A0deploy AUTH0_KEYWORD_REPLACE_MAPPINGS with boolean value

Get Help
,
1

I’m using a0deploy in my pipeline, and using AUTH0_KEYWORD_REPLACE_MAPPINGS to support different values for each deployment environment (eg. dev, qa, staging, prod). This is working fine. However, I’m now trying to add a replacement value that’s a boolean…

{
    // ...snip...

    "AUTH0_PRESERVE_KEYWORDS": true,
    "AUTH0_KEYWORD_REPLACE_MAPPINGS": {
        "ENABLE_BRUTE_FORCE_PROTECTION": false
    }

    // ...snip...
}

image
image704×163 11.3 KB

In that tenant.yaml screenshot - if I don’t include the single quotes, then a0deploy export overrides that with whatever the real value from the tenant is. Ie. ignoring AUTH0_PRESERVE_KEYWORDS=true. Given it’s a bool, I’d expect to not have the quotes around it. I’m assuming the “#” is breaking it, as that makes it a YAML comment?

If I include those single quotes - then the a0deploy import fails saying…

“Payload validation error: ‘Expected type boolean but found type string’ on property enabled (Whether or not brute force attack protections are active).”

Which makes sense.

Does this not support boolean / non-string values?

3

Hi @danclarke,

Thanks for your question.

Yes, it’s true that using the “#” causes it to become a YAML comment. One workaround you might consider is using the @@ARRAY_REPLACE@@ syntax instead.

I recommend referring to our Keyword Preservation not Working with Configurations such as Action Secrets and Flow Actions knowledge article for more specifics on how to accomplish this.

Let me know if you have any questions about this.

Best,
Rueben

4

Thanks, this works. However, I am a bit concerned that this is now hard-coding the entire bruteForceProtection JSON block (when I just want to replace a boolean field’s value).

This means that if Auth0 ever change any fields within that bruteForceProtection JSON block, my hardcoded replacement-mapping is going to trash over it.

It does seem a bit strange that this replacement mapping doesn’t support a fundamental data type like a boolean. Especially when a lot of Auth0 settings are booleans (on/off).

This is too limiting - so I think I’m either going to swap out the templating side of things with something else like Handlebars or T4.

Or alternatively, spike the Terraform provider.

Thanks for your help though, and quick reply - that’ll certainly work as a short-term fix.

5

Hi @danclarke,

Thanks for your response.

I completely understand, and I’m glad you are able to use this as a short-term fix.

If it helps, you could try raising this concern directly to the Auth0 Deploy CLI Github repo for extra help.

Kind regards,
Rueben