introduces base32 related encoding functions with documentation #29127
Conversation
…ode, textencodebase32, textdecodebase32 and related docs with updated website/layout file
|
Circle complains about those valid URLs. I don't understand what is wrong. |
|
The URLs are "invalid" because they redirect somewhere else; you should use the redirect destination in the docs. |
|
|
|
Hi @ufukty, thanks for the submission! To set expectations, right now we generally are not reviewing submissions for new functions. This may change in the future, however. In the meantime, we would like to hear more about your use case. You say "base32 is used for OTP secrets," can you say more? What provider are you using, how would base32 functions be used with such a provider in your workflow, any info that would help us understand this use case? Thanks so much! We appreciate any input. |
|
Hi @crw,
Example use case Think about you are configuring a OTP secret for a user of one of your VPN server as part of Multi Factor Authentication. provisioner "file" {
content = "ufukty: ${ substr(base32encode(uuid()), 0, 32) }"
destination = "/etc/openvpn/otp-secret.yml"
}Creating new secret at each deployment instead baking one token into golden image, lets us to use different tokens for each VPN server we have, and keep our tokens fresh. Currently I use a bash script for such problem, but above example looks cleaner and coherent. After, new secrets will be presented to user or saved into state file, so he can register it to the key generator app in his phone. |
|
The use-case for base32 encoding is broad and easy to explain -- anywhere you want to encode a sequence of octets as a human-readable string that is resistant to character confusion. |
|
I would find base32 encoding useful as well. Google cloud is very restrictive in what it accepts in labels (lower case only) and I want to base32 encode tags, label keys and label values before setting them on google cloud instances. |
|
After I sent this PR, hashicorp announced they won't review PR's due to the lack of enough human resource. I don't know if that's still relevant. I hope this one reviewed and merged soon. |
|
I can provide an update. At some point in the future, we plan to provide the ability to create "function providers." Function providers would allow our community to create their own functions, or multiple implementations of the same function, and apply them without having to go through our code review process. This function would be a perfect candidate for a plugin function provider, as opposed to a function built into Terraform. As such it is waiting for the implementation of plugin function providers. For more info and discussion on these topics, please see: Thanks for this submission! I will keep you posted on future updates. |
|
@crw Thanks for answer. Are you saying that hashicorp makes dozens of PRs like this sit&wait in a queue until you finish a new feature you can not quote ETA. And presumably each PR introduces new features that has potential to make terraform more useful for larger userbase and increase the reach. Seems like a business decision that wastes potential and time. Not my company tho. Kudos for great work so far. 🎉🥳 |
|
Hi @ufukty, thanks for your response. I would frame it as, there are dozens (upon dozens) of often competing ideas for what should be added to Terraform. Meanwhile, users are expecting a level of stability and resiliency that is increasingly difficult to maintain as more features are added to the product. Balancing which features to add, and how to make it possible for users to be more creative and less restrained through providers, is the principle challenge of the core engineering team. It is not easy, but we're doing the best we can! Thanks again for your response and for your continued interest and patience. |
|
@crw Thanks for answer. That makes sense now. Looking forward for release. |
|
Thank you for your continued interest in this PR. Terraform version 1.8 launches with support of provider-defined functions. It is now possible to implement your own functions! We would love to see this implemented as a provider-defined function. Please see the provider-defined functions documentation to learn how to implement functions in your providers. If you are new to provider development, learn how to create a new provider with the Terraform Plugin Framework. If you have any questions, please visit the Terraform Plugin Development category in our official forum. We hope this feature unblocks future function development and provides more flexibility for the Terraform community. Thank you for your continued support of Terraform! |
|
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions. |
Necessity
Base32 is used for OTP secrets, it is nice to be able to produce unique keys for each server via Terraform.
Features
Functions introduces:
base32encodebase32decodetextencodebase32textdecodebase32and related docs with updated website/layout file.
Misc
I used base64 functions as examples for implementations. Changed 64's with 32's. Updated the examples with valid base32 encodings. 4 documentation page for each function has been added. Links for those pages added to website layout page too.