Giters

jrhouston / tfk8s

A tool for converting Kubernetes YAML manifests to Terraform HCL

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

regular yaml file that breaks the interpreter

simonfelding opened this issue · comments

commented

https://github.com/dexidp/dex/blob/master/examples/ldap/config-ldap.yaml

This exact yaml file results in a crash.

to make things easier, here's a copy:

issuer: http://127.0.0.1:5556/dex
storage:
  type: sqlite3
  config:
    file: examples/dex.db
web:
  http: 0.0.0.0:5556

connectors:
- type: ldap
  name: OpenLDAP
  id: ldap
  config:
    # The following configurations seem to work with OpenLDAP:
    #
    # 1) Plain LDAP, without TLS:
    host: localhost:389
    insecureNoSSL: true
    #
    # 2) LDAPS without certificate validation:
    #host: localhost:636
    #insecureNoSSL: false
    #insecureSkipVerify: true
    #
    # 3) LDAPS with certificate validation:
    #host: YOUR-HOSTNAME:636
    #insecureNoSSL: false
    #insecureSkipVerify: false
    #rootCAData: 'CERT'
    # ...where CERT="$( base64 -w 0 your-cert.crt )"

    # This would normally be a read-only user.
    bindDN: cn=admin,dc=example,dc=org
    bindPW: admin

    usernamePrompt: Email Address

    userSearch:
      baseDN: ou=People,dc=example,dc=org
      filter: "(objectClass=person)"
      username: mail
      # "DN" (case sensitive) is a special attribute name. It indicates that
      # this value should be taken from the entity's DN not an attribute on
      # the entity.
      idAttr: DN
      emailAttr: mail
      nameAttr: cn

    groupSearch:
      baseDN: ou=Groups,dc=example,dc=org
      filter: "(objectClass=groupOfNames)"

      userMatchers:
        # A user is a member of a group when their DN matches
        # the value of a "member" attribute on the group entity.
      - userAttr: DN
        groupAttr: member

      # The group name should be the "cn" value.
      nameAttr: cn

staticClients:
- id: example-app
  redirectURIs:
  - 'http://127.0.0.1:5555/callback'
  name: 'Example App'
  secret: ZXhhbXBsZS1hcHAtc2VjcmV0
commented

Hey @simonfelding that YAML isn't a Kubernetes manifest, it's an LDAP configuration. Did you just want to convert some YAML to the correspeonding HCL object syntax? If so, you can just do something like this:

echo 'yamldecode(file("config-ldap.yaml"))' | terraform console
{
  "connectors" = [
    {
      "config" = {
        "bindDN" = "cn=admin,dc=example,dc=org"
        "bindPW" = "admin"
        "groupSearch" = {
          "baseDN" = "ou=Groups,dc=example,dc=org"
          "filter" = "(objectClass=groupOfNames)"
          "nameAttr" = "cn"
          "userMatchers" = [
            {
              "groupAttr" = "member"
              "userAttr" = "DN"
            },
          ]
        }
        "host" = "localhost:389"
        "insecureNoSSL" = true
        "userSearch" = {
          "baseDN" = "ou=People,dc=example,dc=org"
          "emailAttr" = "mail"
          "filter" = "(objectClass=person)"
          "idAttr" = "DN"
          "nameAttr" = "cn"
          "username" = "mail"
        }
        "usernamePrompt" = "Email Address"
      }
      "id" = "ldap"
      "name" = "OpenLDAP"
      "type" = "ldap"
    },
  ]
  "issuer" = "http://127.0.0.1:5556/dex"
  "staticClients" = [
    {
      "id" = "example-app"
      "name" = "Example App"
      "redirectURIs" = [
        "http://127.0.0.1:5555/callback",
      ]
      "secret" = "ZXhhbXBsZS1hcHAtc2VjcmV0"
    },
  ]
  "storage" = {
    "config" = {
      "file" = "examples/dex.db"
    }
    "type" = "sqlite3"
  }
  "web" = {
    "http" = "0.0.0.0:5556"
  }
}