Add unmerged changes from PR #367

cyberark · Oct 14, 2021 · bb06c08 · bb06c08
1 parent 1b1a536
commit bb06c08
Show file tree

Hide file tree

Showing 10 changed files with 10 additions and 347 deletions.
diff --git a/cmd/secrets-provider/main.go b/cmd/secrets-provider/main.go
@@ -33,7 +33,9 @@ func main() {
 
 	validateContainerMode(authnConfig.ContainerMode)
 
+
 	annotationsMap := map[string]string{}
+	// Only attempt to populate from annotations if the annotations file exists
 	if _, err := os.Stat(annotationsFile); err == nil {
 		annotationsMap, err = annotations.NewAnnotationsFromFile(annotationsFile)
 		if err != nil {

diff --git a/go.sum b/go.sum
@@ -184,16 +184,10 @@ gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo=
 gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-k8s.io/api v0.0.0-20190313235455-40a48860b5ab h1:DG9A67baNpoeweOy2spF1OWHhnVY5KR7/Ek/+U1lVZc=
 k8s.io/api v0.0.0-20190313235455-40a48860b5ab/go.mod h1:iuAfoD4hCxJ8Onx9kaTIt30j7jUFS00AXQi6QMi99vA=
-k8s.io/apimachinery v0.0.0-20190313205120-d7deff9243b1 h1:IS7K02iBkQXpCeieSiyJjGoLSdVOv2DbPaWHJ+ZtgKg=
 k8s.io/apimachinery v0.0.0-20190313205120-d7deff9243b1/go.mod h1:ccL7Eh7zubPUSh9A3USN90/OzHNSVN6zxzde07TDCL0=
-k8s.io/client-go v11.0.0+incompatible h1:LBbX2+lOwY9flffWlJM7f1Ct8V2SRNiMRDFeiwnJo9o=
 k8s.io/client-go v11.0.0+incompatible/go.mod h1:7vJpHMYJwNQCWgzmNV+VYUl1zCObLyodBc8nIyt8L5s=
 k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
-k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8=
 k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I=
-k8s.io/utils v0.0.0-20191218082557-f07c713de883 h1:TA8t8OLS8m3/0dtTckekO0pCQ7qMnD19fsZTQEgCSKQ=
 k8s.io/utils v0.0.0-20191218082557-f07c713de883/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew=
-sigs.k8s.io/yaml v1.1.0 h1:4A07+ZFc2wgJwo8YNlQpr1rVlgUDlxXHhPJciaPY5gs=
 sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=
diff --git a/pkg/secrets/annotations/annotation_parser.go b/pkg/secrets/annotations/annotation_parser.go
@@ -8,6 +8,7 @@ import (
 	"strings"
 
 	"github.com/cyberark/conjur-authn-k8s-client/pkg/log"
+
 	"github.com/cyberark/secrets-provider-for-k8s/pkg/log/messages"
 )
 
@@ -38,7 +39,7 @@ func NewAnnotationsFromFile(path string) (map[string]string, error) {
 func newAnnotationsFromFile(fo fileOpener, path string) (map[string]string, error) {
 	annotationsFile, err := fo(path, os.O_RDONLY, os.ModePerm)
 	if err != nil {
-		return nil, log.RecordedError(messages.CSPFK041E, path, err.Error())
+		return nil, err
 	}
 	defer annotationsFile.Close()
 	return newAnnotationsFromReader(annotationsFile)

diff --git a/pkg/secrets/annotations/annotation_parser_test.go b/pkg/secrets/annotations/annotation_parser_test.go
@@ -31,15 +31,12 @@ func mockFileOpenerGenerator(store map[string]io.ReadCloser) fileOpener {
 func TestNewAnnotationsFromFile(t *testing.T) {
 	// Create a mock 'fileOpener' that supports reading of a sample valid
 	// annotations file.
-	validFilePath := "/podinfo/annotations"
 	content := `conjur.org/conjur-secrets.test="- test-password: test/password\n"`
 	mockOpener := mockFileOpenerGenerator(
 		map[string]io.ReadCloser{
-			validFilePath: mockReadCloser(content),
+			"/podinfo/existent-file": mockReadCloser(content),
 		})
 
-	nonexistentFilePath := "/podinfo/nonexistent-file"
-
 	// Define test cases
 	testCases := []struct {
 		description string
@@ -48,12 +45,12 @@ func TestNewAnnotationsFromFile(t *testing.T) {
 	}{
 		{
 			description: "Valid annotations file",
-			filePath:    validFilePath,
+			filePath:    "/podinfo/existent-file",
 			expError:    "",
 		}, {
 			description: "Nonexistent annotations file",
-			filePath:    nonexistentFilePath,
-			expError:    "Failed to open annotations file",
+			filePath:    "/podinfo/nonexistent-file",
+			expError:    "file not found",
 		},
 	}
 

diff --git a/pkg/secrets/config/config.go b/pkg/secrets/config/config.go
@@ -126,8 +126,8 @@ func GatherSecretsProviderSettings(annotations map[string]string) map[string]str
 // settings yield a valid Secrets Provider configuration. Returns a list of Error logs, and a list
 // of Info logs.
 func ValidateSecretsProviderSettings(envAndAnnots map[string]string) ([]error, []error) {
-	errorList := []error{}
-	infoList := []error{}
+	var errorList []error
+	var infoList []error
 
 	// PodNamespace must be configured by envVar
 	if envAndAnnots["MY_POD_NAMESPACE"] == "" {

diff --git a/pkg/secrets/pushtofile/README.md b/pkg/secrets/pushtofile/README.md
diff --git a/pkg/secrets/pushtofile/secret_groups.go b/pkg/secrets/pushtofile/secret_groups.go
diff --git a/pkg/secrets/pushtofile/secret_groups_test.go b/pkg/secrets/pushtofile/secret_groups_test.go
diff --git a/pkg/secrets/pushtofile/secret_spec.go b/pkg/secrets/pushtofile/secret_spec.go