Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change secrets Replace to modify the ID #1532

Merged
merged 1 commit into from
Jun 29, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 13 additions & 17 deletions pkg/secrets/secrets.go
Original file line number Diff line number Diff line change
Expand Up @@ -144,26 +144,19 @@ func NewManager(rootPath string) (*SecretsManager, error) {
return manager, nil
}

func (s *SecretsManager) newSecret(name string) (*Secret, error) {
secr := new(Secret)
secr.Name = name
secr.CreatedAt = time.Now()
secr.UpdatedAt = secr.CreatedAt

func (s *SecretsManager) newID() (string, error) {
for {
newID := stringid.GenerateNonCryptoID()
// GenerateNonCryptoID() gives 64 characters, so we truncate to correct length
newID = newID[0:secretIDLength]
_, err := s.lookupSecret(newID)
if err != nil {
if errors.Is(err, ErrNoSuchSecret) {
secr.ID = newID
break
return newID, nil
}
return nil, err
return "", err
}
}
return secr, nil
}

// Store takes a name, creates a secret and stores the secret metadata and the secret payload.
Expand Down Expand Up @@ -197,13 +190,10 @@ func (s *SecretsManager) Store(name string, data []byte, driverType string, opti
}
secr.UpdatedAt = time.Now()
} else {
if options.Replace {
return "", fmt.Errorf("%s: %w", name, ErrNoSuchSecret)
}
secr, err = s.newSecret(name)
if err != nil {
return "", err
}
secr = new(Secret)
secr.Name = name
secr.CreatedAt = time.Now()
secr.UpdatedAt = secr.CreatedAt
}

if options.Metadata == nil {
Expand All @@ -225,13 +215,19 @@ func (s *SecretsManager) Store(name string, data []byte, driverType string, opti
if err != nil {
return "", err
}

if options.Replace {
err = driver.Delete(secr.ID)
if err != nil {
return "", fmt.Errorf("replacing secret %s: %w", name, err)
}
}

secr.ID, err = s.newID()
if err != nil {
return "", err
}

err = driver.Store(secr.ID, data)
if err != nil {
return "", fmt.Errorf("creating secret %s: %w", name, err)
Expand Down
4 changes: 2 additions & 2 deletions pkg/secrets/secrets_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -74,8 +74,8 @@ func TestAddSecretAndLookupData(t *testing.T) {
storeOpts.Replace = true
id2, err := manager.Store("mysecret", []byte("mydata"), drivertype, storeOpts)
require.NoError(t, err)
if id1 != id2 {
t.Errorf("error: secret id after Replace should be same")
if id1 == id2 {
t.Errorf("error: secret id after Replace should be different")
}

s, _, err = manager.LookupSecretData("mysecret")
Expand Down