mirror of
https://github.com/external-secrets/external-secrets.git
synced 2024-12-14 11:57:59 +00:00
feat: edit all required changes for recursive option (#3939)
* feat: edit all required changes for recursive option Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr> * chore: make reviewable Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr> * feat: add missing param Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr> * feat: change property type to boolean Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr> * docs: new doc version Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr> --------- Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>
This commit is contained in:
parent
9f7533867d
commit
0dd419a738
10 changed files with 41 additions and 6 deletions
|
@ -34,6 +34,9 @@ type MachineIdentityScopeInWorkspace struct {
|
||||||
// +kubebuilder:default="/"
|
// +kubebuilder:default="/"
|
||||||
// +optional
|
// +optional
|
||||||
SecretsPath string `json:"secretsPath,omitempty"`
|
SecretsPath string `json:"secretsPath,omitempty"`
|
||||||
|
// +kubebuilder:default=false
|
||||||
|
// +optional
|
||||||
|
Recursive bool `json:"recursive,omitempty"`
|
||||||
// +kubebuilder:validation:Required
|
// +kubebuilder:validation:Required
|
||||||
EnvironmentSlug string `json:"environmentSlug"`
|
EnvironmentSlug string `json:"environmentSlug"`
|
||||||
// +kubebuilder:validation:Required
|
// +kubebuilder:validation:Required
|
||||||
|
|
|
@ -3234,6 +3234,9 @@ spec:
|
||||||
type: string
|
type: string
|
||||||
projectSlug:
|
projectSlug:
|
||||||
type: string
|
type: string
|
||||||
|
recursive:
|
||||||
|
default: false
|
||||||
|
type: boolean
|
||||||
secretsPath:
|
secretsPath:
|
||||||
default: /
|
default: /
|
||||||
type: string
|
type: string
|
||||||
|
|
|
@ -3234,6 +3234,9 @@ spec:
|
||||||
type: string
|
type: string
|
||||||
projectSlug:
|
projectSlug:
|
||||||
type: string
|
type: string
|
||||||
|
recursive:
|
||||||
|
default: false
|
||||||
|
type: boolean
|
||||||
secretsPath:
|
secretsPath:
|
||||||
default: /
|
default: /
|
||||||
type: string
|
type: string
|
||||||
|
|
|
@ -3652,6 +3652,9 @@ spec:
|
||||||
type: string
|
type: string
|
||||||
projectSlug:
|
projectSlug:
|
||||||
type: string
|
type: string
|
||||||
|
recursive:
|
||||||
|
default: false
|
||||||
|
type: boolean
|
||||||
secretsPath:
|
secretsPath:
|
||||||
default: /
|
default: /
|
||||||
type: string
|
type: string
|
||||||
|
@ -9490,6 +9493,9 @@ spec:
|
||||||
type: string
|
type: string
|
||||||
projectSlug:
|
projectSlug:
|
||||||
type: string
|
type: string
|
||||||
|
recursive:
|
||||||
|
default: false
|
||||||
|
type: boolean
|
||||||
secretsPath:
|
secretsPath:
|
||||||
default: /
|
default: /
|
||||||
type: string
|
type: string
|
||||||
|
|
|
@ -5252,6 +5252,17 @@ string
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td>
|
<td>
|
||||||
|
<code>recursive</code></br>
|
||||||
|
<em>
|
||||||
|
bool
|
||||||
|
</em>
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<em>(Optional)</em>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
<code>environmentSlug</code></br>
|
<code>environmentSlug</code></br>
|
||||||
<em>
|
<em>
|
||||||
string
|
string
|
||||||
|
|
|
@ -21,5 +21,7 @@ spec:
|
||||||
environmentSlug: dev # "dev", "staging", "prod", etc..
|
environmentSlug: dev # "dev", "staging", "prod", etc..
|
||||||
# optional
|
# optional
|
||||||
secretsPath: / # Root is "/"
|
secretsPath: / # Root is "/"
|
||||||
|
# optional
|
||||||
|
recursive: true # Default is false
|
||||||
# optional
|
# optional
|
||||||
hostAPI: https://app.infisical.com
|
hostAPI: https://app.infisical.com
|
||||||
|
|
|
@ -21,6 +21,7 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
|
"strconv"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
esv1beta1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
|
esv1beta1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
|
||||||
|
@ -170,6 +171,7 @@ func (a *InfisicalClient) GetSecretsV3(data GetSecretsV3Request) (map[string]str
|
||||||
q.Add("secretPath", data.SecretPath)
|
q.Add("secretPath", data.SecretPath)
|
||||||
q.Add("include_imports", "true")
|
q.Add("include_imports", "true")
|
||||||
q.Add("expandSecretReferences", "true")
|
q.Add("expandSecretReferences", "true")
|
||||||
|
q.Add("recursive", strconv.FormatBool(data.Recursive))
|
||||||
req.URL.RawQuery = q.Encode()
|
req.URL.RawQuery = q.Encode()
|
||||||
|
|
||||||
rawRes, err := a.do(req)
|
rawRes, err := a.do(req)
|
||||||
|
|
|
@ -52,6 +52,7 @@ type GetSecretByKeyV3Response struct {
|
||||||
type GetSecretsV3Request struct {
|
type GetSecretsV3Request struct {
|
||||||
EnvironmentSlug string `json:"environment"`
|
EnvironmentSlug string `json:"environment"`
|
||||||
ProjectSlug string `json:"workspaceSlug"`
|
ProjectSlug string `json:"workspaceSlug"`
|
||||||
|
Recursive bool `json:"recursive"`
|
||||||
SecretPath string `json:"secretPath"`
|
SecretPath string `json:"secretPath"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -49,8 +49,8 @@ func (p *Provider) GetSecret(ctx context.Context, ref esv1beta1.ExternalSecretDa
|
||||||
secret, err := p.apiClient.GetSecretByKeyV3(api.GetSecretByKeyV3Request{
|
secret, err := p.apiClient.GetSecretByKeyV3(api.GetSecretByKeyV3Request{
|
||||||
EnvironmentSlug: p.apiScope.EnvironmentSlug,
|
EnvironmentSlug: p.apiScope.EnvironmentSlug,
|
||||||
ProjectSlug: p.apiScope.ProjectSlug,
|
ProjectSlug: p.apiScope.ProjectSlug,
|
||||||
SecretPath: p.apiScope.SecretPath,
|
|
||||||
SecretKey: ref.Key,
|
SecretKey: ref.Key,
|
||||||
|
SecretPath: p.apiScope.SecretPath,
|
||||||
})
|
})
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -104,6 +104,7 @@ func (p *Provider) GetAllSecrets(ctx context.Context, ref esv1beta1.ExternalSecr
|
||||||
EnvironmentSlug: p.apiScope.EnvironmentSlug,
|
EnvironmentSlug: p.apiScope.EnvironmentSlug,
|
||||||
ProjectSlug: p.apiScope.ProjectSlug,
|
ProjectSlug: p.apiScope.ProjectSlug,
|
||||||
SecretPath: p.apiScope.SecretPath,
|
SecretPath: p.apiScope.SecretPath,
|
||||||
|
Recursive: p.apiScope.Recursive,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
@ -144,11 +145,12 @@ func (p *Provider) Validate() (esv1beta1.ValidationResult, error) {
|
||||||
_, err := p.apiClient.GetSecretsV3(api.GetSecretsV3Request{
|
_, err := p.apiClient.GetSecretsV3(api.GetSecretsV3Request{
|
||||||
EnvironmentSlug: p.apiScope.EnvironmentSlug,
|
EnvironmentSlug: p.apiScope.EnvironmentSlug,
|
||||||
ProjectSlug: p.apiScope.ProjectSlug,
|
ProjectSlug: p.apiScope.ProjectSlug,
|
||||||
|
Recursive: p.apiScope.Recursive,
|
||||||
SecretPath: p.apiScope.SecretPath,
|
SecretPath: p.apiScope.SecretPath,
|
||||||
})
|
})
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return esv1beta1.ValidationResultError, fmt.Errorf("cannot read secrets with provided project scope project:%s environment:%s secret-path:%s, %w", p.apiScope.ProjectSlug, p.apiScope.EnvironmentSlug, p.apiScope.SecretPath, err)
|
return esv1beta1.ValidationResultError, fmt.Errorf("cannot read secrets with provided project scope project:%s environment:%s secret-path:%s recursive:%t, %w", p.apiScope.ProjectSlug, p.apiScope.EnvironmentSlug, p.apiScope.SecretPath, p.apiScope.Recursive, err)
|
||||||
}
|
}
|
||||||
|
|
||||||
return esv1beta1.ValidationResultReady, nil
|
return esv1beta1.ValidationResultReady, nil
|
||||||
|
|
|
@ -41,9 +41,10 @@ type Provider struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
type InfisicalClientScope struct {
|
type InfisicalClientScope struct {
|
||||||
SecretPath string
|
|
||||||
ProjectSlug string
|
|
||||||
EnvironmentSlug string
|
EnvironmentSlug string
|
||||||
|
ProjectSlug string
|
||||||
|
Recursive bool
|
||||||
|
SecretPath string
|
||||||
}
|
}
|
||||||
|
|
||||||
// https://github.com/external-secrets/external-secrets/issues/644
|
// https://github.com/external-secrets/external-secrets/issues/644
|
||||||
|
@ -93,9 +94,10 @@ func (p *Provider) NewClient(ctx context.Context, store esv1beta1.GenericStore,
|
||||||
return &Provider{
|
return &Provider{
|
||||||
apiClient: apiClient,
|
apiClient: apiClient,
|
||||||
apiScope: &InfisicalClientScope{
|
apiScope: &InfisicalClientScope{
|
||||||
SecretPath: infisicalSpec.SecretsScope.SecretsPath,
|
|
||||||
ProjectSlug: infisicalSpec.SecretsScope.ProjectSlug,
|
|
||||||
EnvironmentSlug: infisicalSpec.SecretsScope.EnvironmentSlug,
|
EnvironmentSlug: infisicalSpec.SecretsScope.EnvironmentSlug,
|
||||||
|
ProjectSlug: infisicalSpec.SecretsScope.ProjectSlug,
|
||||||
|
Recursive: infisicalSpec.SecretsScope.Recursive,
|
||||||
|
SecretPath: infisicalSpec.SecretsScope.SecretsPath,
|
||||||
},
|
},
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue