Delimiter annotation

[Diliz]

Rebased @cailtlinelfring annotations branch with delimiter annotations feature

rebased content of #226 instead of making my own (I was using leftdelim and rightdelim annotations in my version, nearly the same as @caitlinelfring version

[hashicorp-cla-app]

All committers have signed the CLA.

[Diliz]

fix hashicorp/vault-helm#348 as well

[Diliz]

@tvoran @benashz How much time does it take for pull requests from outsiders to be checked and merged? (Just to know if this will be available soon or not on my side)

[benashz]

The original pull request talks a bit about handling templates included in a Helm chart. I wonder if we could recommend escaping the template instead of adding support for specifying alternate template delimiters? We are suggesting that approach here: hashicorp/vault-secrets-operator#619 (comment)

[Diliz]

The original pull request talks a bit about handling templates included in a Helm chart. I wonder if we could recommend escaping the template instead of adding support for specifying alternate template delimiters? We are suggesting that approach here: hashicorp/vault-secrets-operator#619 (comment)

Humm, this helm approache is a workaround, not something to fix the real issue, currently it's a hassle to use go templating inside vault templates in kubernetes, if you want to make templating over templating over termplating, it becomes impossible to use if you don't know beforehand how many times the template will be templated, so escaping it is not a solution in this case.

Why not simply adding this delim annotations to make it convenient and be able to differentiate the default go templating from the one for the vault agent?

[tvoran]

Thanks for updating this! It tested good locally for me; just left a couple thoughts.

Something else I think may be useful here is a way to set the default template delimiters for all the templates in a Pod, instead of per-template. Perhaps the delimiter annotations by themselves (without the secret suffix) could be used for this? Just something I was thinking about while reviewing this, but we can do it in a follow-up PR too.

[markush81]

Just stumbled over this and it is exactly what i need as well. Doing the escaping kinda gets easily a hell if you want to have parts replaced by helm template and parts by vault.

Any ETA for this PR?

[Diliz]

Just stumbled over this and it is exactly what i need as well. Doing the escaping kinda gets easily a hell if you want to have parts replaced by helm template and parts by vault.

Any ETA for this PR?

Waiting for @tvoran and @benashz comments and approval, I'm still following this case as I need it implemented as well 👍

[Diliz]

Made the requested changes, it should be good now :)

• Rebased as well

[tvoran]

Just a couple more minor things.

[tvoran]

Thanks so much! We'll get this into the next release.