From 9ff86eab5114edca5449633927d7959039db53a1 Mon Sep 17 00:00:00 2001 From: Moritz Johner Date: Thu, 2 Nov 2023 14:37:59 +0100 Subject: [PATCH] fix: remove sourceRef.generatorRef from .data[] (#2735) fix: deprecate sourceRef.generatorRef from .data[] A generator is supposed to be used via .dataFrom[]. Usage in .data[] is not implemented and doesn't make sense, see #2720. This commit splits the SourceRef into two types: - one that only defines a secretStoreRef - one that allows to define either secretStoreRef or generatorRef The former is used in .data[] and the latter is used in .dataFrom[]. The Deprecated field is going to be removed with v1. Signed-off-by: Moritz Johner --- .../v1beta1/externalsecret_types.go | 25 +++++-- .../v1beta1/externalsecret_validator_test.go | 4 +- .../v1beta1/zz_generated.deepcopy.go | 33 +++++++-- ...nal-secrets.io_clusterexternalsecrets.yaml | 7 +- .../external-secrets.io_externalsecrets.yaml | 8 +-- deploy/crds/bundle.yaml | 8 +-- docs/api/spec.md | 70 ++++++++++++++++--- docs/snippets/full-external-secret.yaml | 6 -- e2e/suites/generator/ecr.go | 2 +- e2e/suites/generator/fake.go | 2 +- e2e/suites/generator/password.go | 2 +- .../provider/cases/scaleway/provider.go | 22 +++--- .../externalsecret_controller.go | 6 +- .../externalsecret_controller_secret.go | 21 ++++-- .../externalsecret_controller_test.go | 6 +- pkg/controllers/secretstore/client_manager.go | 2 +- .../secretstore/client_manager_test.go | 4 +- 17 files changed, 162 insertions(+), 66 deletions(-) diff --git a/apis/externalsecrets/v1beta1/externalsecret_types.go b/apis/externalsecrets/v1beta1/externalsecret_types.go index 1a679cbd8..4d2ca3f40 100644 --- a/apis/externalsecrets/v1beta1/externalsecret_types.go +++ b/apis/externalsecrets/v1beta1/externalsecret_types.go @@ -197,7 +197,7 @@ type ExternalSecretData struct { // SourceRef allows you to override the source // from which the value will pulled from. - SourceRef *SourceRef `json:"sourceRef,omitempty"` + SourceRef *StoreSourceRef `json:"sourceRef,omitempty"` } // ExternalSecretDataRemoteRef defines Provider data location. @@ -276,7 +276,7 @@ type ExternalSecretDataFromRemoteRef struct { // a specific SecretStore. // When sourceRef points to a generator Extract or Find is not supported. // The generator returns a static map of values - SourceRef *SourceRef `json:"sourceRef,omitempty"` + SourceRef *StoreGeneratorSourceRef `json:"sourceRef,omitempty"` } type ExternalSecretRewrite struct { @@ -357,15 +357,30 @@ type ExternalSecretSpec struct { DataFrom []ExternalSecretDataFromRemoteRef `json:"dataFrom,omitempty"` } -// SourceRef allows you to override the source +// StoreSourceRef allows you to override the SecretStore source // from which the secret will be pulled from. // You can define at maximum one property. // +kubebuilder:validation:MaxProperties=1 -type SourceRef struct { +type StoreSourceRef struct { + // +optional + SecretStoreRef SecretStoreRef `json:"storeRef"` + + // GeneratorRef points to a generator custom resource. + // + // Deprecated: The generatorRef is not implemented in .data[]. + // this will be removed with v1. + GeneratorRef *GeneratorRef `json:"generatorRef,omitempty"` +} + +// StoreGeneratorSourceRef allows you to override the source +// from which the secret will be pulled from. +// You can define at maximum one property. +// +kubebuilder:validation:MaxProperties=1 +type StoreGeneratorSourceRef struct { // +optional SecretStoreRef *SecretStoreRef `json:"storeRef,omitempty"` - // GeneratorRef points to a generator custom resource in + // GeneratorRef points to a generator custom resource. // +optional GeneratorRef *GeneratorRef `json:"generatorRef,omitempty"` } diff --git a/apis/externalsecrets/v1beta1/externalsecret_validator_test.go b/apis/externalsecrets/v1beta1/externalsecret_validator_test.go index af8ae54c4..df9e38922 100644 --- a/apis/externalsecrets/v1beta1/externalsecret_validator_test.go +++ b/apis/externalsecrets/v1beta1/externalsecret_validator_test.go @@ -61,7 +61,7 @@ func TestValidateExternalSecret(t *testing.T) { DataFrom: []ExternalSecretDataFromRemoteRef{ { Find: &ExternalSecretFind{}, - SourceRef: &SourceRef{ + SourceRef: &StoreGeneratorSourceRef{ GeneratorRef: &GeneratorRef{}, }, }, @@ -77,7 +77,7 @@ func TestValidateExternalSecret(t *testing.T) { DataFrom: []ExternalSecretDataFromRemoteRef{ { Extract: &ExternalSecretDataRemoteRef{}, - SourceRef: &SourceRef{ + SourceRef: &StoreGeneratorSourceRef{ GeneratorRef: &GeneratorRef{}, }, }, diff --git a/apis/externalsecrets/v1beta1/zz_generated.deepcopy.go b/apis/externalsecrets/v1beta1/zz_generated.deepcopy.go index f83dce4c0..e64b30ebb 100644 --- a/apis/externalsecrets/v1beta1/zz_generated.deepcopy.go +++ b/apis/externalsecrets/v1beta1/zz_generated.deepcopy.go @@ -889,7 +889,7 @@ func (in *ExternalSecretData) DeepCopyInto(out *ExternalSecretData) { out.RemoteRef = in.RemoteRef if in.SourceRef != nil { in, out := &in.SourceRef, &out.SourceRef - *out = new(SourceRef) + *out = new(StoreSourceRef) (*in).DeepCopyInto(*out) } } @@ -926,7 +926,7 @@ func (in *ExternalSecretDataFromRemoteRef) DeepCopyInto(out *ExternalSecretDataF } if in.SourceRef != nil { in, out := &in.SourceRef, &out.SourceRef - *out = new(SourceRef) + *out = new(StoreGeneratorSourceRef) (*in).DeepCopyInto(*out) } } @@ -2142,7 +2142,7 @@ func (in *SenhaseguraProvider) DeepCopy() *SenhaseguraProvider { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SourceRef) DeepCopyInto(out *SourceRef) { +func (in *StoreGeneratorSourceRef) DeepCopyInto(out *StoreGeneratorSourceRef) { *out = *in if in.SecretStoreRef != nil { in, out := &in.SecretStoreRef, &out.SecretStoreRef @@ -2156,12 +2156,33 @@ func (in *SourceRef) DeepCopyInto(out *SourceRef) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SourceRef. -func (in *SourceRef) DeepCopy() *SourceRef { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StoreGeneratorSourceRef. +func (in *StoreGeneratorSourceRef) DeepCopy() *StoreGeneratorSourceRef { if in == nil { return nil } - out := new(SourceRef) + out := new(StoreGeneratorSourceRef) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *StoreSourceRef) DeepCopyInto(out *StoreSourceRef) { + *out = *in + out.SecretStoreRef = in.SecretStoreRef + if in.GeneratorRef != nil { + in, out := &in.GeneratorRef, &out.GeneratorRef + *out = new(GeneratorRef) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StoreSourceRef. +func (in *StoreSourceRef) DeepCopy() *StoreSourceRef { + if in == nil { + return nil + } + out := new(StoreSourceRef) in.DeepCopyInto(out) return out } diff --git a/config/crds/bases/external-secrets.io_clusterexternalsecrets.yaml b/config/crds/bases/external-secrets.io_clusterexternalsecrets.yaml index 021de58b2..aab3c3b27 100644 --- a/config/crds/bases/external-secrets.io_clusterexternalsecrets.yaml +++ b/config/crds/bases/external-secrets.io_clusterexternalsecrets.yaml @@ -128,8 +128,9 @@ spec: maxProperties: 1 properties: generatorRef: - description: GeneratorRef points to a generator custom - resource in + description: "GeneratorRef points to a generator custom + resource. \n Deprecated: The generatorRef is not implemented + in .data[]. this will be removed with v1." properties: apiVersion: default: generators.external-secrets.io/v1alpha1 @@ -303,7 +304,7 @@ spec: properties: generatorRef: description: GeneratorRef points to a generator custom - resource in + resource. properties: apiVersion: default: generators.external-secrets.io/v1alpha1 diff --git a/config/crds/bases/external-secrets.io_externalsecrets.yaml b/config/crds/bases/external-secrets.io_externalsecrets.yaml index f38b9674d..59e4059c5 100644 --- a/config/crds/bases/external-secrets.io_externalsecrets.yaml +++ b/config/crds/bases/external-secrets.io_externalsecrets.yaml @@ -377,8 +377,9 @@ spec: maxProperties: 1 properties: generatorRef: - description: GeneratorRef points to a generator custom resource - in + description: "GeneratorRef points to a generator custom + resource. \n Deprecated: The generatorRef is not implemented + in .data[]. this will be removed with v1." properties: apiVersion: default: generators.external-secrets.io/v1alpha1 @@ -550,8 +551,7 @@ spec: maxProperties: 1 properties: generatorRef: - description: GeneratorRef points to a generator custom resource - in + description: GeneratorRef points to a generator custom resource. properties: apiVersion: default: generators.external-secrets.io/v1alpha1 diff --git a/deploy/crds/bundle.yaml b/deploy/crds/bundle.yaml index 1518f2b35..e1f2051a5 100644 --- a/deploy/crds/bundle.yaml +++ b/deploy/crds/bundle.yaml @@ -112,7 +112,7 @@ spec: maxProperties: 1 properties: generatorRef: - description: GeneratorRef points to a generator custom resource in + description: "GeneratorRef points to a generator custom resource. \n Deprecated: The generatorRef is not implemented in .data[]. this will be removed with v1." properties: apiVersion: default: generators.external-secrets.io/v1alpha1 @@ -256,7 +256,7 @@ spec: maxProperties: 1 properties: generatorRef: - description: GeneratorRef points to a generator custom resource in + description: GeneratorRef points to a generator custom resource. properties: apiVersion: default: generators.external-secrets.io/v1alpha1 @@ -3840,7 +3840,7 @@ spec: maxProperties: 1 properties: generatorRef: - description: GeneratorRef points to a generator custom resource in + description: "GeneratorRef points to a generator custom resource. \n Deprecated: The generatorRef is not implemented in .data[]. this will be removed with v1." properties: apiVersion: default: generators.external-secrets.io/v1alpha1 @@ -3984,7 +3984,7 @@ spec: maxProperties: 1 properties: generatorRef: - description: GeneratorRef points to a generator custom resource in + description: GeneratorRef points to a generator custom resource. properties: apiVersion: default: generators.external-secrets.io/v1alpha1 diff --git a/docs/api/spec.md b/docs/api/spec.md index a2e760931..bf54dcbf7 100644 --- a/docs/api/spec.md +++ b/docs/api/spec.md @@ -2454,8 +2454,8 @@ which secret (version/property/..) to fetch.

sourceRef
- -SourceRef + +StoreSourceRef @@ -2531,8 +2531,8 @@ Multiple Rewrite operations can be provided. They are applied in a layered order sourceRef
- -SourceRef + +StoreGeneratorSourceRef @@ -3710,7 +3710,8 @@ string

(Appears on: -SourceRef) +StoreGeneratorSourceRef, +StoreSourceRef)

GeneratorRef points to a generator custom resource.

@@ -5249,7 +5250,8 @@ DelineaProvider

(Appears on: ExternalSecretSpec, -SourceRef) +StoreGeneratorSourceRef, +StoreSourceRef)

SecretStoreRef defines which SecretStore to fetch the ExternalSecret data.

@@ -5671,15 +5673,14 @@ bool -

SourceRef +

StoreGeneratorSourceRef

(Appears on: -ExternalSecretData, ExternalSecretDataFromRemoteRef)

-

SourceRef allows you to override the source +

StoreGeneratorSourceRef allows you to override the source from which the secret will be pulled from. You can define at maximum one property.

@@ -5715,7 +5716,56 @@ GeneratorRef (Optional) -

GeneratorRef points to a generator custom resource in

+

GeneratorRef points to a generator custom resource.

+ + + + +

StoreSourceRef +

+

+(Appears on: +ExternalSecretData) +

+

+

StoreSourceRef allows you to override the SecretStore source +from which the secret will be pulled from. +You can define at maximum one property.

+

+ + + + + + + + + + + + + + + diff --git a/docs/snippets/full-external-secret.yaml b/docs/snippets/full-external-secret.yaml index aa97faa22..873f1d62a 100644 --- a/docs/snippets/full-external-secret.yaml +++ b/docs/snippets/full-external-secret.yaml @@ -84,12 +84,6 @@ spec: name: aws-secretstore kind: ClusterSecretStore - # point to a generator resource that provides the secret value - generatorRef: - apiVersion: generators.external-secrets.io/v1alpha1 - kind: Password - name: db-password - # Used to fetch all properties from the Provider key # If multiple dataFrom are specified, secrets are merged in the specified order dataFrom: diff --git a/e2e/suites/generator/ecr.go b/e2e/suites/generator/ecr.go index 3bbc0cc6d..92debfcd0 100644 --- a/e2e/suites/generator/ecr.go +++ b/e2e/suites/generator/ecr.go @@ -85,7 +85,7 @@ var _ = Describe("ecr generator", Label("ecr"), func() { customResourceGenerator := func(tc *testCase) { tc.ExternalSecret.Spec.DataFrom = []esv1beta1.ExternalSecretDataFromRemoteRef{ { - SourceRef: &esv1beta1.SourceRef{ + SourceRef: &esv1beta1.StoreGeneratorSourceRef{ GeneratorRef: &esv1beta1.GeneratorRef{ // we don't need to specify the apiVersion, // this should be inferred by the controller. diff --git a/e2e/suites/generator/fake.go b/e2e/suites/generator/fake.go index 5391faee6..86f521eaf 100644 --- a/e2e/suites/generator/fake.go +++ b/e2e/suites/generator/fake.go @@ -58,7 +58,7 @@ var _ = Describe("fake generator", Label("fake"), func() { customResourceGenerator := func(tc *testCase) { tc.ExternalSecret.Spec.DataFrom = []esv1beta1.ExternalSecretDataFromRemoteRef{ { - SourceRef: &esv1beta1.SourceRef{ + SourceRef: &esv1beta1.StoreGeneratorSourceRef{ GeneratorRef: &esv1beta1.GeneratorRef{ // we don't need to specify the apiVersion, // this should be inferred by the controller. diff --git a/e2e/suites/generator/password.go b/e2e/suites/generator/password.go index 7825cf659..d0857b824 100644 --- a/e2e/suites/generator/password.go +++ b/e2e/suites/generator/password.go @@ -51,7 +51,7 @@ var _ = Describe("password generator", Label("password"), func() { customResourceGenerator := func(tc *testCase) { tc.ExternalSecret.Spec.DataFrom = []esv1beta1.ExternalSecretDataFromRemoteRef{ { - SourceRef: &esv1beta1.SourceRef{ + SourceRef: &esv1beta1.StoreGeneratorSourceRef{ GeneratorRef: &esv1beta1.GeneratorRef{ // we don't need to specify the apiVersion, // this should be inferred by the controller. diff --git a/e2e/suites/provider/cases/scaleway/provider.go b/e2e/suites/provider/cases/scaleway/provider.go index 5ce217674..0ffb98a86 100644 --- a/e2e/suites/provider/cases/scaleway/provider.go +++ b/e2e/suites/provider/cases/scaleway/provider.go @@ -88,19 +88,25 @@ func (p *secretStoreProvider) DeleteSecret(key string) { gomega.Expect(key).To(gomega.HavePrefix(remoteRefPrefix)) secretName := key[len(remoteRefPrefix):] - secret, err := p.api.GetSecretByName(&smapi.GetSecretByNameRequest{ - SecretName: secretName, + p.api.GetSecret(&smapi.GetSecretRequest{ + Region: "", + SecretID: "", + }) + res, err := p.api.ListSecrets(&smapi.ListSecretsRequest{ + Name: &secretName, }) if _, isErrNotFound := err.(*scw.ResourceNotFoundError); isErrNotFound { return } gomega.Expect(err).ToNot(gomega.HaveOccurred()) - err = p.api.DeleteSecret(&smapi.DeleteSecretRequest{ - SecretID: secret.ID, - }) - if _, isErrNotFound := err.(*scw.ResourceNotFoundError); isErrNotFound { - return + for _, secret := range res.Secrets { + err = p.api.DeleteSecret(&smapi.DeleteSecretRequest{ + SecretID: secret.ID, + }) + if _, isErrNotFound := err.(*scw.ResourceNotFoundError); isErrNotFound { + return + } + gomega.Expect(err).ToNot(gomega.HaveOccurred()) } - gomega.Expect(err).ToNot(gomega.HaveOccurred()) } diff --git a/pkg/controllers/externalsecret/externalsecret_controller.go b/pkg/controllers/externalsecret/externalsecret_controller.go index 68e08ed15..27747f744 100644 --- a/pkg/controllers/externalsecret/externalsecret_controller.go +++ b/pkg/controllers/externalsecret/externalsecret_controller.go @@ -507,8 +507,8 @@ func shouldSkipUnmanagedStore(ctx context.Context, namespace string, r *Reconcil } for _, ref := range es.Spec.Data { - if ref.SourceRef != nil && ref.SourceRef.SecretStoreRef != nil { - storeList = append(storeList, *ref.SourceRef.SecretStoreRef) + if ref.SourceRef != nil { + storeList = append(storeList, ref.SourceRef.SecretStoreRef) } } @@ -519,7 +519,7 @@ func shouldSkipUnmanagedStore(ctx context.Context, namespace string, r *Reconcil // verify that generator's controllerClass matches if ref.SourceRef != nil && ref.SourceRef.GeneratorRef != nil { - genDef, err := r.getGeneratorDefinition(ctx, namespace, ref.SourceRef) + genDef, err := r.getGeneratorDefinition(ctx, namespace, ref.SourceRef.GeneratorRef) if err != nil { return false, err } diff --git a/pkg/controllers/externalsecret/externalsecret_controller_secret.go b/pkg/controllers/externalsecret/externalsecret_controller_secret.go index 335a666f1..25cb14747 100644 --- a/pkg/controllers/externalsecret/externalsecret_controller_secret.go +++ b/pkg/controllers/externalsecret/externalsecret_controller_secret.go @@ -89,7 +89,7 @@ func (r *Reconciler) getProviderSecretData(ctx context.Context, externalSecret * } func (r *Reconciler) handleSecretData(ctx context.Context, i int, externalSecret esv1beta1.ExternalSecret, secretRef esv1beta1.ExternalSecretData, providerData map[string][]byte, cmgr *secretstore.Manager) error { - client, err := cmgr.Get(ctx, externalSecret.Spec.SecretStoreRef, externalSecret.Namespace, secretRef.SourceRef) + client, err := cmgr.Get(ctx, externalSecret.Spec.SecretStoreRef, externalSecret.Namespace, toStoreGenSourceRef(secretRef.SourceRef)) if err != nil { return err } @@ -105,8 +105,17 @@ func (r *Reconciler) handleSecretData(ctx context.Context, i int, externalSecret return nil } +func toStoreGenSourceRef(ref *esv1beta1.StoreSourceRef) *esv1beta1.StoreGeneratorSourceRef { + if ref == nil { + return nil + } + return &esv1beta1.StoreGeneratorSourceRef{ + SecretStoreRef: &ref.SecretStoreRef, + } +} + func (r *Reconciler) handleGenerateSecrets(ctx context.Context, namespace string, remoteRef esv1beta1.ExternalSecretDataFromRemoteRef, i int) (map[string][]byte, error) { - genDef, err := r.getGeneratorDefinition(ctx, namespace, remoteRef.SourceRef) + genDef, err := r.getGeneratorDefinition(ctx, namespace, remoteRef.SourceRef.GeneratorRef) if err != nil { return nil, err } @@ -130,7 +139,7 @@ func (r *Reconciler) handleGenerateSecrets(ctx context.Context, namespace string // getGeneratorDefinition returns the generator JSON for a given sourceRef // when it uses a generatorRef it fetches the resource and returns the JSON. -func (r *Reconciler) getGeneratorDefinition(ctx context.Context, namespace string, sourceRef *esv1beta1.SourceRef) (*apiextensions.JSON, error) { +func (r *Reconciler) getGeneratorDefinition(ctx context.Context, namespace string, generatorRef *esv1beta1.GeneratorRef) (*apiextensions.JSON, error) { // client-go dynamic client needs a GVR to fetch the resource // But we only have the GVK in our generatorRef. // @@ -142,14 +151,14 @@ func (r *Reconciler) getGeneratorDefinition(ctx context.Context, namespace strin return nil, err } - gv, err := schema.ParseGroupVersion(sourceRef.GeneratorRef.APIVersion) + gv, err := schema.ParseGroupVersion(generatorRef.APIVersion) if err != nil { return nil, err } mapper := restmapper.NewDiscoveryRESTMapper(groupResources) mapping, err := mapper.RESTMapping(schema.GroupKind{ Group: gv.Group, - Kind: sourceRef.GeneratorRef.Kind, + Kind: generatorRef.Kind, }) if err != nil { return nil, err @@ -160,7 +169,7 @@ func (r *Reconciler) getGeneratorDefinition(ctx context.Context, namespace strin } res, err := d.Resource(mapping.Resource). Namespace(namespace). - Get(ctx, sourceRef.GeneratorRef.Name, metav1.GetOptions{}) + Get(ctx, generatorRef.Name, metav1.GetOptions{}) if err != nil { return nil, err } diff --git a/pkg/controllers/externalsecret/externalsecret_controller_test.go b/pkg/controllers/externalsecret/externalsecret_controller_test.go index 08e425391..d1f64e58b 100644 --- a/pkg/controllers/externalsecret/externalsecret_controller_test.go +++ b/pkg/controllers/externalsecret/externalsecret_controller_test.go @@ -527,7 +527,7 @@ var _ = Describe("ExternalSecret controller", Serial, func() { tc.externalSecret.Spec.Data = nil tc.externalSecret.Spec.DataFrom = []esv1beta1.ExternalSecretDataFromRemoteRef{ { - SourceRef: &esv1beta1.SourceRef{ + SourceRef: &esv1beta1.StoreGeneratorSourceRef{ GeneratorRef: &esv1beta1.GeneratorRef{ APIVersion: genv1alpha1.Group + "/" + genv1alpha1.Version, Kind: "Fake", @@ -652,7 +652,7 @@ var _ = Describe("ExternalSecret controller", Serial, func() { Extract: &esv1beta1.ExternalSecretDataRemoteRef{ Key: "foo", }, - SourceRef: &esv1beta1.SourceRef{ + SourceRef: &esv1beta1.StoreGeneratorSourceRef{ SecretStoreRef: &esv1beta1.SecretStoreRef{ Name: "foo", Kind: esv1beta1.SecretStoreKind, @@ -663,7 +663,7 @@ var _ = Describe("ExternalSecret controller", Serial, func() { Extract: &esv1beta1.ExternalSecretDataRemoteRef{ Key: "baz", }, - SourceRef: &esv1beta1.SourceRef{ + SourceRef: &esv1beta1.StoreGeneratorSourceRef{ SecretStoreRef: &esv1beta1.SecretStoreRef{ Name: "baz", Kind: esv1beta1.SecretStoreKind, diff --git a/pkg/controllers/secretstore/client_manager.go b/pkg/controllers/secretstore/client_manager.go index 3b5a5b8db..ad226f725 100644 --- a/pkg/controllers/secretstore/client_manager.go +++ b/pkg/controllers/secretstore/client_manager.go @@ -103,7 +103,7 @@ func (m *Manager) GetFromStore(ctx context.Context, store esv1beta1.GenericStore // while sourceRef.SecretStoreRef takes precedence over storeRef. // Do not close the client returned from this func, instead close // the manager once you're done with recinciling the external secret. -func (m *Manager) Get(ctx context.Context, storeRef esv1beta1.SecretStoreRef, namespace string, sourceRef *esv1beta1.SourceRef) (esv1beta1.SecretsClient, error) { +func (m *Manager) Get(ctx context.Context, storeRef esv1beta1.SecretStoreRef, namespace string, sourceRef *esv1beta1.StoreGeneratorSourceRef) (esv1beta1.SecretsClient, error) { if sourceRef != nil && sourceRef.SecretStoreRef != nil { storeRef = *sourceRef.SecretStoreRef } diff --git a/pkg/controllers/secretstore/client_manager_test.go b/pkg/controllers/secretstore/client_manager_test.go index 797690fd5..02fb69726 100644 --- a/pkg/controllers/secretstore/client_manager_test.go +++ b/pkg/controllers/secretstore/client_manager_test.go @@ -100,7 +100,7 @@ func TestManagerGet(t *testing.T) { type args struct { storeRef esv1beta1.SecretStoreRef namespace string - sourceRef *esv1beta1.SourceRef + sourceRef *esv1beta1.StoreGeneratorSourceRef } tests := []struct { name string @@ -168,7 +168,7 @@ func TestManagerGet(t *testing.T) { Kind: esv1beta1.SecretStoreKind, }, // this should take precedence - sourceRef: &esv1beta1.SourceRef{ + sourceRef: &esv1beta1.StoreGeneratorSourceRef{ SecretStoreRef: &esv1beta1.SecretStoreRef{ Name: otherStore.Name, Kind: esv1beta1.SecretStoreKind,
FieldDescription
+storeRef
+ + +SecretStoreRef + + +		 +(Optional) +
+generatorRef
+ + +GeneratorRef + + +		 +

GeneratorRef points to a generator custom resource.

+

Deprecated: The generatorRef is not implemented in .data[]. +this will be removed with v1.