New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add a configurable option to switch yaml parser between yaml and utilyaml #497
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -115,15 +115,19 @@ func ParseMap(m map[string]string) (userMappings []config.UserMapping, roleMappi | |
rawUserMappings := make([]config.UserMapping, 0) | ||
userMappings = make([]config.UserMapping, 0) | ||
if userData, ok := m["mapUsers"]; ok { | ||
userJson, err := utilyaml.ToJSON([]byte(userData)) | ||
if EKSYaml { | ||
//use Lenient Yaml Parser | ||
err = yaml.Unmarshal([]byte(userData), &rawUserMappings) | ||
} else { | ||
//use Strict Yaml Parser | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. lenient/strict is not 100% accurate, the "lenient" parser is case insensitive, but it does not konw how to deal with can we have a test case for the {{SessionName}} issue, I'll try to find a link to it. But basically we are using {{ in the golang template sense, but {{ also has a meaning in the yaml sense https://yaml.org/spec/1.2.2/#flow-mappings There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
thank you for the comments. there are test yamls https://github.com/kubernetes-sigs/aws-iam-authenticator/tree/master/pkg/mapper/configmap/yaml. do they cover the case you mentioned? this cr is to include #455 on master branch, it is only on release-0.5 branch now. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. With regards to the naming, I agree. I verified that sigs.k8s.io/yaml does a case insensitive key comparison ("lenient") but errors on an unquoted curly braces ("strict"). I think we should instead call the behavior "compatibility mode" with a comment explanation. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
We don't currently have a test for the case mentioned. The test needs to include a mapping of key to value where the first letter of the value is a curly brace and the entire value is unquoted:
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. |
||
userJson, err := utilyaml.ToJSON([]byte(userData)) | ||
if err == nil { | ||
err = json.Unmarshal(userJson, &rawUserMappings) | ||
} | ||
} | ||
if err != nil { | ||
errs = append(errs, err) | ||
} else { | ||
err = json.Unmarshal(userJson, &rawUserMappings) | ||
if err != nil { | ||
errs = append(errs, err) | ||
} | ||
|
||
for _, userMapping := range rawUserMappings { | ||
err = userMapping.Validate() | ||
if err != nil { | ||
|
@@ -138,15 +142,20 @@ func ParseMap(m map[string]string) (userMappings []config.UserMapping, roleMappi | |
rawRoleMappings := make([]config.RoleMapping, 0) | ||
roleMappings = make([]config.RoleMapping, 0) | ||
if roleData, ok := m["mapRoles"]; ok { | ||
roleJson, err := utilyaml.ToJSON([]byte(roleData)) | ||
if err != nil { | ||
errs = append(errs, err) | ||
if EKSYaml { | ||
//use Lenient Yaml Parser | ||
err = yaml.Unmarshal([]byte(roleData), &rawRoleMappings) | ||
} else { | ||
err = json.Unmarshal(roleJson, &rawRoleMappings) | ||
if err != nil { | ||
errs = append(errs, err) | ||
//use Strict Yaml Parser | ||
roleJson, err := utilyaml.ToJSON([]byte(roleData)) | ||
if err == nil { | ||
err = json.Unmarshal(roleJson, &rawRoleMappings) | ||
} | ||
} | ||
|
||
if err != nil { | ||
errs = append(errs, err) | ||
} else { | ||
for _, roleMapping := range rawRoleMappings { | ||
err = roleMapping.Validate() | ||
if err != nil { | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -17,6 +17,7 @@ import ( | |
|
||
func init() { | ||
config.SSORoleMatchEnabled = true | ||
EKSYaml = true | ||
} | ||
|
||
var ( | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Remove or update comments