mirror of
https://github.com/thegeeklab/drone-yaml.git
synced 2024-11-22 01:50:40 +00:00
fix vault conversion
This commit is contained in:
parent
199d1f022a
commit
961c7a1954
@ -7,6 +7,7 @@ package yaml
|
||||
import (
|
||||
"bytes"
|
||||
"fmt"
|
||||
"sort"
|
||||
"strings"
|
||||
|
||||
droneyaml "github.com/drone/drone-yaml/yaml"
|
||||
@ -117,9 +118,8 @@ func Convert(d []byte) ([]byte, error) {
|
||||
}
|
||||
|
||||
secrets := toSecrets(from)
|
||||
|
||||
if secrets != nil {
|
||||
manifest.Resources = append(manifest.Resources, secrets)
|
||||
for _, secret := range secrets {
|
||||
manifest.Resources = append(manifest.Resources, secret)
|
||||
}
|
||||
|
||||
buf := new(bytes.Buffer)
|
||||
@ -214,29 +214,36 @@ func toPullPolicy(pull bool) string {
|
||||
|
||||
// helper function converts the legacy secret syntax to the
|
||||
// new secret variable syntax.
|
||||
func toSecrets(from *Config) *droneyaml.Secret {
|
||||
secret := &droneyaml.Secret{}
|
||||
secret.Kind = "secret"
|
||||
secret.Type = "general"
|
||||
secret.External = map[string]droneyaml.ExternalData{}
|
||||
for key, val := range from.Secrets {
|
||||
external := droneyaml.ExternalData{}
|
||||
func toSecrets(from *Config) []*droneyaml.Secret {
|
||||
var keys []string
|
||||
for key := range from.Secrets {
|
||||
keys = append(keys, key)
|
||||
}
|
||||
sort.Strings(keys)
|
||||
|
||||
var secrets []*droneyaml.Secret
|
||||
for _, key := range keys {
|
||||
val := from.Secrets[key]
|
||||
secret := new(droneyaml.Secret)
|
||||
secret.Name = key
|
||||
secret.Kind = "secret"
|
||||
|
||||
if val.Driver == "vault" {
|
||||
if val.DriverOpts != nil {
|
||||
external.Path = val.DriverOpts["path"]
|
||||
external.Name = val.DriverOpts["key"]
|
||||
secret.Get.Path = val.DriverOpts["path"]
|
||||
secret.Get.Name = val.DriverOpts["key"]
|
||||
}
|
||||
} else if val.Path != "" {
|
||||
external.Path = val.Path
|
||||
secret.Get.Path = val.Path
|
||||
} else {
|
||||
external.Path = val.Vault
|
||||
secret.Get.Path = val.Vault
|
||||
}
|
||||
secret.External[key] = external
|
||||
secrets = append(secrets, secret)
|
||||
}
|
||||
if len(secret.External) == 0 {
|
||||
if len(secrets) == 0 {
|
||||
return nil
|
||||
}
|
||||
return secret
|
||||
return secrets
|
||||
}
|
||||
|
||||
// helper function converts the legacy vargs syntax to the
|
||||
|
@ -8,6 +8,8 @@ import (
|
||||
"bytes"
|
||||
"io/ioutil"
|
||||
"testing"
|
||||
|
||||
"github.com/sergi/go-diff/diffmatchpatch"
|
||||
)
|
||||
|
||||
func TestConvert(t *testing.T) {
|
||||
@ -58,7 +60,9 @@ func TestConvert(t *testing.T) {
|
||||
}
|
||||
if bytes.Equal(b, c) == false {
|
||||
t.Errorf("Unexpected yaml conversion of %s", test.before)
|
||||
t.Log(string(c))
|
||||
dmp := diffmatchpatch.New()
|
||||
diffs := dmp.DiffMain(string(b), string(c), false)
|
||||
t.Log(dmp.DiffCleanupSemantic(diffs))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -20,12 +20,17 @@ steps:
|
||||
|
||||
---
|
||||
kind: secret
|
||||
type: general
|
||||
external_data:
|
||||
docker_password:
|
||||
path: secret/docker
|
||||
name: password
|
||||
docker_username:
|
||||
path: secret/docker/username
|
||||
name: docker_password
|
||||
|
||||
get:
|
||||
path: secret/docker
|
||||
name: password
|
||||
|
||||
---
|
||||
kind: secret
|
||||
name: docker_username
|
||||
|
||||
get:
|
||||
path: secret/docker/username
|
||||
|
||||
...
|
||||
|
@ -20,11 +20,16 @@ steps:
|
||||
|
||||
---
|
||||
kind: secret
|
||||
type: general
|
||||
external_data:
|
||||
docker_password:
|
||||
path: secret/docker/password
|
||||
docker_username:
|
||||
path: secret/docker/username
|
||||
name: docker_password
|
||||
|
||||
get:
|
||||
path: secret/docker/password
|
||||
|
||||
---
|
||||
kind: secret
|
||||
name: docker_username
|
||||
|
||||
get:
|
||||
path: secret/docker/username
|
||||
|
||||
...
|
||||
|
@ -20,11 +20,16 @@ steps:
|
||||
|
||||
---
|
||||
kind: secret
|
||||
type: general
|
||||
external_data:
|
||||
docker_password:
|
||||
path: secret/docker/password
|
||||
docker_username:
|
||||
path: secret/docker/username
|
||||
name: docker_password
|
||||
|
||||
get:
|
||||
path: secret/docker/password
|
||||
|
||||
---
|
||||
kind: secret
|
||||
name: docker_username
|
||||
|
||||
get:
|
||||
path: secret/docker/username
|
||||
|
||||
...
|
||||
|
Loading…
Reference in New Issue
Block a user