From 0e9ca9cdb963c4d91476a223c3ef06c8fefd200f Mon Sep 17 00:00:00 2001 From: Brad Rydzewski Date: Thu, 21 Feb 2019 19:08:33 -0800 Subject: [PATCH] yaml syntax for named external secrets --- yaml/pretty/secret.go | 29 +++++++++++++++++++++- yaml/pretty/secret_test.go | 9 +++++++ yaml/pretty/testdata/secret_get.yml | 5 ++++ yaml/pretty/testdata/secret_get.yml.golden | 9 +++++++ yaml/secret.go | 11 ++++++++ 5 files changed, 62 insertions(+), 1 deletion(-) create mode 100644 yaml/pretty/testdata/secret_get.yml create mode 100644 yaml/pretty/testdata/secret_get.yml.golden diff --git a/yaml/pretty/secret.go b/yaml/pretty/secret.go index 13cace6..e42745e 100644 --- a/yaml/pretty/secret.go +++ b/yaml/pretty/secret.go @@ -20,14 +20,23 @@ func printSecret(w writer, v *yaml.Secret) { w.WriteString("---") w.WriteTagValue("version", v.Version) w.WriteTagValue("kind", v.Kind) - w.WriteTagValue("type", toSecretType(v.Type)) if len(v.Data) > 0 { + w.WriteTagValue("type", toSecretType(v.Type)) + w.WriteTagValue("name", v.Name) printData(w, v.Data) } if len(v.External) > 0 { + w.WriteTagValue("type", toSecretType(v.Type)) + w.WriteTagValue("name", v.Name) printExternalData(w, v.External) } + if isSecretGetEmpty(v.Get) == false { + w.WriteTagValue("type", v.Type) + w.WriteTagValue("name", v.Name) + w.WriteByte('\n') + printGet(w, v.Get) + } w.WriteByte('\n') w.WriteByte('\n') } @@ -43,6 +52,16 @@ func toSecretType(s string) string { } } +// helper function prints the get block. +func printGet(w writer, v yaml.SecretGet) { + w.WriteTag("get") + w.IndentIncrease() + w.WriteTagValue("path", v.Path) + w.WriteTagValue("name", v.Name) + w.WriteTagValue("key", v.Key) + w.IndentDecrease() +} + // helper function prints the external data. func printExternalData(w writer, d map[string]yaml.ExternalData) { var keys []string @@ -92,3 +111,11 @@ func printData(w writer, d map[string]string) { // replace spaces and newlines. var spaceReplacer = strings.NewReplacer(" ", "", "\n", "") + +// helper function returns true if the secret get +// object is empty. +func isSecretGetEmpty(v yaml.SecretGet) bool { + return v.Key == "" && + v.Name == "" && + v.Path == "" +} diff --git a/yaml/pretty/secret_test.go b/yaml/pretty/secret_test.go index 2c3d78d..cf3e2e8 100644 --- a/yaml/pretty/secret_test.go +++ b/yaml/pretty/secret_test.go @@ -25,3 +25,12 @@ func TestExternalSecret(t *testing.T) { t.Errorf("Unepxected formatting") } } + +func TestGetSecret(t *testing.T) { + ok, err := diff("testdata/secret_get.yml") + if err != nil { + t.Error(err) + } else if !ok { + t.Errorf("Unepxected formatting") + } +} diff --git a/yaml/pretty/testdata/secret_get.yml b/yaml/pretty/testdata/secret_get.yml new file mode 100644 index 0000000..2f71fd4 --- /dev/null +++ b/yaml/pretty/testdata/secret_get.yml @@ -0,0 +1,5 @@ +kind: secret +name: username +get: + path: secret/data/docker + name: username diff --git a/yaml/pretty/testdata/secret_get.yml.golden b/yaml/pretty/testdata/secret_get.yml.golden new file mode 100644 index 0000000..fb1c136 --- /dev/null +++ b/yaml/pretty/testdata/secret_get.yml.golden @@ -0,0 +1,9 @@ +--- +kind: secret +name: username + +get: + path: secret/data/docker + name: username + +... diff --git a/yaml/secret.go b/yaml/secret.go index 2b742ab..58c2892 100644 --- a/yaml/secret.go +++ b/yaml/secret.go @@ -26,9 +26,20 @@ type ( Version string `json:"version,omitempty"` Kind string `json:"kind,omitempty"` Type string `json:"type,omitempty"` + Name string `json:"name,omitempty"` Data map[string]string `json:"data,omitempty"` External map[string]ExternalData `json:"external_data,omitempty" yaml:"external_data"` + Get SecretGet `json:"get,omitempty"` + } + + // SecretGet defines a request to get a secret from + // an external sevice at the specified path, or with the + // specified name. + SecretGet struct { + Path string `json:"path,omitempty"` + Name string `json:"name,omitempty"` + Key string `json:"key,omitempty"` } // ExternalData defines the path and name of external