github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-10 07:58:15 -05:00
Code Issues Packages Projects Releases Wiki Activity

switch k8-operator to secrets v2api

Browse Source
This commit is contained in:
Maidul Islam
2023-01-15 23:12:11 -08:00
parent da3742f600
commit 3ba636f300
4 changed files with 35 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
k8-operator/config/samples/deployment.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment-2
name: nginx-deployment
labels:
app: nginx
annotations:

24
k8-operator/packages/api/api.go
View File

@@ -21,7 +21,7 @@ func CallGetEncryptedWorkspaceKey(httpClient *resty.Client, request GetEncrypted
return GetEncryptedWorkspaceKeyResponse{}, fmt.Errorf("CallGetEncryptedWorkspaceKey: Unable to complete api request [err=%s]", err)
}
if response.StatusCode() > 299 {
if response.IsError() {
return GetEncryptedWorkspaceKeyResponse{}, fmt.Errorf("CallGetEncryptedWorkspaceKey: Unsuccessful response: [response=%s]", response)
}
@@ -48,18 +48,18 @@ func CallGetServiceTokenDetailsV2(httpClient *resty.Client) (GetServiceTokenDeta
}
func CallGetSecretsV2(httpClient *resty.Client, request GetEncryptedSecretsV2Request) (GetEncryptedSecretsV2Response, error) {
var secretsResponse GetEncryptedSecretsV2Response = GetEncryptedSecretsV2Response{}
var encryptedSecretsResponse GetEncryptedSecretsV2Response
createHttpRequest := httpClient.
R().
SetResult(&secretsResponse.Secrets).
SetQueryParam("environment", request.EnvironmentName).
SetQueryParam("environment", request.Environment).
SetQueryParam("workspaceId", request.WorkspaceId).
SetResult(&encryptedSecretsResponse).
SetHeader("User-Agent", USER_AGENT_NAME)
if request.ETag != "" {
createHttpRequest.SetHeader("If-None-Match", request.ETag)
}
createHttpRequest.SetHeader("If-None-Match", request.ETag)
response, err := createHttpRequest.Get(fmt.Sprintf("%v/v2/secrets", API_HOST_URL))
response, err := createHttpRequest.Get(fmt.Sprintf("%v/v2/secret/workspace/%v", API_HOST_URL, request.WorkspaceId))
if err != nil {
return GetEncryptedSecretsV2Response{}, fmt.Errorf("CallGetSecretsV2: Unable to complete api request [err=%s]", err)
}
@@ -69,12 +69,12 @@ func CallGetSecretsV2(httpClient *resty.Client, request GetEncryptedSecretsV2Req
}
if response.StatusCode() == 304 {
secretsResponse.Modified = false
encryptedSecretsResponse.Modified = false
} else {
secretsResponse.Modified = true
encryptedSecretsResponse.Modified = true
}
secretsResponse.ETag = response.Header().Get("etag")
encryptedSecretsResponse.ETag = response.Header().Get("etag")
return secretsResponse, nil
return encryptedSecretsResponse, nil
}

44
k8-operator/packages/api/models.go
View File

@@ -29,35 +29,28 @@ type GetEncryptedWorkspaceKeyResponse struct {
}
type GetEncryptedSecretsV2Request struct {
EnvironmentName string `json:"environmentName"`
WorkspaceId string `json:"workspaceId"`
ETag string `json:"etag,omitempty"`
Environment string `json:"environment"`
WorkspaceId string `json:"workspaceId"`
ETag string `json:"etag,omitempty"`
}
type GetEncryptedSecretsV2Response struct {
Secrets []struct {
ID string `json:"_id"`
Version int `json:"version"`
Workspace string `json:"workspace"`
Type string `json:"type"`
Environment string `json:"environment"`
SecretKeyCiphertext string `json:"secretKeyCiphertext"`
SecretKeyIV string `json:"secretKeyIV"`
SecretKeyTag string `json:"secretKeyTag"`
SecretKeyHash string `json:"secretKeyHash"`
SecretValueCiphertext string `json:"secretValueCiphertext"`
SecretValueIV string `json:"secretValueIV"`
SecretValueTag string `json:"secretValueTag"`
SecretValueHash string `json:"secretValueHash"`
SecretCommentCiphertext string `json:"secretCommentCiphertext"`
SecretCommentIV string `json:"secretCommentIV"`
SecretCommentTag string `json:"secretCommentTag"`
SecretCommentHash string `json:"secretCommentHash"`
V int `json:"__v"`
CreatedAt time.Time `json:"createdAt"`
UpdatedAt time.Time `json:"updatedAt"`
User string `json:"user,omitempty"`
}
ID string `json:"_id"`
Version int `json:"version"`
Workspace string `json:"workspace"`
Type string `json:"type"`
Environment string `json:"environment"`
SecretKeyCiphertext string `json:"secretKeyCiphertext"`
SecretKeyIV string `json:"secretKeyIV"`
SecretKeyTag string `json:"secretKeyTag"`
SecretValueCiphertext string `json:"secretValueCiphertext"`
SecretValueIV string `json:"secretValueIV"`
SecretValueTag string `json:"secretValueTag"`
CreatedAt time.Time `json:"createdAt"`
UpdatedAt time.Time `json:"updatedAt"`
User string `json:"user,omitempty"`
} `json:"secrets"`
Modified bool `json:"modified,omitempty"`
ETag string `json:"ETag,omitempty"`
@@ -68,7 +61,6 @@ type GetServiceTokenDetailsResponse struct {
Name string `json:"name"`
Workspace string `json:"workspace"`
Environment string `json:"environment"`
User string `json:"user"`
EncryptedKey string `json:"encryptedKey"`
Iv string `json:"iv"`
Tag string `json:"tag"`

7
k8-operator/packages/util/secrets.go
View File

@@ -63,6 +63,7 @@ func GetPlainTextSecretsViaServiceToken(fullServiceToken string, etag string) ([
serviceToken := fmt.Sprintf("%v.%v.%v", serviceTokenParts[0], serviceTokenParts[1], serviceTokenParts[2])
httpClient := resty.New()
httpClient.SetAuthToken(serviceToken).
SetHeader("Accept", "application/json")
@@ -72,9 +73,9 @@ func GetPlainTextSecretsViaServiceToken(fullServiceToken string, etag string) ([
}
encryptedSecretsResponse, err := api.CallGetSecretsV2(httpClient, api.GetEncryptedSecretsV2Request{
WorkspaceId: serviceTokenDetails.Workspace,
EnvironmentName: serviceTokenDetails.Environment,
ETag: etag,
WorkspaceId: serviceTokenDetails.Workspace,
Environment: serviceTokenDetails.Environment,
ETag: etag,
})
if err != nil {