Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Secret Volume to support items. #44

Merged
merged 4 commits into from
Aug 14, 2017
Merged

Update Secret Volume to support items. #44

merged 4 commits into from
Aug 14, 2017

Conversation

sl1pm4t
Copy link
Contributor

@sl1pm4t sl1pm4t commented Aug 11, 2017

This works the same as config_map.items.

I also fixed validateAttributeValueDoesNotContain() validator. It’s
logic was the reverse of intention.

Update Secret Volume to support items.
7cd2b58 
This works the same as `config_map.items`.

I also fixed `validateAttributeValueDoesNotContain()` validator. It’s
logic was the reverse of intention.
@sl1pm4t
Copy link
Contributor Author

sl1pm4t commented Aug 11, 2017 

/usr/local/go/bin/go test -v -timeout 180s -tags  -run ^TestAccKubernetesPod_basic|TestAccKubernetesPod_importBasic|TestAccKubernetesPod_with_pod_security_context|TestAccKubernetesPod_with_container_liveness_probe_using_exec|TestAccKubernetesPod_with_container_liveness_probe_using_http_get|TestAccKubernetesPod_with_container_liveness_probe_using_tcp|TestAccKubernetesPod_with_container_lifecycle|TestAccKubernetesPod_with_container_security_context|TestAccKubernetesPod_with_volume_mount|TestAccKubernetesPod_with_cfg_map_volume_mount|TestAccKubernetesPod_with_resource_requirements|TestAccKubernetesPod_with_empty_dir_volume|TestAccKubernetesPod_with_secret_vol_items$

=== RUN   TestAccKubernetesPod_basic
--- PASS: TestAccKubernetesPod_basic (18.57s)
=== RUN   TestAccKubernetesPod_importBasic
--- PASS: TestAccKubernetesPod_importBasic (4.51s)
=== RUN   TestAccKubernetesPod_with_pod_security_context
--- PASS: TestAccKubernetesPod_with_pod_security_context (5.75s)
=== RUN   TestAccKubernetesPod_with_container_liveness_probe_using_exec
--- PASS: TestAccKubernetesPod_with_container_liveness_probe_using_exec (43.30s)
=== RUN   TestAccKubernetesPod_with_container_liveness_probe_using_http_get
--- PASS: TestAccKubernetesPod_with_container_liveness_probe_using_http_get (20.74s)
=== RUN   TestAccKubernetesPod_with_container_liveness_probe_using_tcp
--- PASS: TestAccKubernetesPod_with_container_liveness_probe_using_tcp (20.43s)
=== RUN   TestAccKubernetesPod_with_container_lifecycle
--- PASS: TestAccKubernetesPod_with_container_lifecycle (6.03s)
=== RUN   TestAccKubernetesPod_with_container_security_context
--- PASS: TestAccKubernetesPod_with_container_security_context (7.93s)
=== RUN   TestAccKubernetesPod_with_volume_mount
--- PASS: TestAccKubernetesPod_with_volume_mount (8.46s)
=== RUN   TestAccKubernetesPod_with_cfg_map_volume_mount
--- PASS: TestAccKubernetesPod_with_cfg_map_volume_mount (7.68s)
=== RUN   TestAccKubernetesPod_with_resource_requirements
--- PASS: TestAccKubernetesPod_with_resource_requirements (5.53s)
=== RUN   TestAccKubernetesPod_with_empty_dir_volume
--- PASS: TestAccKubernetesPod_with_empty_dir_volume (8.14s)
=== RUN   TestAccKubernetesPod_with_secret_vol_items
--- PASS: TestAccKubernetesPod_with_secret_vol_items (8.47s)
PASS
ok  	github.com/terraform-providers/terraform-provider-kubernetes/kubernetes	165.598s
Success: Tests passed.

radeksimko
radeksimko suggested changes Aug 11, 2017
View reviewed changes
Copy link
Member

@radeksimko radeksimko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @sl1pm4t
thanks for this addition!

This is looking pretty good.

Besides comments I left in the code we'll also need to update documentation in the following places:

https://github.com/terraform-providers/terraform-provider-kubernetes/blob/master/website/docs/r/pod.html.markdown
https://github.com/terraform-providers/terraform-provider-kubernetes/blob/master/website/docs/r/replication_controller.html.markdown

The codepath is used by both of these two resources, AFAIK - correct me if I'm wrong.

kubernetes/schema_pod_spec.go Outdated
Type: schema.TypeInt,
Description: "Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.",
Optional: true,
ValidateFunc: validateModeBits,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does it make sense to add Default: 0644 here? Either for clarity for the user when they see the diff and/or for consistency, otherwise the default value (if undefined) here will be 0 which I'm not sure is the same in this context.

kubernetes/structures_pod.go Outdated
for i, v := range in.Items {
m := map[string]interface{}{}
m["key"] = v.Key
m["mode"] = int(*v.Mode)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we add a nil check here in case v.Mode is nil to prevent crash?

kubernetes/structures_pod.go Outdated
}
att["items"] = items
}
att["optional"] = *in.Optional
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can't assume this codepath will only ever process resources created by Terraform. Keep in mind that it's also used for imports - so even if we always pass Optional to the API when creating the resource, it doesn't mean it will always come back.

TL;DR we should add a nil check, IMO.

kubernetes/resource_kubernetes_pod_test.go Outdated
items {
key = "one"
path = "path/to/one"
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nitpick: do you mind fixing the indentation here?

kubernetes/schema_pod_spec.go Outdated
},
"items": {
Type: schema.TypeList,
Description: `If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error. Paths must be relative and may not contain the '..' path or start with '..'.`,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nitpick: Do you mind keeping one-line strings enclosed in double quotes? 🙂

@radeksimko
Copy link
Member

Thank you for making those changes quickly. This LGTM now. 👍

@radeksimko radeksimko merged commit 5e18a34 into hashicorp:master Aug 14, 2017
@sl1pm4t sl1pm4t deleted the volume-secret-item branch May 3, 2018 21:52
@ghost ghost locked and limited conversation to collaborators Apr 21, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@radeksimko radeksimko radeksimko approved these changes

Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sl1pm4t @radeksimko