render templates with external functions #1876
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
tgross
force-pushed
the
render-with-external-functions
branch
from
dbe80cb
to
1ce54cc
Compare
tgross
force-pushed
the
render-with-external-functions
branch
from
1ce54cc
to
d6f2db1
Compare
lkysow
approved these changes
Feb 29, 2024
Some consumers of `consul-template` use it like a library, where the application runs the runner in-process. For projects like Nomad which need to run with a high level of privilege, this is problematic in that its challenging to secure the operations that read and write from disk without running the entirety of CT as an external process (which carries a lot of overhead for Nomad workloads). Add a `RendererFunc` and `ReaderFunc` interface to allow Nomad to inject a sandboxed subprocess when reading from disk and writing to disk. This implementation is currently being used in Nomad 1.7.4, 1.6.7, and 1.5.14 as a mitigation for hashicorp/nomad#19888. See hashicorp/nomad@df86503 for example usage.
tgross
force-pushed
the
render-with-external-functions
branch
from
d6f2db1
to
d0656c4
Compare
|
@lkysow I've addressed your comments and rebased on main. I can squash merge this if you're happy with the results? |
|
Oh, well there's something wrong with the infra being set up for the Consul ENT test... like Vault isn't accepting writes for some reason during the setup? I see there was a recent set of commits by @kkavish trying to de-flake tests but not sure if this is new or not? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Some consumers of
consul-templateuse it like a library, where the application runs the runner in-process. For projects like Nomad which need to run with a high level of privilege, this is problematic in that its challenging to secure the operations that read and write from disk without running the entirety of CT as an external process (which carries a lot of overhead for Nomad workloads).Add a
RendererFuncandReaderFuncinterface to allow Nomad to inject a sandboxed subprocess when reading from disk and writing to disk.This implementation is currently being used in Nomad 1.7.4, 1.6.7, and 1.5.14 as a mitigation for hashicorp/nomad#19888. See hashicorp/nomad@df86503 for example usage.
Required for hashicorp/nomad#19919