From 39ac6f8d0074625e31d38e7743278e2d6eee712a Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <dbd@ehtrace.com>
Date: Mon, 22 Jan 2024 10:30:44 +0100
Subject: [PATCH] Merge conf for vault policy

---
 example/vault/policies/democratic-csi.hcl | 3 +++
 vault/policies/democratic-csi.hcl         | 5 ++---
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/example/vault/policies/democratic-csi.hcl b/example/vault/policies/democratic-csi.hcl
index bd7f7d6..668c07b 100644
--- a/example/vault/policies/democratic-csi.hcl
+++ b/example/vault/policies/democratic-csi.hcl
@@ -1,3 +1,6 @@
+
+# Access the vault KV (v2) store
 path "kv/data/service/democratic-csi" {
   capabilities = ["read"]
 }
+
diff --git a/vault/policies/democratic-csi.hcl b/vault/policies/democratic-csi.hcl
index c80b228..dcb089f 100644
--- a/vault/policies/democratic-csi.hcl
+++ b/vault/policies/democratic-csi.hcl
@@ -1,3 +1,2 @@
-path "[[ .vault.prefix ]]kv/data/service/democratic-csi" {
-  capabilities = ["read"]
-}
+[[- $c := merge .democratic_csi . ]]
+[[ template "common/vault.kv_policy" $c ]]