yaml syntax for named external secrets

This commit is contained in:
Brad Rydzewski 2019-02-21 19:08:33 -08:00
parent 9e589be71a
commit 0e9ca9cdb9
5 changed files with 62 additions and 1 deletions

View File

@ -20,14 +20,23 @@ func printSecret(w writer, v *yaml.Secret) {
w.WriteString("---") w.WriteString("---")
w.WriteTagValue("version", v.Version) w.WriteTagValue("version", v.Version)
w.WriteTagValue("kind", v.Kind) w.WriteTagValue("kind", v.Kind)
w.WriteTagValue("type", toSecretType(v.Type))
if len(v.Data) > 0 { if len(v.Data) > 0 {
w.WriteTagValue("type", toSecretType(v.Type))
w.WriteTagValue("name", v.Name)
printData(w, v.Data) printData(w, v.Data)
} }
if len(v.External) > 0 { if len(v.External) > 0 {
w.WriteTagValue("type", toSecretType(v.Type))
w.WriteTagValue("name", v.Name)
printExternalData(w, v.External) printExternalData(w, v.External)
} }
if isSecretGetEmpty(v.Get) == false {
w.WriteTagValue("type", v.Type)
w.WriteTagValue("name", v.Name)
w.WriteByte('\n')
printGet(w, v.Get)
}
w.WriteByte('\n') w.WriteByte('\n')
w.WriteByte('\n') w.WriteByte('\n')
} }
@ -43,6 +52,16 @@ func toSecretType(s string) string {
} }
} }
// helper function prints the get block.
func printGet(w writer, v yaml.SecretGet) {
w.WriteTag("get")
w.IndentIncrease()
w.WriteTagValue("path", v.Path)
w.WriteTagValue("name", v.Name)
w.WriteTagValue("key", v.Key)
w.IndentDecrease()
}
// helper function prints the external data. // helper function prints the external data.
func printExternalData(w writer, d map[string]yaml.ExternalData) { func printExternalData(w writer, d map[string]yaml.ExternalData) {
var keys []string var keys []string
@ -92,3 +111,11 @@ func printData(w writer, d map[string]string) {
// replace spaces and newlines. // replace spaces and newlines.
var spaceReplacer = strings.NewReplacer(" ", "", "\n", "") var spaceReplacer = strings.NewReplacer(" ", "", "\n", "")
// helper function returns true if the secret get
// object is empty.
func isSecretGetEmpty(v yaml.SecretGet) bool {
return v.Key == "" &&
v.Name == "" &&
v.Path == ""
}

View File

@ -25,3 +25,12 @@ func TestExternalSecret(t *testing.T) {
t.Errorf("Unepxected formatting") t.Errorf("Unepxected formatting")
} }
} }
func TestGetSecret(t *testing.T) {
ok, err := diff("testdata/secret_get.yml")
if err != nil {
t.Error(err)
} else if !ok {
t.Errorf("Unepxected formatting")
}
}

5
yaml/pretty/testdata/secret_get.yml vendored Normal file
View File

@ -0,0 +1,5 @@
kind: secret
name: username
get:
path: secret/data/docker
name: username

View File

@ -0,0 +1,9 @@
---
kind: secret
name: username
get:
path: secret/data/docker
name: username
...

View File

@ -26,9 +26,20 @@ type (
Version string `json:"version,omitempty"` Version string `json:"version,omitempty"`
Kind string `json:"kind,omitempty"` Kind string `json:"kind,omitempty"`
Type string `json:"type,omitempty"` Type string `json:"type,omitempty"`
Name string `json:"name,omitempty"`
Data map[string]string `json:"data,omitempty"` Data map[string]string `json:"data,omitempty"`
External map[string]ExternalData `json:"external_data,omitempty" yaml:"external_data"` External map[string]ExternalData `json:"external_data,omitempty" yaml:"external_data"`
Get SecretGet `json:"get,omitempty"`
}
// SecretGet defines a request to get a secret from
// an external sevice at the specified path, or with the
// specified name.
SecretGet struct {
Path string `json:"path,omitempty"`
Name string `json:"name,omitempty"`
Key string `json:"key,omitempty"`
} }
// ExternalData defines the path and name of external // ExternalData defines the path and name of external