fix vault conversion

2024-11-22 01:50:40 +00:00 · 2019-03-14 10:51:31 -07:00 · 2019-03-14 10:51:31 -07:00 · 961c7a1954
commit 961c7a1954
parent 199d1f022a
5 changed files with 63 additions and 37 deletions
--- a/yaml/converter/legacy/internal/config.go
+++ b/yaml/converter/legacy/internal/config.go
@ -7,6 +7,7 @@ package yaml
 import (
 	"bytes"
 	"fmt"
 	"sort"
 	"strings"
 	droneyaml "github.com/drone/drone-yaml/yaml"
@ -117,9 +118,8 @@ func Convert(d []byte) ([]byte, error) {
 	}
 	secrets := toSecrets(from)
-
+	for _, secret := range secrets {
-	if secrets != nil {
+		manifest.Resources = append(manifest.Resources, secret)
 		manifest.Resources = append(manifest.Resources, secrets)
 	}
 	buf := new(bytes.Buffer)
@ -214,29 +214,36 @@ func toPullPolicy(pull bool) string {
 // helper function converts the legacy secret syntax to the
 // new secret variable syntax.
-func toSecrets(from *Config) *droneyaml.Secret {
+func toSecrets(from *Config) []*droneyaml.Secret {
-	secret := &droneyaml.Secret{}
+	var keys []string
-	secret.Kind = "secret"
+	for key := range from.Secrets {
-	secret.Type = "general"
+		keys = append(keys, key)
-	secret.External = map[string]droneyaml.ExternalData{}
+	}
-	for key, val := range from.Secrets {
+	sort.Strings(keys)
-		external := droneyaml.ExternalData{}
+
 	var secrets []*droneyaml.Secret
 	for _, key := range keys {
 		val := from.Secrets[key]
 		secret := new(droneyaml.Secret)
 		secret.Name = key
 		secret.Kind = "secret"
 		if val.Driver == "vault" {
 			if val.DriverOpts != nil {
-				external.Path = val.DriverOpts["path"]
+				secret.Get.Path = val.DriverOpts["path"]
-				external.Name = val.DriverOpts["key"]
+				secret.Get.Name = val.DriverOpts["key"]
 			}
 		} else if val.Path != "" {
-			external.Path = val.Path
+			secret.Get.Path = val.Path
 		} else {
-			external.Path = val.Vault
+			secret.Get.Path = val.Vault
 		}
-		secret.External[key] = external
+		secrets = append(secrets, secret)
 	}
-	if len(secret.External) == 0 {
+	if len(secrets) == 0 {
 		return nil
 	}
-	return secret
+	return secrets
 }
 // helper function converts the legacy vargs syntax to the
--- a/yaml/converter/legacy/internal/config_test.go
+++ b/yaml/converter/legacy/internal/config_test.go
@ -8,6 +8,8 @@ import (
 	"bytes"
 	"io/ioutil"
 	"testing"
 	"github.com/sergi/go-diff/diffmatchpatch"
 )
 func TestConvert(t *testing.T) {
@ -58,7 +60,9 @@ func TestConvert(t *testing.T) {
 		}
 		if bytes.Equal(b, c) == false {
 			t.Errorf("Unexpected yaml conversion of %s", test.before)
-			t.Log(string(c))
+			dmp := diffmatchpatch.New()
 			diffs := dmp.DiffMain(string(b), string(c), false)
 			t.Log(dmp.DiffCleanupSemantic(diffs))
 		}
 	}
 }
--- a/yaml/converter/legacy/internal/testdata/vault_1.yml.golden
+++ b/yaml/converter/legacy/internal/testdata/vault_1.yml.golden
@ -20,12 +20,17 @@ steps:
 ---
 kind: secret
-type: general
+name: docker_password
-external_data:
+
-  docker_password:
+get:
-    path: secret/docker
+  path: secret/docker
-    name: password
+  name: password
-  docker_username:
+
-    path: secret/docker/username
+---
 kind: secret
 name: docker_username
 get:
  path: secret/docker/username
 ...
--- a/yaml/converter/legacy/internal/testdata/vault_2.yml.golden
+++ b/yaml/converter/legacy/internal/testdata/vault_2.yml.golden
@ -20,11 +20,16 @@ steps:
 ---
 kind: secret
-type: general
+name: docker_password
-external_data:
+
-  docker_password:
+get:
-    path: secret/docker/password
+  path: secret/docker/password
-  docker_username:
+
-    path: secret/docker/username
+---
 kind: secret
 name: docker_username
 get:
  path: secret/docker/username
 ...
--- a/yaml/converter/legacy/internal/testdata/vault_3.yml.golden
+++ b/yaml/converter/legacy/internal/testdata/vault_3.yml.golden
@ -20,11 +20,16 @@ steps:
 ---
 kind: secret
-type: general
+name: docker_password
-external_data:
+
-  docker_password:
+get:
-    path: secret/docker/password
+  path: secret/docker/password
-  docker_username:
+
-    path: secret/docker/username
+---
 kind: secret
 name: docker_username
 get:
  path: secret/docker/username
 ...