Skip to content

Commit d78043d

Browse files
deepsm007deepsm007
committed
Order branches and commits where loaded, remove marshal overrides
1 parent 7c717b8 commit d78043d

File tree

8 files changed

+317
-224
lines changed

8 files changed

+317
-224
lines changed

cmd/ci-secret-bootstrap/main_test.go

Lines changed: 57 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -176,36 +176,44 @@ var (
176176
}
177177

178178
defaultConfig = secretbootstrap.Config{
179+
ClusterGroups: nil,
179180
Secrets: []secretbootstrap.SecretConfig{
180181
{
181182
From: map[string]secretbootstrap.ItemContext{
182183
"key-name-1": {
183-
Item: "item-name-1",
184-
Field: "field-name-1",
184+
Item: "item-name-1",
185+
Field: "field-name-1",
186+
DockerConfigJSONData: nil,
185187
},
186188
"key-name-2": {
187-
Item: "item-name-1",
188-
Field: "field-name-2",
189+
Item: "item-name-1",
190+
Field: "field-name-2",
191+
DockerConfigJSONData: nil,
189192
},
190193
"key-name-3": {
191-
Item: "item-name-1",
192-
Field: "field-name-3",
194+
Item: "item-name-1",
195+
Field: "field-name-3",
196+
DockerConfigJSONData: nil,
193197
},
194198
"key-name-4": {
195-
Item: "item-name-2",
196-
Field: "field-name-1",
199+
Item: "item-name-2",
200+
Field: "field-name-1",
201+
DockerConfigJSONData: nil,
197202
},
198203
"key-name-5": {
199-
Item: "item-name-2",
200-
Field: "field-name-2",
204+
Item: "item-name-2",
205+
Field: "field-name-2",
206+
DockerConfigJSONData: nil,
201207
},
202208
"key-name-6": {
203-
Item: "item-name-3",
204-
Field: "field-name-1",
209+
Item: "item-name-3",
210+
Field: "field-name-1",
211+
DockerConfigJSONData: nil,
205212
},
206213
"key-name-7": {
207-
Item: "item-name-2",
208-
Field: "field-name-2",
214+
Item: "item-name-2",
215+
Field: "field-name-2",
216+
DockerConfigJSONData: nil,
209217
},
210218
},
211219
To: []secretbootstrap.SecretContext{
@@ -224,8 +232,9 @@ var (
224232
{
225233
From: map[string]secretbootstrap.ItemContext{
226234
".dockerconfigjson": {
227-
Item: "quay.io",
228-
Field: "pull-credentials",
235+
Item: "quay.io",
236+
Field: "pull-credentials",
237+
DockerConfigJSONData: nil,
229238
},
230239
},
231240
To: []secretbootstrap.SecretContext{
@@ -240,36 +249,44 @@ var (
240249
},
241250
}
242251
defaultConfigWithoutDefaultCluster = secretbootstrap.Config{
252+
ClusterGroups: nil,
243253
Secrets: []secretbootstrap.SecretConfig{
244254
{
245255
From: map[string]secretbootstrap.ItemContext{
246256
"key-name-1": {
247-
Item: "item-name-1",
248-
Field: "field-name-1",
257+
Item: "item-name-1",
258+
Field: "field-name-1",
259+
DockerConfigJSONData: nil,
249260
},
250261
"key-name-2": {
251-
Item: "item-name-1",
252-
Field: "field-name-2",
262+
Item: "item-name-1",
263+
Field: "field-name-2",
264+
DockerConfigJSONData: nil,
253265
},
254266
"key-name-3": {
255-
Item: "item-name-1",
256-
Field: "field-name-3",
267+
Item: "item-name-1",
268+
Field: "field-name-3",
269+
DockerConfigJSONData: nil,
257270
},
258271
"key-name-4": {
259-
Item: "item-name-2",
260-
Field: "field-name-1",
272+
Item: "item-name-2",
273+
Field: "field-name-1",
274+
DockerConfigJSONData: nil,
261275
},
262276
"key-name-5": {
263-
Item: "item-name-2",
264-
Field: "field-name-2",
277+
Item: "item-name-2",
278+
Field: "field-name-2",
279+
DockerConfigJSONData: nil,
265280
},
266281
"key-name-6": {
267-
Item: "item-name-3",
268-
Field: "field-name-1",
282+
Item: "item-name-3",
283+
Field: "field-name-1",
284+
DockerConfigJSONData: nil,
269285
},
270286
"key-name-7": {
271-
Item: "item-name-2",
272-
Field: "field-name-2",
287+
Item: "item-name-2",
288+
Field: "field-name-2",
289+
DockerConfigJSONData: nil,
273290
},
274291
},
275292
To: []secretbootstrap.SecretContext{
@@ -375,8 +392,14 @@ func TestCompleteOptions(t *testing.T) {
375392
expectedConfig: secretbootstrap.Config{
376393
ClusterGroups: map[string][]string{"group-a": {"default"}},
377394
Secrets: []secretbootstrap.SecretConfig{{
378-
From: map[string]secretbootstrap.ItemContext{"key-name-1": {Item: "item-name-1", Field: "field-name-1"}},
379-
To: []secretbootstrap.SecretContext{{ClusterGroups: []string{"group-a"}, Cluster: "default", Namespace: "ns", Name: "name"}},
395+
From: map[string]secretbootstrap.ItemContext{
396+
"key-name-1": {
397+
Item: "item-name-1",
398+
Field: "field-name-1",
399+
DockerConfigJSONData: nil,
400+
},
401+
},
402+
To: []secretbootstrap.SecretContext{{ClusterGroups: []string{"group-a"}, Cluster: "default", Namespace: "ns", Name: "name"}},
380403
}},
381404
},
382405
expectedClusters: []string{"default"},
@@ -997,12 +1020,12 @@ func TestConstructSecrets(t *testing.T) {
9971020
},
9981021
},
9991022
},
1000-
expectedError: `[config.0."key-name-1": item at path "prefix/item-name-1" has no key "field-name-1", config.1.".dockerconfigjson": Error making API request.
1023+
expectedError: `[config.0.".dockerconfigjson": Error making API request.
10011024
10021025
URL: GET fakeVaultClient.GetKV
10031026
Code: 404. Errors:
10041027
1005-
* no data at path prefix/quay.io]`,
1028+
* no data at path prefix/quay.io, config.1."key-name-1": item at path "prefix/item-name-1" has no key "field-name-1"]`,
10061029
expected: map[string][]*coreapi.Secret{},
10071030
},
10081031
{

pkg/api/secretbootstrap/secretboostrap.go

Lines changed: 10 additions & 48 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,9 @@
11
package secretbootstrap
22

33
import (
4-
"encoding/json"
54
"fmt"
65
"os"
76
"reflect"
8-
"strings"
97

108
"github.com/getlantern/deepcopy"
119

@@ -67,12 +65,20 @@ func LoadConfigFromFile(file string, config *Config) error {
6765
if err != nil {
6866
return err
6967
}
70-
return yaml.UnmarshalStrict(bytes, config)
68+
if err := yaml.UnmarshalStrict(bytes, config); err != nil {
69+
return err
70+
}
71+
return config.resolve()
7172
}
7273

7374
// SaveConfigToFile serializes a Config object to the given file
7475
func SaveConfigToFile(file string, config *Config) error {
75-
bytes, err := yaml.Marshal(config)
76+
// Create a deep copy to avoid mutating the original config
77+
var configCopy Config
78+
if err := deepcopy.Copy(&configCopy, config); err != nil {
79+
return fmt.Errorf("failed to copy config: %w", err)
80+
}
81+
bytes, err := yaml.Marshal(&configCopy)
7682
if err != nil {
7783
return err
7884
}
@@ -87,40 +93,6 @@ type Config struct {
8793
UserSecretsTargetClusters []string `json:"user_secrets_target_clusters,omitempty"`
8894
}
8995

90-
type configWithoutUnmarshaler Config
91-
92-
func (c *Config) UnmarshalJSON(d []byte) error {
93-
var target configWithoutUnmarshaler
94-
if err := json.Unmarshal(d, &target); err != nil {
95-
return err
96-
}
97-
98-
*c = Config(target)
99-
return c.resolve()
100-
}
101-
102-
func (c *Config) MarshalJSON() ([]byte, error) {
103-
target := &configWithoutUnmarshaler{
104-
VaultDPTPPrefix: c.VaultDPTPPrefix,
105-
ClusterGroups: c.ClusterGroups,
106-
UserSecretsTargetClusters: c.UserSecretsTargetClusters,
107-
}
108-
pre := c.VaultDPTPPrefix + "/"
109-
var secrets []SecretConfig
110-
for _, s := range c.Secrets {
111-
var secret SecretConfig
112-
if err := deepcopy.Copy(&secret, s); err != nil {
113-
return nil, err
114-
}
115-
stripVaultPrefix(&secret, pre)
116-
secret.groupClusters()
117-
secrets = append(secrets, secret)
118-
}
119-
120-
target.Secrets = secrets
121-
return json.Marshal(target)
122-
}
123-
12496
func (s *SecretConfig) groupClusters() {
12597
var secrets []SecretContext
12698
for _, to := range s.To {
@@ -150,16 +122,6 @@ func (s *SecretConfig) groupClusters() {
150122
s.To = secrets
151123
}
152124

153-
func stripVaultPrefix(s *SecretConfig, pre string) {
154-
for key, from := range s.From {
155-
from.Item = strings.TrimPrefix(from.Item, pre)
156-
for i, dcj := range from.DockerConfigJSONData {
157-
from.DockerConfigJSONData[i].Item = strings.TrimPrefix(dcj.Item, pre)
158-
}
159-
s.From[key] = from
160-
}
161-
}
162-
163125
func (c *Config) Validate() error {
164126
var errs []error
165127
for i, secretConfig := range c.Secrets {

0 commit comments

Comments
 (0)