On 2015-23-02 17:47, Chris Price wrote:
On Mon, Feb 23, 2015 at 7:09 AM, Trevor Vaughan <tvaug...@onyxpoint.com
<mailto:tvaug...@onyxpoint.com>> wrote:
Sorry to derail for the moment but HOCON + JSON + YAML + XML? Sounds
great......
Totally agree that we have too many formats. That's why we tried to put
a lot of thought into picking one that we think is robust enough to
standardize on going forward. :) Also, the current auth.conf format is
none of the above, so moving it to any of the above would mean 'n - 1'
formats :)
Is there an overlap with Node Classifier and RBAC as they also specify
rules? We would want to have a common way to handle rules in different
domains.
- henrik
On Mon, Feb 23, 2015 at 9:57 AM, Chris Price <ch...@puppetlabs..com
<mailto:ch...@puppetlabs.com>> wrote:
On Sun, Feb 22, 2015 at 9:18 PM, Eric Sorenson
<eric.soren...@puppetlabs.com
<mailto:eric.soren...@puppetlabs.com>> wrote:
Hi Brice! This project is really cool, thanks for taking it
on. I have a few comments about requirements and design that
I hope can save some work and make it easier to include this
upstream once it's done.
I went back and surveyed redmine, jira, and ask.pl.com
<http://ask..pl.com> for bugs around auth.conf to see what
people have run into over the years (
https://www.google.com/search?q=site%3Apuppetlabs.com+auth.conf&gws_rd=ssl
<https://www.google.com/search?q=site:puppetlabs.com+auth.conf&gws_rd=ssl> ),
and from those results plus recalling conversations with
#puppet there seem to be a few general categories that we
should examine when designing a replacement
First, I don't think you need to try to make it compatible
with the existing auth.conf format. It'd be good to take the
opportunity to move to a structured data format that is
easier to read and write programmatically,
It would be cool if we could figure out a way to represent the
rules in HOCON, since that's the format we're using for pretty
much all of our new config files going forward. That way, the
same modules and tooling that we're building up around that data
format could be used on the auth stuff, and the syntax would
start to look more consistent and familiar compared to other new
puppet config files. Since HOCON is basically a superset of
JSON I'm thinking that maybe the rules could be written as
basically a big array of maps. It'd be a little more verbose
than the existing syntax, but I think the tradeoffs might be
worth it.
(This is presuming, of course, that we don't find some other
existing model that we like, as Eric suggested.)
--
You received this message because you are subscribed to the
Google Groups "Puppet Developers" group.
To unsubscribe from this group and stop receiving emails from
it, send an email to puppet-dev+unsubscr...@googlegroups.com
<mailto:puppet-dev+unsubscr...@googlegroups.com>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-dev/CAMx1QfL9TvgyWJ5__utWk12CQ3y_q0Wk63uJr6efMxoEk4gLeA%40mail.gmail.com
<https://groups.google.com/d/msgid/puppet-dev/CAMx1QfL9TvgyWJ5__utWk12CQ3y_q0Wk63uJr6efMxoEk4gLeA%40mail.gmail.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.
--
Trevor Vaughan
Vice President, Onyx Point, Inc
(410) 541-6699 <tel:%28410%29%20541-6699>
tvaug...@onyxpoint.com <mailto:tvaug...@onyxpoint.com>
-- This account not approved for unencrypted proprietary information --
--
You received this message because you are subscribed to the Google
Groups "Puppet Developers" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to puppet-dev+unsubscr...@googlegroups.com
<mailto:puppet-dev+unsubscr...@googlegroups.com>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-dev/CANs%2BFoVgeG5fYRqa3xkj9%3DKEQBpwB%2BUv%2BbRJsY0LoPTL8BZQ%3DQ%40mail.gmail.com
<https://groups.google.com/d/msgid/puppet-dev/CANs%2BFoVgeG5fYRqa3xkj9%3DKEQBpwB%2BUv%2BbRJsY0LoPTL8BZQ%3DQ%40mail.gmail.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google
Groups "Puppet Developers" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to puppet-dev+unsubscr...@googlegroups.com
<mailto:puppet-dev+unsubscr...@googlegroups.com>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-dev/CAMx1QfLpVd2swVDpqvX5Xgtq%3DL7txZTkYKUTHLdOX5vOGUh-4g%40mail.gmail.com
<https://groups.google.com/d/msgid/puppet-dev/CAMx1QfLpVd2swVDpqvX5Xgtq%3DL7txZTkYKUTHLdOX5vOGUh-4g%40mail.gmail.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.
--
Visit my Blog "Puppet on the Edge"
http://puppet-on-the-edge.blogspot.se/
--
You received this message because you are subscribed to the Google Groups "Puppet
Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-dev/mcfnl1%247av%241%40ger.gmane.org.
For more options, visit https://groups.google.com/d/optout.
