Strongly disagree: suppose we have secrets mounted at my/secrets, and we want to read a secret top/secret, which is represented as my/secrets/top/secret path in vault. However, the only way to access it via API is to read _all_ mount points, and match them with the path to split path to mount point and secret. vault cli itself follows the same logic: https://github.com/hashicorp/vault/blob/main/command/kv_help...
I'm assuming this is Terragrunt, which itself perpetuates all kinds of horrific practices which are absolutely unnecessary if you apply basic software engineering principles to infrastructure as code/config.
Not disagreeing, but you have to create a shit ton of scaffolding to work around TF's lack of useful functionality and painful UX. Terragrunt exists because somebody had to do the same, and then kept adding on "smart" features making it even more overcomplicated.
jamhed|3 years ago
Strongly disagree: suppose we have secrets mounted at my/secrets, and we want to read a secret top/secret, which is represented as my/secrets/top/secret path in vault. However, the only way to access it via API is to read _all_ mount points, and match them with the path to split path to mount point and secret. vault cli itself follows the same logic: https://github.com/hashicorp/vault/blob/main/command/kv_help...
sidlls|3 years ago
moralestapia|3 years ago
Second that. Very steep learning curve for some use cases that could be accomplished in a much easier way. Another kubernetes in disguise.
jen20|3 years ago
datatrashfire|3 years ago
throwaway787544|3 years ago
kfrzcode|3 years ago
dpedu|3 years ago
schainks|3 years ago
DSingularity|3 years ago