mirror of
https://github.com/thegeeklab/drone-yaml.git
synced 2024-11-22 01:50:40 +00:00
fix vault conversion
This commit is contained in:
parent
199d1f022a
commit
961c7a1954
@ -7,6 +7,7 @@ package yaml
|
|||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"sort"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
droneyaml "github.com/drone/drone-yaml/yaml"
|
droneyaml "github.com/drone/drone-yaml/yaml"
|
||||||
@ -117,9 +118,8 @@ func Convert(d []byte) ([]byte, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
secrets := toSecrets(from)
|
secrets := toSecrets(from)
|
||||||
|
for _, secret := range secrets {
|
||||||
if secrets != nil {
|
manifest.Resources = append(manifest.Resources, secret)
|
||||||
manifest.Resources = append(manifest.Resources, secrets)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
buf := new(bytes.Buffer)
|
buf := new(bytes.Buffer)
|
||||||
@ -214,29 +214,36 @@ func toPullPolicy(pull bool) string {
|
|||||||
|
|
||||||
// helper function converts the legacy secret syntax to the
|
// helper function converts the legacy secret syntax to the
|
||||||
// new secret variable syntax.
|
// new secret variable syntax.
|
||||||
func toSecrets(from *Config) *droneyaml.Secret {
|
func toSecrets(from *Config) []*droneyaml.Secret {
|
||||||
secret := &droneyaml.Secret{}
|
var keys []string
|
||||||
|
for key := range from.Secrets {
|
||||||
|
keys = append(keys, key)
|
||||||
|
}
|
||||||
|
sort.Strings(keys)
|
||||||
|
|
||||||
|
var secrets []*droneyaml.Secret
|
||||||
|
for _, key := range keys {
|
||||||
|
val := from.Secrets[key]
|
||||||
|
secret := new(droneyaml.Secret)
|
||||||
|
secret.Name = key
|
||||||
secret.Kind = "secret"
|
secret.Kind = "secret"
|
||||||
secret.Type = "general"
|
|
||||||
secret.External = map[string]droneyaml.ExternalData{}
|
|
||||||
for key, val := range from.Secrets {
|
|
||||||
external := droneyaml.ExternalData{}
|
|
||||||
if val.Driver == "vault" {
|
if val.Driver == "vault" {
|
||||||
if val.DriverOpts != nil {
|
if val.DriverOpts != nil {
|
||||||
external.Path = val.DriverOpts["path"]
|
secret.Get.Path = val.DriverOpts["path"]
|
||||||
external.Name = val.DriverOpts["key"]
|
secret.Get.Name = val.DriverOpts["key"]
|
||||||
}
|
}
|
||||||
} else if val.Path != "" {
|
} else if val.Path != "" {
|
||||||
external.Path = val.Path
|
secret.Get.Path = val.Path
|
||||||
} else {
|
} else {
|
||||||
external.Path = val.Vault
|
secret.Get.Path = val.Vault
|
||||||
}
|
}
|
||||||
secret.External[key] = external
|
secrets = append(secrets, secret)
|
||||||
}
|
}
|
||||||
if len(secret.External) == 0 {
|
if len(secrets) == 0 {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
return secret
|
return secrets
|
||||||
}
|
}
|
||||||
|
|
||||||
// helper function converts the legacy vargs syntax to the
|
// helper function converts the legacy vargs syntax to the
|
||||||
|
@ -8,6 +8,8 @@ import (
|
|||||||
"bytes"
|
"bytes"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
|
"github.com/sergi/go-diff/diffmatchpatch"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestConvert(t *testing.T) {
|
func TestConvert(t *testing.T) {
|
||||||
@ -58,7 +60,9 @@ func TestConvert(t *testing.T) {
|
|||||||
}
|
}
|
||||||
if bytes.Equal(b, c) == false {
|
if bytes.Equal(b, c) == false {
|
||||||
t.Errorf("Unexpected yaml conversion of %s", test.before)
|
t.Errorf("Unexpected yaml conversion of %s", test.before)
|
||||||
t.Log(string(c))
|
dmp := diffmatchpatch.New()
|
||||||
|
diffs := dmp.DiffMain(string(b), string(c), false)
|
||||||
|
t.Log(dmp.DiffCleanupSemantic(diffs))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -20,12 +20,17 @@ steps:
|
|||||||
|
|
||||||
---
|
---
|
||||||
kind: secret
|
kind: secret
|
||||||
type: general
|
name: docker_password
|
||||||
external_data:
|
|
||||||
docker_password:
|
get:
|
||||||
path: secret/docker
|
path: secret/docker
|
||||||
name: password
|
name: password
|
||||||
docker_username:
|
|
||||||
|
---
|
||||||
|
kind: secret
|
||||||
|
name: docker_username
|
||||||
|
|
||||||
|
get:
|
||||||
path: secret/docker/username
|
path: secret/docker/username
|
||||||
|
|
||||||
...
|
...
|
||||||
|
@ -20,11 +20,16 @@ steps:
|
|||||||
|
|
||||||
---
|
---
|
||||||
kind: secret
|
kind: secret
|
||||||
type: general
|
name: docker_password
|
||||||
external_data:
|
|
||||||
docker_password:
|
get:
|
||||||
path: secret/docker/password
|
path: secret/docker/password
|
||||||
docker_username:
|
|
||||||
|
---
|
||||||
|
kind: secret
|
||||||
|
name: docker_username
|
||||||
|
|
||||||
|
get:
|
||||||
path: secret/docker/username
|
path: secret/docker/username
|
||||||
|
|
||||||
...
|
...
|
||||||
|
@ -20,11 +20,16 @@ steps:
|
|||||||
|
|
||||||
---
|
---
|
||||||
kind: secret
|
kind: secret
|
||||||
type: general
|
name: docker_password
|
||||||
external_data:
|
|
||||||
docker_password:
|
get:
|
||||||
path: secret/docker/password
|
path: secret/docker/password
|
||||||
docker_username:
|
|
||||||
|
---
|
||||||
|
kind: secret
|
||||||
|
name: docker_username
|
||||||
|
|
||||||
|
get:
|
||||||
path: secret/docker/username
|
path: secret/docker/username
|
||||||
|
|
||||||
...
|
...
|
||||||
|
Loading…
Reference in New Issue
Block a user