diff --git a/README.md b/README.md index 1cd3b7bc..467063ff 100644 --- a/README.md +++ b/README.md @@ -127,6 +127,14 @@ secretDescriptor: data: - key: hello-service/password name: password + # optional: specify a template with any additional markup you would like added to the downstream Secret resource. + # This template will be deep merged without mutating any existing fields. For example: you cannot override metadata.name. + template: + metadata: + annotations: + cat: cheese + labels: + dog: farfel ``` or ```yml @@ -198,6 +206,10 @@ apiVersion: v1 kind: Secret metadata: name: hello-service + annotations: + cat: cheese + labels: + dog: farfel type: Opaque data: password: MTIzNA== diff --git a/lib/poller.js b/lib/poller.js index 333b2933..91cc2363 100644 --- a/lib/poller.js +++ b/lib/poller.js @@ -1,5 +1,8 @@ 'use strict' +const clonedeep = require('lodash.clonedeep') +const merge = require('lodash.merge') + /** * Kubernetes secret descriptor. * @typedef {Object} SecretDescriptor @@ -72,10 +75,10 @@ class Poller { */ async _createSecretManifest () { const secretDescriptor = this._secretDescriptor + const template = secretDescriptor.template const data = await this._backends[secretDescriptor.backendType] .getSecretManifestData({ secretDescriptor }) - - return { + let secretManifest = { apiVersion: 'v1', kind: 'Secret', metadata: { @@ -87,6 +90,12 @@ class Poller { type: secretDescriptor.type || 'Opaque', data } + + if (template) { + secretManifest = merge(clonedeep(template), secretManifest) + } + + return secretManifest } /** diff --git a/lib/poller.test.js b/lib/poller.test.js index 4c30a2ad..8603cfcf 100644 --- a/lib/poller.test.js +++ b/lib/poller.test.js @@ -203,6 +203,79 @@ describe('Poller', () => { } }) }) + + it('creates secret manifest - with template', async () => { + const poller = pollerFactory({ + type: 'dummy-test-type', + backendType: 'fakeBackendType', + name: 'fakeSecretName', + properties: [ + 'fakePropertyName1', + 'fakePropertyName2' + ], + template: { + metadata: { + annotations: { + cat: 'cheese' + }, + labels: { + dog: 'farfel' + }, + name: 'fakerSecretName' + } + } + }) + + backendMock.getSecretManifestData.resolves({ + fakePropertyName1: 'ZmFrZVByb3BlcnR5VmFsdWUx', // base 64 value + fakePropertyName2: 'ZmFrZVByb3BlcnR5VmFsdWUy' // base 64 value + }) + + const secretManifest = await poller._createSecretManifest() + + expect(backendMock.getSecretManifestData.calledWith({ + secretDescriptor: { + type: 'dummy-test-type', + backendType: 'fakeBackendType', + name: 'fakeSecretName', + properties: [ + 'fakePropertyName1', + 'fakePropertyName2' + ], + template: { + metadata: { + annotations: { + cat: 'cheese' + }, + labels: { + dog: 'farfel' + }, + name: 'fakerSecretName' + } + } + } + })).to.equal(true) + + expect(secretManifest).deep.equals({ + apiVersion: 'v1', + kind: 'Secret', + metadata: { + name: 'fakeSecretName', + ownerReferences: [getOwnerReference()], + annotations: { + cat: 'cheese' + }, + labels: { + dog: 'farfel' + } + }, + type: 'dummy-test-type', + data: { + fakePropertyName1: 'ZmFrZVByb3BlcnR5VmFsdWUx', // base 64 value + fakePropertyName2: 'ZmFrZVByb3BlcnR5VmFsdWUy' // base 64 value + } + }) + }) }) describe('_poll', () => { diff --git a/package-lock.json b/package-lock.json index f2d73484..691b574a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2804,7 +2804,8 @@ "console-control-strings": { "version": "1.1.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "core-util-is": { "version": "1.0.2", @@ -2957,12 +2958,14 @@ "minimist": { "version": "0.0.8", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "minipass": { "version": "2.3.5", "bundled": true, "dev": true, + "optional": true, "requires": { "safe-buffer": "^5.1.2", "yallist": "^3.0.0" @@ -2981,6 +2984,7 @@ "version": "0.5.1", "bundled": true, "dev": true, + "optional": true, "requires": { "minimist": "0.0.8" } @@ -3074,6 +3078,7 @@ "version": "1.4.0", "bundled": true, "dev": true, + "optional": true, "requires": { "wrappy": "1" } @@ -3159,7 +3164,8 @@ "safe-buffer": { "version": "5.1.2", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "safer-buffer": { "version": "2.1.2", @@ -3195,6 +3201,7 @@ "version": "1.0.2", "bundled": true, "dev": true, + "optional": true, "requires": { "code-point-at": "^1.0.0", "is-fullwidth-code-point": "^1.0.0", @@ -3258,12 +3265,14 @@ "wrappy": { "version": "1.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "yallist": { "version": "3.0.3", "bundled": true, - "dev": true + "dev": true, + "optional": true } } }, @@ -4593,6 +4602,11 @@ "integrity": "sha1-dWy1FQyjum8RCFp4hJZF8Yj4Xzc=", "dev": true }, + "lodash.merge": { + "version": "4.6.2", + "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz", + "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==" + }, "lodash.template": { "version": "4.5.0", "resolved": "https://registry.npmjs.org/lodash.template/-/lodash.template-4.5.0.tgz", diff --git a/package.json b/package.json index 863ec43b..530d16e9 100644 --- a/package.json +++ b/package.json @@ -34,6 +34,7 @@ "json-stream": "^1.0.0", "kubernetes-client": "^8.3.0", "lodash.clonedeep": "^4.5.0", + "lodash.merge": "^4.6.2", "make-promises-safe": "^5.0.0", "pino": "^5.12.0", "prom-client": "^11.5.3"