mirrors/external-secrets
1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Code Activity

feat: edit all required changes for recursive option (#3939)

Browse source 
* feat: edit all required changes for recursive option

Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>

* chore: make reviewable

Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>

* feat: add missing param

Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>

* feat: change property type to boolean

Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>

* docs: new doc version

Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>

---------

Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>
This commit is contained in:
Tchoupinax 2024-10-14 09:24:48 +02:00 committed by GitHub
parent 9f7533867d
commit 0dd419a738
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
10 changed files with 41 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
apis/externalsecrets/v1beta1/secretsstore_infisical_types.go
View file

@ -34,6 +34,9 @@ type MachineIdentityScopeInWorkspace struct {
// +kubebuilder:default="/"
// +optional
SecretsPath string `json:"secretsPath,omitempty"`
// +kubebuilder:default=false
// +optional
Recursive bool `json:"recursive,omitempty"`
// +kubebuilder:validation:Required
EnvironmentSlug string `json:"environmentSlug"`
// +kubebuilder:validation:Required

3
config/crds/bases/external-secrets.io_clustersecretstores.yaml
View file

@ -3234,6 +3234,9 @@ spec:
type: string
projectSlug:
type: string
recursive:
default: false
type: boolean
secretsPath:
default: /
type: string

3
config/crds/bases/external-secrets.io_secretstores.yaml
View file

@ -3234,6 +3234,9 @@ spec:
type: string
projectSlug:
type: string
recursive:
default: false
type: boolean
secretsPath:
default: /
type: string

6
deploy/crds/bundle.yaml
View file

@ -3652,6 +3652,9 @@ spec:
type: string
projectSlug:
type: string
recursive:
default: false
type: boolean
secretsPath:
default: /
type: string
@ -9490,6 +9493,9 @@ spec:
type: string
projectSlug:
type: string
recursive:
default: false
type: boolean
secretsPath:
default: /
type: string

11
docs/api/spec.md
View file

@ -5252,6 +5252,17 @@ string
</tr>
<tr>
<td>
<code>recursive</code></br>
<em>
bool
</em>
</td>
<td>
<em>(Optional)</em>
</td>
</tr>
<tr>
<td>
<code>environmentSlug</code></br>
<em>
string

2
docs/snippets/infisical-generic-secret-store.yaml
View file

@ -21,5 +21,7 @@ spec:
environmentSlug: dev # "dev", "staging", "prod", etc..
# optional
secretsPath: / # Root is "/"
# optional
recursive: true # Default is false
# optional
hostAPI: https://app.infisical.com

2
pkg/provider/infisical/api/api.go
View file

@ -21,6 +21,7 @@ import (
"fmt"
"net/http"
"net/url"
"strconv"
"time"
esv1beta1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
@ -170,6 +171,7 @@ func (a *InfisicalClient) GetSecretsV3(data GetSecretsV3Request) (map[string]str
q.Add("secretPath", data.SecretPath)
q.Add("include_imports", "true")
q.Add("expandSecretReferences", "true")
q.Add("recursive", strconv.FormatBool(data.Recursive))
req.URL.RawQuery = q.Encode()
rawRes, err := a.do(req)

1
pkg/provider/infisical/api/api_models.go
View file

@ -52,6 +52,7 @@ type GetSecretByKeyV3Response struct {
type GetSecretsV3Request struct {
EnvironmentSlug string `json:"environment"`
ProjectSlug string `json:"workspaceSlug"`
Recursive bool `json:"recursive"`
SecretPath string `json:"secretPath"`
}

6
pkg/provider/infisical/client.go
View file

@ -49,8 +49,8 @@ func (p *Provider) GetSecret(ctx context.Context, ref esv1beta1.ExternalSecretDa
secret, err := p.apiClient.GetSecretByKeyV3(api.GetSecretByKeyV3Request{
EnvironmentSlug: p.apiScope.EnvironmentSlug,
ProjectSlug: p.apiScope.ProjectSlug,
SecretPath: p.apiScope.SecretPath,
SecretKey: ref.Key,
SecretPath: p.apiScope.SecretPath,
})
if err != nil {
@ -104,6 +104,7 @@ func (p *Provider) GetAllSecrets(ctx context.Context, ref esv1beta1.ExternalSecr
EnvironmentSlug: p.apiScope.EnvironmentSlug,
ProjectSlug: p.apiScope.ProjectSlug,
SecretPath: p.apiScope.SecretPath,
Recursive: p.apiScope.Recursive,
})
if err != nil {
return nil, err
@ -144,11 +145,12 @@ func (p *Provider) Validate() (esv1beta1.ValidationResult, error) {
_, err := p.apiClient.GetSecretsV3(api.GetSecretsV3Request{
EnvironmentSlug: p.apiScope.EnvironmentSlug,
ProjectSlug: p.apiScope.ProjectSlug,
Recursive: p.apiScope.Recursive,
SecretPath: p.apiScope.SecretPath,
})
if err != nil {
return esv1beta1.ValidationResultError, fmt.Errorf("cannot read secrets with provided project scope project:%s environment:%s secret-path:%s, %w", p.apiScope.ProjectSlug, p.apiScope.EnvironmentSlug, p.apiScope.SecretPath, err)
return esv1beta1.ValidationResultError, fmt.Errorf("cannot read secrets with provided project scope project:%s environment:%s secret-path:%s recursive:%t, %w", p.apiScope.ProjectSlug, p.apiScope.EnvironmentSlug, p.apiScope.SecretPath, p.apiScope.Recursive, err)
}
return esv1beta1.ValidationResultReady, nil

10
pkg/provider/infisical/provider.go
View file

@ -41,9 +41,10 @@ type Provider struct {
}
type InfisicalClientScope struct {
SecretPath string
ProjectSlug string
EnvironmentSlug string
ProjectSlug string
Recursive bool
SecretPath string
}
// https://github.com/external-secrets/external-secrets/issues/644
@ -93,9 +94,10 @@ func (p *Provider) NewClient(ctx context.Context, store esv1beta1.GenericStore,
return &Provider{
apiClient: apiClient,
apiScope: &InfisicalClientScope{
SecretPath: infisicalSpec.SecretsScope.SecretsPath,
ProjectSlug: infisicalSpec.SecretsScope.ProjectSlug,
EnvironmentSlug: infisicalSpec.SecretsScope.EnvironmentSlug,
ProjectSlug: infisicalSpec.SecretsScope.ProjectSlug,
Recursive: infisicalSpec.SecretsScope.Recursive,
SecretPath: infisicalSpec.SecretsScope.SecretsPath,
},
}, nil
}