Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

boolean string options in configuration file should have consistent documentation #1559

Closed
langston-barrett opened this issue Jun 24, 2016 · 3 comments
Closed

boolean string options in configuration file should have consistent documentation #1559

langston-barrett opened this issue Jun 24, 2016 · 3 comments

Comments

@langston-barrett
Copy link

I'm using Vault 0.6, and attempting to disable the Consul service auto-registration.

With this configuration:

[centos@lb0-control-02 ~]$ sudo cat /etc/vault/vault.hcl         
backend "consul" {
    address = "127.0.0.1:8500"
    path = "vault"
    scheme = "http"
    token = "[redacted]"
    advertise_addr = "https://lb0-control-02.node.consul:8200"
    disable_registration = true
}

listener "tcp" {
    address = "0.0.0.0:8200"
    tls_cert_file = "/etc/pki/tls/certs/host.cert"
    tls_key_file = "/etc/pki/tls/private/host.key"
}

I get the following error:

Jun 24 13:13:34 lb0-control-02 vault[4604]: Error loading configuration from /etc/vault: Error loading /etc/vault/vault.hcl: error parsing 'backend': backend.consul: At 7:25: root.disable_registration: unknown type for string *ast.LiteralType

However, after changing disable_registration to a string, I don't:

[centos@lb0-control-02 ~]$ sudo cat /etc/vault/vault.hcl         
backend "consul" {
    address = "127.0.0.1:8500"
    path = "vault"
    scheme = "http"
    token = "[redacted]"
    advertise_addr = "https://lb0-control-02.node.consul:8200"
    disable_registration = "true"
}

listener "tcp" {
    address = "0.0.0.0:8200"
    tls_cert_file = "/etc/pki/tls/certs/host.cert"
    tls_key_file = "/etc/pki/tls/private/host.key"
}

This distinction is also upheld in the documentation, where defaults for boolean variables (see tls_skip_verify) are unquoted, whereas the default for disable_registration is a quoted string.

Am I crazy, or should this variable be a boolean?

Thank you for your great work!
@jefferai
Copy link
Member

It's an unfortunate artifact of the way things are parsed, mostly to allow variations of true/false (for instance, see the text of https://www.vaultproject.io/docs/config/index.html#tls_disable). This is especially important because of how environment variables are handled, which are strings. The default for that option is listed as "false", with quotes, for a reason :-/

Some of the boolean values have more documentation than others about acceptable values; I'll take this as a documentation TODO to make that more consistent.

@jefferai jefferai added this to the 0.6.1 milestone Jun 24, 2016
@langston-barrett
Copy link
Author

@jefferai Thanks for clarifying!

@langston-barrett langston-barrett changed the title disable_registration should be a boolean, not a string boolean string options in configuration file should have consistent documentation Jul 4, 2016
@jefferai jefferai modified the milestones: future, 0.6.1 Jul 18, 2016
@allomov allomov mentioned this issue Jan 16, 2017
Closed
adamdecaf added a commit to adamdecaf/vault that referenced this issue Mar 30, 2017
@adamdecaf
Quote dynamodb's ha_enabled property
9c5426a 
With `ha_enabled = true` vault crashes with the following error: 

```
error parsing 'storage': storage.dynamodb: At 17:16: root.ha_enabled: unknown type for string *ast.LiteralType
```

This seems related to hashicorp#1559
@adamdecaf adamdecaf mentioned this issue Mar 30, 2017
Merged
jefferai pushed a commit that referenced this issue Mar 30, 2017
@adamdecaf @jefferai
Quote dynamodb's ha_enabled property (#2547)
1f0d9b1 
With `ha_enabled = true` vault crashes with the following error: 

```
error parsing 'storage': storage.dynamodb: At 17:16: root.ha_enabled: unknown type for string *ast.LiteralType
```

This seems related to #1559
@fcvarela fcvarela mentioned this issue Jun 7, 2017
Merged
@jefferai
Copy link
Member

Our documentation continually undergoes refactoring and is hopefully much more consistent in this regard now.

@karl-tpio karl-tpio mentioned this issue Apr 17, 2019
Closed
@pbernal pbernal removed this from the not-scheduled milestone May 26, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jefferai @pbernal @langston-barrett