Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: override secrets from path #204

Merged
merged 3 commits into from
Sep 17, 2024
Merged

fix: override secrets from path #204

merged 3 commits into from
Sep 17, 2024

Conversation

csatib02
Copy link
Member

@csatib02 csatib02 commented Jul 30, 2024
edited
Loading

Overview

  • Fixes an issue, with seeing multiple secrets with the same key.

Fixes #202

Notes for reviewers

Functionality is manually tested with the following script:

# Set the Vault address
export VAULT_ADDR="http://127.0.0.1:8200"

# Set the Vault token
export VAULT_TOKEN=227e1cce-6bf7-30bb-2d2a-acc854318caf

export VAULT_TOKEN_FILE=/tmp/vault-token
printf $VAULT_TOKEN > $VAULT_TOKEN_FILE

vault kv put secret/test/mysql MYSQL_PASSWORD=3xtr3ms3cr3t
vault kv put secret/test/aws AWS_ACCESS_KEY_ID=secretId AWS_SECRET_ACCESS_KEY=s3cr3t

# Set secret env-var
export MYSQL_PASSWORD=vault:secret/data/test/mysql#MYSQL_PASSWORD
export AWS_SECRET_ACCESS_KEY=vault:secret/data/test/aws#AWS_SECRET_ACCESS_KEY
export AWS_ACCESS_KEY_ID=vault:secret/data/test/aws#AWS_ACCESS_KEY_ID

export VAULT_FROM_PATH=secret/data/test/aws

# Run secret-init
go build
./secret-init env | grep 'MYSQL_PASSWORD\|AWS_SECRET_ACCESS_KEY\|AWS_ACCESS_KEY_ID'
rm secret-init
rm $VAULT_TOKEN_FILE
image

@csatib02 csatib02 requested a review from a team as a code owner July 30, 2024 11:53
@csatib02 csatib02 requested review from ramizpolic, sagikazarmark and akijakya and removed request for a team July 30, 2024 11:53
@csatib02 csatib02 self-assigned this Jul 30, 2024
@csatib02 csatib02 added the kind/bug Categorizes issue or PR as related to a bug. label Jul 30, 2024
@github-actions github-actions bot added the size/L Denotes a PR that changes 500-999 lines label Jul 30, 2024
@csatib02 csatib02 changed the base branch from main to feat/secret-selection-done-on-provider-level July 30, 2024 11:54
@csatib02 csatib02 changed the title Feat/override secrets from path fix: override secrets from path Jul 30, 2024
@csatib02 csatib02 changed the base branch from feat/secret-selection-done-on-provider-level to main July 30, 2024 11:55
@csatib02 csatib02 changed the base branch from main to feat/secret-selection-done-on-provider-level July 30, 2024 12:16
@csatib02 csatib02 changed the base branch from feat/secret-selection-done-on-provider-level to main July 30, 2024 12:16
ramizpolic
ramizpolic requested changes Aug 21, 2024
View reviewed changes
pkg/provider/provider.go Outdated Show resolved Hide resolved
pkg/provider/vault/vault.go Outdated Show resolved Hide resolved
env_store.go Outdated Show resolved Hide resolved
env_store.go Outdated Show resolved Hide resolved
@csatib02
Copy link
Member Author

csatib02 commented Sep 14, 2024
edited
Loading

@ramizpolic
I have made the changes on #203, this PR is a follow-up, will fix the conflicts once that is merged.

@csatib02 csatib02 force-pushed the feat/override-secrets-from-path branch from d3bd7f3 to ec2935e Compare September 17, 2024 07:23
@github-actions github-actions bot added size/S Denotes a PR that changes 10-99 lines and removed size/L Denotes a PR that changes 500-999 lines labels Sep 17, 2024
ramizpolic
ramizpolic reviewed Sep 17, 2024
View reviewed changes
pkg/utils/helper.go Outdated Show resolved Hide resolved
pkg/provider/bao/bao.go Outdated Show resolved Hide resolved
@csatib02
chore: rebase changes
97a6852 
Signed-off-by: Bence Csati <[email protected]>

chore: cr

Signed-off-by: Bence Csati <[email protected]>
@csatib02 csatib02 force-pushed the feat/override-secrets-from-path branch from fe8f53c to 97a6852 Compare September 17, 2024 10:44
@github-actions github-actions bot added size/M Denotes a PR that changes 100-499 lines and removed size/S Denotes a PR that changes 10-99 lines labels Sep 17, 2024
@csatib02 csatib02 merged commit 608681f into main Sep 17, 2024
14 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ramizpolic ramizpolic ramizpolic approved these changes

@sagikazarmark sagikazarmark Awaiting requested review from sagikazarmark

@akijakya akijakya Awaiting requested review from akijakya

Assignees

@csatib02 csatib02

Labels
kind/bug Categorizes issue or PR as related to a bug. size/M Denotes a PR that changes 100-499 lines
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Secrets retrieved via vault-env-from-path annotation should override the environment variable
2 participants
@csatib02 @ramizpolic