key from that object.

Strings remain special-cased so that we continue to write string values without wrapping them in quotes.

@agates4
Copy link

agates4 commented Jan 10, 2022

Hey Tom, this looks great to me. Thanks for the thorough changes and response!

internal/provider/provider.go Show resolved Hide resolved
internal/provider/provider.go Show resolved Hide resolved
@tomhjp tomhjp merged commit b7fe26f into master Jan 11, 2022
@tomhjp tomhjp deleted the support-embedded-json-data branch January 11, 2022 11:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

fetching complex JSON from Vault
3 participants