Fix azure sync

mongodb · Aug 8, 2023 · aedf90b · aedf90b
1 parent 2649b9f
commit aedf90b
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 3 deletions.
diff --git a/pkg/api/v1/encryption_at_rest.go b/pkg/api/v1/encryption_at_rest.go
@@ -94,5 +94,6 @@ func (az AzureKeyVault) ToAtlas() mongodbatlas.AzureKeyVault {
 		KeyVaultName:      az.KeyVaultName,
 		KeyIdentifier:     az.KeyIdentifier,
 		TenantID:          az.TenantID,
+		Secret:            az.Secret,
 	}
 }
diff --git a/pkg/controller/atlasproject/encryption_at_rest.go b/pkg/controller/atlasproject/encryption_at_rest.go
@@ -103,14 +103,16 @@ func readAndFillGoogleSecret(kubeClient client.Client, parentNs string, gkms *md
 }
 
 func readAndFillAzureSecret(kubeClient client.Client, parentNs string, azureVault *mdbv1.AzureKeyVault) (*watch.WatchedObject, error) {
-	fieldData, watchObj, err := readSecretData(kubeClient, azureVault.SecretRef, parentNs, "ClientID", "AzureEnvironment", "SubscriptionID", "ResourceGroupName", "KeyVaultName", "KeyIdentifier")
+	fieldData, watchObj, err := readSecretData(kubeClient, azureVault.SecretRef, parentNs, "ClientID", "Secret", "AzureEnvironment", "SubscriptionID", "ResourceGroupName", "KeyVaultName", "KeyIdentifier", "TenantID")
 	if err != nil {
 		return watchObj, err
 	}
 
 	azureVault.ClientID = fieldData["ClientID"]
+	azureVault.Secret = fieldData["Secret"]
 	azureVault.AzureEnvironment = fieldData["AzureEnvironment"]
 	azureVault.SubscriptionID = fieldData["SubscriptionID"]
+	azureVault.TenantID = fieldData["TenantID"]
 	azureVault.ResourceGroupName = fieldData["ResourceGroupName"]
 	azureVault.KeyVaultName = fieldData["KeyVaultName"]
 	azureVault.KeyIdentifier = fieldData["KeyIdentifier"]

diff --git a/pkg/controller/atlasproject/encryption_at_rest_test.go b/pkg/controller/atlasproject/encryption_at_rest_test.go
@@ -211,8 +211,10 @@ func TestReadEncryptionAtRestSecrets(t *testing.T) {
 	t.Run("Azure with correct secret data", func(t *testing.T) {
 		secretData := map[string][]byte{
 			"ClientID":          []byte("testClientID"),
+			"Secret":            []byte("testClientSecret"),
 			"AzureEnvironment":  []byte("testAzureEnvironment"),
 			"SubscriptionID":    []byte("testSubscriptionID"),
+			"TenantID":          []byte("testTenantID"),
 			"ResourceGroupName": []byte("testResourceGroupName"),
 			"KeyVaultName":      []byte("testKeyVaultName"),
 			"KeyIdentifier":     []byte("testKeyIdentifier"),
@@ -226,7 +228,7 @@ func TestReadEncryptionAtRestSecrets(t *testing.T) {
 					APIVersion: "v1",
 				},
 				ObjectMeta: metav1.ObjectMeta{
-					Name:      "gcp-secret",
+					Name:      "azure-secret",
 					Namespace: "test",
 				},
 			},
@@ -238,7 +240,7 @@ func TestReadEncryptionAtRestSecrets(t *testing.T) {
 			AzureKeyVault: mdbv1.AzureKeyVault{
 				Enabled: toptr.MakePtr(true),
 				SecretRef: common.ResourceRefNamespaced{
-					Name: "gcp-secret",
+					Name: "azure-secret",
 				},
 			},
 		}
@@ -247,8 +249,10 @@ func TestReadEncryptionAtRestSecrets(t *testing.T) {
 		assert.Nil(t, err)
 
 		assert.Equal(t, string(secretData["ClientID"]), encRest.AzureKeyVault.ClientID)
+		assert.Equal(t, string(secretData["Secret"]), encRest.AzureKeyVault.Secret)
 		assert.Equal(t, string(secretData["AzureEnvironment"]), encRest.AzureKeyVault.AzureEnvironment)
 		assert.Equal(t, string(secretData["SubscriptionID"]), encRest.AzureKeyVault.SubscriptionID)
+		assert.Equal(t, string(secretData["TenantID"]), encRest.AzureKeyVault.TenantID)
 		assert.Equal(t, string(secretData["ResourceGroupName"]), encRest.AzureKeyVault.ResourceGroupName)
 		assert.Equal(t, string(secretData["KeyVaultName"]), encRest.AzureKeyVault.KeyVaultName)
 		assert.Equal(t, string(secretData["KeyIdentifier"]), encRest.AzureKeyVault.KeyIdentifier)