Skip to content

Commit

Permalink
fix(vault): properly consider vault parameters & flags (#5118)
Browse files Browse the repository at this point in the history
  • Loading branch information
OliverNocon authored Oct 4, 2024
1 parent 5230c3d commit ef25e31
Showing 3 changed files with 37 additions and 20 deletions.
33 changes: 19 additions & 14 deletions cmd/getConfig.go
Original file line number Diff line number Diff line change
@@ -65,7 +65,7 @@ func ConfigCommand() *cobra.Command {
OpenFile: config.OpenPiperFile,
})

var createConfigCmd = &cobra.Command{
createConfigCmd := &cobra.Command{
Use: "getConfig",
Short: "Loads the project 'Piper' configuration respecting defaults and parameters.",
PreRun: func(cmd *cobra.Command, args []string) {
@@ -76,7 +76,7 @@ func ConfigCommand() *cobra.Command {
GeneralConfig.GitHubAccessTokens = ResolveAccessTokens(GeneralConfig.GitHubTokens)
},
Run: func(cmd *cobra.Command, _ []string) {
if err := generateConfigWrapper(); err != nil {
if err := generateConfigWrapper(cmd); err != nil {
log.SetErrorCategory(log.ErrorConfiguration)
log.Entry().WithError(err).Fatal("failed to retrieve configuration")
}
@@ -152,6 +152,10 @@ func GetStageConfig() (config.StepConfig, error) {
}

func getConfig() (config.StepConfig, error) {
return getConfigWithFlagValues(nil)
}

func getConfigWithFlagValues(cmd *cobra.Command) (config.StepConfig, error) {
var myConfig config.Config
var stepConfig config.StepConfig
var err error
@@ -208,13 +212,16 @@ func getConfig() (config.StepConfig, error) {
}
}

var flags map[string]interface{}

if configOptions.ContextConfig {
metadata.Spec.Inputs.Parameters = []config.StepParameters{}
}

stepConfig, err = myConfig.GetStepConfig(flags, GeneralConfig.ParametersJSON, customConfig, defaultConfig, GeneralConfig.IgnoreCustomDefaults, paramFilter, metadata, resourceParams, GeneralConfig.StageName, metadata.Metadata.Name)
var flagValues map[string]interface{}
if cmd != nil {
flagValues = config.AvailableFlagValues(cmd, &paramFilter)
}

stepConfig, err = myConfig.GetStepConfig(flagValues, GeneralConfig.ParametersJSON, customConfig, defaultConfig, GeneralConfig.IgnoreCustomDefaults, paramFilter, metadata, resourceParams, GeneralConfig.StageName, metadata.Metadata.Name)
if err != nil {
return stepConfig, errors.Wrap(err, "getting step config failed")
}
@@ -227,7 +234,7 @@ func getConfig() (config.StepConfig, error) {
return stepConfig, nil
}

func generateConfigWrapper() error {
func generateConfigWrapper(cmd *cobra.Command) error {
var formatter func(interface{}) (string, error)
switch strings.ToLower(configOptions.Output) {
case "yaml", "yml":
@@ -237,13 +244,13 @@ func generateConfigWrapper() error {
default:
formatter = config.GetJSON
}
return GenerateConfig(formatter)
return GenerateConfig(cmd, formatter)
}

func GenerateConfig(formatter func(interface{}) (string, error)) error {
func GenerateConfig(cmd *cobra.Command, formatter func(interface{}) (string, error)) error {
utils := newGetConfigUtilsUtils()

stepConfig, err := getConfig()
stepConfig, err := getConfigWithFlagValues(cmd)
if err != nil {
return err
}
@@ -254,7 +261,7 @@ func GenerateConfig(formatter func(interface{}) (string, error)) error {
}

if len(configOptions.OutputFile) > 0 {
if err := utils.FileWrite(configOptions.OutputFile, []byte(myConfig), 0666); err != nil {
if err := utils.FileWrite(configOptions.OutputFile, []byte(myConfig), 0o666); err != nil {
return fmt.Errorf("failed to write output file %v: %w", configOptions.OutputFile, err)
}
return nil
@@ -265,7 +272,6 @@ func GenerateConfig(formatter func(interface{}) (string, error)) error {
}

func addConfigFlags(cmd *cobra.Command) {

// ToDo: support more output options, like https://kubernetes.io/docs/reference/kubectl/overview/#formatting-output
cmd.Flags().StringVar(&configOptions.Output, "output", "json", "Defines the output format")
cmd.Flags().StringVar(&configOptions.OutputFile, "outputFile", "", "Defines a file path. f set, the output will be written to the defines file")
@@ -276,7 +282,6 @@ func addConfigFlags(cmd *cobra.Command) {
cmd.Flags().StringVar(&configOptions.StepMetadata, "stepMetadata", "", "Step metadata, passed as path to yaml")
cmd.Flags().StringVar(&configOptions.StepName, "stepName", "", "Step name, used to get step metadata if yaml path is not set")
cmd.Flags().BoolVar(&configOptions.ContextConfig, "contextConfig", false, "Defines if step context configuration should be loaded instead of step config")

}

func defaultsAndFilters(metadata *config.StepData, stepName string) ([]io.ReadCloser, config.StepFilters, error) {
@@ -316,7 +321,7 @@ func prepareOutputEnvironment(outputResources []config.StepResources, envRootPat
}
if _, err := os.Stat(filepath.Dir(paramPath)); errors.Is(err, os.ErrNotExist) {
log.Entry().Debugf("Creating directory: %v", filepath.Dir(paramPath))
_ = os.MkdirAll(filepath.Dir(paramPath), 0777)
_ = os.MkdirAll(filepath.Dir(paramPath), 0o777)
}
}
}
@@ -332,7 +337,7 @@ func prepareOutputEnvironment(outputResources []config.StepResources, envRootPat
for _, dir := range stepOutputDirectories {
if _, err := os.Stat(dir); errors.Is(err, os.ErrNotExist) {
log.Entry().Debugf("Creating directory: %v", dir)
_ = os.MkdirAll(dir, 0777)
_ = os.MkdirAll(dir, 0o777)
}
}
}
22 changes: 18 additions & 4 deletions pkg/config/config.go
Original file line number Diff line number Diff line change
@@ -218,6 +218,8 @@ func (c *Config) GetStepConfig(flagValues map[string]interface{}, paramJSON stri
// merge parameters provided via env vars
stepConfig.mixIn(envValues(filters.All), filters.All, metadata)

vaultParams := map[string]interface{}{}

// if parameters are provided in JSON format merge them
if len(paramJSON) != 0 {
var params map[string]interface{}
@@ -228,19 +230,31 @@ func (c *Config) GetStepConfig(flagValues map[string]interface{}, paramJSON stri
// apply aliases
for _, p := range parameters {
params = setParamValueFromAlias(stepName, params, filters.Parameters, p.Name, p.Aliases)
vaultParams = setParamValueFromAlias(stepName, vaultParams, vaultFilter, p.Name, p.Aliases)
}
for _, s := range secrets {
params = setParamValueFromAlias(stepName, params, filters.Parameters, s.Name, s.Aliases)
}
// retrieve Vault config if provided
for _, v := range vaultFilter {
if params[v] != nil {
vaultParams[v] = params[v]
}
}

stepConfig.mixIn(params, filters.Parameters, metadata)
}
}

// merge command line flags
if flagValues != nil {
flagFilter := append(filters.Parameters, vaultFilter...)
stepConfig.mixIn(flagValues, flagFilter, metadata)
stepConfig.mixIn(flagValues, filters.Parameters, metadata)
// retrieve Vault config from flags if provided
for _, v := range vaultFilter {
if flagValues[v] != nil {
vaultParams[v] = flagValues[v]
}
}
}

if verbose, ok := stepConfig.Config["verbose"].(bool); ok && verbose {
@@ -249,7 +263,7 @@ func (c *Config) GetStepConfig(flagValues map[string]interface{}, paramJSON stri
log.Entry().Warnf("invalid value for parameter verbose: '%v'", stepConfig.Config["verbose"])
}

stepConfig.mixinVaultConfig(parameters, c.General, c.Steps[stepName], c.Stages[stageName])
stepConfig.mixinVaultConfig(parameters, c.General, c.Steps[stepName], c.Stages[stageName], vaultParams)

reportingConfig, err := cloneConfig(c)
if err != nil {
@@ -517,7 +531,7 @@ func merge(base, overlay map[string]interface{}, metadata StepData) map[string]i
tVal := reflect.TypeOf(value).String()
if v.Name == key && tVal != v.Type {
if tVal == "[]interface {}" && v.Type == "[]string" {
//json Unmarshal genertes arrays of interface{} for string arrays
// json Unmarshal genertes arrays of interface{} for string arrays
for _, interfaceValue := range value.([]interface{}) {
arrayValueType := reflect.TypeOf(interfaceValue).String()
if arrayValueType != "string" {
2 changes: 0 additions & 2 deletions pkg/config/vault.go
Original file line number Diff line number Diff line change
@@ -306,7 +306,6 @@ func resolveVaultCredentials(config *StepConfig, client VaultClient) {
}

func populateTestCredentialsAsEnvs(config *StepConfig, secret map[string]string, keys []string) (matched bool) {

vaultTestCredentialEnvPrefix, ok := config.Config["vaultTestCredentialEnvPrefix"].(string)
if !ok || len(vaultTestCredentialEnvPrefix) == 0 {
vaultTestCredentialEnvPrefix = vaultTestCredentialEnvPrefixDefault
@@ -326,7 +325,6 @@ func populateTestCredentialsAsEnvs(config *StepConfig, secret map[string]string,
}

func populateCredentialsAsEnvs(config *StepConfig, secret map[string]string, keys []string) (matched bool) {

vaultCredentialEnvPrefix, ok := config.Config["vaultCredentialEnvPrefix"].(string)
isCredentialEnvPrefixDefault := false

0 comments on commit ef25e31

Please sign in to comment.