Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for Summon environments #44

Closed
izgeri opened this issue Dec 3, 2019 · 2 comments · Fixed by #111
Closed

Add support for Summon environments #44

izgeri opened this issue Dec 3, 2019 · 2 comments · Fixed by #111
Assignees
@BradleyBoutcher
Labels
component/pcf good-first-issue kind/enhancement

Comments

@izgeri
Copy link
Contributor

izgeri commented Dec 3, 2019
edited
Loading

Summon supports an environment flag which allows you to specify different variables for different app environments (eg dev, prod, etc)

The secrets.yml syntax in that case would look something like this:

common:
  ACCOUNT: my-account
  SHARED_PASSWORD: SuperSecret

dev:
  CLUSTER_NAME: !var dev/cluster-name
  ZONE: !var dev/zone

prod:
  CLUSTER_NAME: !var prod/cluster-name
  ZONE: !var prod/zone

where the variables in common are loaded regardless of environment and the variables in dev / prod are only loaded when the environment specified is dev or prod (respectively).

The buildpack should support an environment variable (perhaps SUMMON_ENV_KEY_NAME as here?) that allows the user to specify the value of environment the buildpack should use to load the correct variables for the app env.
@izgeri
Copy link
Contributor Author

izgeri commented Dec 3, 2019

Note that the conjur-env binary that is built into the buildpack uses the Summon secretsyml library to parse the Summon configuration from file here, and in the Summon binary the same secretsyml command is used to parse a file except it passes in the value of the environment configuration parameter here

This fix should involve updating the conjur-env binary to check for the SUMMON_ENV_KEY_NAME environment variable and to pass it to the ParseFromFile command, if it exists.

@sgnn7
Copy link
Contributor

sgnn7 commented Apr 6, 2020

@izgeri I would amend your comment a bit:

  • SUMMON_ENV_KEY_NAME is what ends up in the child process env as a variable that holds the env that you set
  • -e/--environment is the actual flag that you pass to summon to set it

If we have to set a variable to pass into a binary of ours, it would make sense that we call it just <name>_ENV (e.g. SUMMON_ENV or CONJUR_ENV) or just ENVIRONMENT.

@izgeri izgeri modified the milestones: There is an updated release of the TAS tile - Milestone 1, There is an updated release of the TAS tile - Milestone 2 Jul 6, 2020
@izgeri izgeri removed this from the There is an updated release of the TAS tile - Milestone 2 milestone Nov 19, 2020
@izgeri izgeri removed this from the Tanzu Maintainability Enhancements milestone Jan 6, 2021
@BradleyBoutcher BradleyBoutcher self-assigned this Jan 26, 2021
@BradleyBoutcher BradleyBoutcher mentioned this issue Jan 27, 2021
Merged
6 tasks
@izgeri izgeri mentioned this issue Feb 22, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@BradleyBoutcher BradleyBoutcher

Labels
component/pcf good-first-issue kind/enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add support for summon evironments cyberark/cloudfoundry-conjur-buildpack
3 participants
@sgnn7 @BradleyBoutcher @izgeri