feat: allow setting type in external secret to support other than Opa…

…que secrets (#130) * feat: allow setting type in external secret to support other than Opaque secrets
external-secrets · Jul 29, 2019 · 226697a · 226697a
1 parent 8860ef3
commit 226697a
Show file tree

Hide file tree

Showing 4 changed files with 74 additions and 5 deletions.
diff --git a/examples/dockerconfig-example.yml b/examples/dockerconfig-example.yml
@@ -0,0 +1,10 @@
+apiVersion: kubernetes-client.io/v1
+kind: ExternalSecret
+metadata:
+  name: dockerhub-secret
+secretDescriptor:
+  backendType: secretsManager
+  type: kubernetes.io/dockerconfigjson
+  data:
+    - key: /development/dockerhub
+      name: .dockerconfigjson
diff --git a/examples/tls-example.yml b/examples/tls-example.yml
@@ -0,0 +1,14 @@
+apiVersion: kubernetes-client.io/v1
+kind: ExternalSecret
+metadata:
+  name: dockerhub-secret
+secretDescriptor:
+  backendType: secretsManager
+  type: kubernetes.io/tls
+  data:
+    - key: /development/certificate
+      property: crt
+      name: tls.crt
+    - key: /development/certificate
+      property: key
+      name: tls.key
diff --git a/lib/poller.js b/lib/poller.js
@@ -60,7 +60,7 @@ class Poller {
           this._ownerReference
         ]
       },
-      type: 'Opaque',
+      type: secretDescriptor.type || 'Opaque',
       data
     }
   }

diff --git a/lib/poller.test.js b/lib/poller.test.js
@@ -57,7 +57,7 @@ describe('Poller', () => {
       backendMock.getSecretManifestData = sinon.stub()
     })
 
-    it('creates secret manifest', async () => {
+    it('creates secret manifest - no type (backwards compat)', async () => {
       const poller = pollerFactory({
         backendType: 'fakeBackendType',
         name: 'fakeSecretName',
@@ -99,6 +99,51 @@ describe('Poller', () => {
         }
       })
     })
+
+    it('creates secret manifest - with type', async () => {
+      const poller = pollerFactory({
+        type: 'dummy-test-type',
+        backendType: 'fakeBackendType',
+        name: 'fakeSecretName',
+        properties: [
+          'fakePropertyName1',
+          'fakePropertyName2'
+        ]
+      })
+
+      backendMock.getSecretManifestData.resolves({
+        fakePropertyName1: 'ZmFrZVByb3BlcnR5VmFsdWUx', // base 64 value
+        fakePropertyName2: 'ZmFrZVByb3BlcnR5VmFsdWUy' // base 64 value
+      })
+
+      const secretManifest = await poller._createSecretManifest()
+
+      expect(backendMock.getSecretManifestData.calledWith({
+        secretDescriptor: {
+          type: 'dummy-test-type',
+          backendType: 'fakeBackendType',
+          name: 'fakeSecretName',
+          properties: [
+            'fakePropertyName1',
+            'fakePropertyName2'
+          ]
+        }
+      })).to.equal(true)
+
+      expect(secretManifest).deep.equals({
+        apiVersion: 'v1',
+        kind: 'Secret',
+        metadata: {
+          name: 'fakeSecretName',
+          ownerReferences: [ownerReference]
+        },
+        type: 'dummy-test-type',
+        data: {
+          fakePropertyName1: 'ZmFrZVByb3BlcnR5VmFsdWUx', // base 64 value
+          fakePropertyName2: 'ZmFrZVByb3BlcnR5VmFsdWUy' // base 64 value
+        }
+      })
+    })
   })
 
   describe('_poll', () => {
@@ -151,7 +196,7 @@ describe('Poller', () => {
         metadata: {
           name: 'fakeSecretName'
         },
-        type: 'Opaque',
+        type: 'some-type',
         data: {
           fakePropertyName: 'ZmFrZVByb3BlcnR5VmFsdWU='
         }
@@ -170,7 +215,7 @@ describe('Poller', () => {
           metadata: {
             name: 'fakeSecretName'
           },
-          type: 'Opaque',
+          type: 'some-type',
           data: {
             fakePropertyName: 'ZmFrZVByb3BlcnR5VmFsdWU='
           }
@@ -195,7 +240,7 @@ describe('Poller', () => {
           metadata: {
             name: 'fakeSecretName'
           },
-          type: 'Opaque',
+          type: 'some-type',
           data: {
             fakePropertyName: 'ZmFrZVByb3BlcnR5VmFsdWU='
           }