fix vault conversion

yaml/converter/legacy/internal/config.go

@@ -7,6 +7,7 @@ package yaml
 import (
 	"bytes"
 	"fmt"
+	"sort"
 	"strings"
 
 	droneyaml "github.com/drone/drone-yaml/yaml"
@@ -117,9 +118,8 @@ func Convert(d []byte) ([]byte, error) {
 	}
 
 	secrets := toSecrets(from)
-
-	if secrets != nil {
-		manifest.Resources = append(manifest.Resources, secrets)
+	for _, secret := range secrets {
+		manifest.Resources = append(manifest.Resources, secret)
 	}
 
 	buf := new(bytes.Buffer)
@@ -214,29 +214,36 @@ func toPullPolicy(pull bool) string {
 
 // helper function converts the legacy secret syntax to the
 // new secret variable syntax.
-func toSecrets(from *Config) *droneyaml.Secret {
-	secret := &droneyaml.Secret{}
-	secret.Kind = "secret"
-	secret.Type = "general"
-	secret.External = map[string]droneyaml.ExternalData{}
-	for key, val := range from.Secrets {
-		external := droneyaml.ExternalData{}
+func toSecrets(from *Config) []*droneyaml.Secret {
+	var keys []string
+	for key := range from.Secrets {
+		keys = append(keys, key)
+	}
+	sort.Strings(keys)
+
+	var secrets []*droneyaml.Secret
+	for _, key := range keys {
+		val := from.Secrets[key]
+		secret := new(droneyaml.Secret)
+		secret.Name = key
+		secret.Kind = "secret"
+
 		if val.Driver == "vault" {
 			if val.DriverOpts != nil {
-				external.Path = val.DriverOpts["path"]
-				external.Name = val.DriverOpts["key"]
+				secret.Get.Path = val.DriverOpts["path"]
+				secret.Get.Name = val.DriverOpts["key"]
 			}
 		} else if val.Path != "" {
-			external.Path = val.Path
+			secret.Get.Path = val.Path
 		} else {
-			external.Path = val.Vault
+			secret.Get.Path = val.Vault
 		}
-		secret.External[key] = external
+		secrets = append(secrets, secret)
 	}
-	if len(secret.External) == 0 {
+	if len(secrets) == 0 {
 		return nil
 	}
-	return secret
+	return secrets
 }
 
 // helper function converts the legacy vargs syntax to the

yaml/converter/legacy/internal/config_test.go

@@ -8,6 +8,8 @@ import (
 	"bytes"
 	"io/ioutil"
 	"testing"
+
+	"github.com/sergi/go-diff/diffmatchpatch"
 )
 
 func TestConvert(t *testing.T) {
@@ -58,7 +60,9 @@ func TestConvert(t *testing.T) {
 		}
 		if bytes.Equal(b, c) == false {
 			t.Errorf("Unexpected yaml conversion of %s", test.before)
-			t.Log(string(c))
+			dmp := diffmatchpatch.New()
+			diffs := dmp.DiffMain(string(b), string(c), false)
+			t.Log(dmp.DiffCleanupSemantic(diffs))
 		}
 	}
 }

yaml/converter/legacy/internal/testdata/vault_1.yml.golden

@@ -20,12 +20,17 @@ steps:
 
 ---
 kind: secret
-type: general
-external_data:
-  docker_password:
-    path: secret/docker
-    name: password
-  docker_username:
-    path: secret/docker/username
+name: docker_password
+
+get:
+  path: secret/docker
+  name: password
+
+---
+kind: secret
+name: docker_username
+
+get:
+  path: secret/docker/username
 
 ...

yaml/converter/legacy/internal/testdata/vault_2.yml.golden

@@ -20,11 +20,16 @@ steps:
 
 ---
 kind: secret
-type: general
-external_data:
-  docker_password:
-    path: secret/docker/password
-  docker_username:
-    path: secret/docker/username
+name: docker_password
+
+get:
+  path: secret/docker/password
+
+---
+kind: secret
+name: docker_username
+
+get:
+  path: secret/docker/username
 
 ...

yaml/converter/legacy/internal/testdata/vault_3.yml.golden

@@ -20,11 +20,16 @@ steps:
 
 ---
 kind: secret
-type: general
-external_data:
-  docker_password:
-    path: secret/docker/password
-  docker_username:
-    path: secret/docker/username
+name: docker_password
+
+get:
+  path: secret/docker/password
+
+---
+kind: secret
+name: docker_username
+
+get:
+  path: secret/docker/username
 
 ...