Add vault Terraform provider patch and overlay

Signed-off-by: Magic_RB <magic_rb@redalder.org>
2024-11-21 23:54:22 +01:00 · 2023-06-14 12:27:08 +02:00 · 2023-06-14 12:27:08 +02:00 · 29bfcf131e
parent 53ec369b90
commit 29bfcf131e
3 changed files with 93 additions and 0 deletions
--- a/flake.nix
+++ b/flake.nix
@ -76,6 +76,7 @@
        overlays/maildrop
        overlays/courier-unicode.nix
        overlays/ds3os.nix
+        overlays/terraform-provider-vault.nix
        overlays/terraform-provider-influxdb-v2.nix
      ];

@ -96,6 +97,7 @@
        hostapd.intel_lar-and-noscan = patches/0001-intel_lar-and-noscan.patch;
        hostapd.hostapd-2_10-lar = patches/999-hostapd-2.10-lar.patch;
        hostapd.hostapd-2_10-lar-2 = patches/hostapd-2.10-lar.patch;
+        terraform-provider-nomad.allow-null-in-authMountTuneSchema = patches/vault-provider-Allow-null-in-authMountTuneSchema.patch;
      };

      systems = [
--- a/overlays/terraform-provider-vault.nix
+++ b/overlays/terraform-provider-vault.nix
@ -0,0 +1,18 @@
+{ config, ... }:
+{
+  flake.overlays.terraform-provider-vault =
+    final: prev:
+    {
+      terraform = prev.terraform.overrideAttrs (old: {
+        passthru.plugins =
+          old.passthru.plugins
+          // {
+            vault = old.passthru.plugins.vault.overrideAttrs (old: {
+              patches = [
+                config.flake.patches.terraform-provider-nomad.allow-null-in-authMountTuneSchema
+              ];
+            } );
+          };
+      } );
+    };
+}
--- a/patches/vault-provider-Allow-null-in-authMountTuneSchema.patch
+++ b/patches/vault-provider-Allow-null-in-authMountTuneSchema.patch
@ -0,0 +1,73 @@
+From 1bc15c644e6e39f268b1d06c343d8a9a4fceab2d Mon Sep 17 00:00:00 2001
+From: Magic_RB <magic_rb@redalder.org>
+Date: Fri, 31 Mar 2023 23:23:41 +0200
+Subject: [PATCH] Allow null in authMountTuneSchema
+
+Signed-off-by: Magic_RB <magic_rb@redalder.org>
+---
+ internal/provider/validators.go | 10 ++++++++++
+ vault/auth_mount.go             |  8 ++++----
+ 2 files changed, 14 insertions(+), 4 deletions(-)
+
+diff --git a/internal/provider/validators.go b/internal/provider/validators.go
+index 15e23212..89a9d7e1 100644
+--- a/internal/provider/validators.go
+++ b/internal/provider/validators.go
+@@ -39,6 +39,16 @@ func ValidateStringSlug(i interface{}, k string) (s []string, es []error) {
+ 	return
+ }
+ 
+func ValidateAllowNull(f func(interface{}, string) ([]string, []error)) (func(interface{}, string) ([]string, []error)) {
+	return func(i interface{}, k string) (s []string, es []error) {
+		if i == nil {
+			return
+		} else {
+			return f(i, k)
+		}
+	};
+}
+
+ func ValidateDuration(i interface{}, k string) (s []string, es []error) {
+ 	v, ok := i.(string)
+ 	if !ok {
+diff --git a/vault/auth_mount.go b/vault/auth_mount.go
+index 2e1854f8..9bb77bc2 100644
+--- a/vault/auth_mount.go
+++ b/vault/auth_mount.go
+@@ -28,13 +28,13 @@ func authMountTuneSchema() *schema.Schema {
+ 					Type:         schema.TypeString,
+ 					Optional:     true,
+ 					Description:  "Specifies the default time-to-live duration. This overrides the global default. A value of 0 is equivalent to the system default TTL",
+-					ValidateFunc: provider.ValidateDuration,
+					ValidateFunc: provider.ValidateAllowNull(provider.ValidateDuration),
+ 				},
+ 				"max_lease_ttl": {
+ 					Type:         schema.TypeString,
+ 					Optional:     true,
+ 					Description:  "Specifies the maximum time-to-live duration. This overrides the global default. A value of 0 are equivalent and set to the system max TTL.",
+-					ValidateFunc: provider.ValidateDuration,
+					ValidateFunc: provider.ValidateAllowNull(provider.ValidateDuration),
+ 				},
+ 				"audit_non_hmac_request_keys": {
+ 					Type:        schema.TypeList,
+@@ -52,7 +52,7 @@ func authMountTuneSchema() *schema.Schema {
+ 					Type:         schema.TypeString,
+ 					Optional:     true,
+ 					Description:  "Specifies whether to show this mount in the UI-specific listing endpoint. Valid values are \"unauth\" or \"hidden\". If not set, behaves like \"hidden\".",
+-					ValidateFunc: validation.StringInSlice([]string{"unauth", "hidden"}, false),
+					ValidateFunc: provider.ValidateAllowNull(validation.StringInSlice([]string{"unauth", "hidden"}, false)),
+ 				},
+ 				"passthrough_request_headers": {
+ 					Type:        schema.TypeList,
+@@ -70,7 +70,7 @@ func authMountTuneSchema() *schema.Schema {
+ 					Type:         schema.TypeString,
+ 					Optional:     true,
+ 					Description:  "Specifies the type of tokens that should be returned by the mount.",
+-					ValidateFunc: validation.StringInSlice([]string{"default-service", "default-batch", "service", "batch"}, false),
+					ValidateFunc: provider.ValidateAllowNull(validation.StringInSlice([]string{"default-service", "default-batch", "service", "batch"}, false)),
+ 				},
+ 			},
+ 		},
+-- 
+2.39.1
+