The secret manager package in secret agent provides a couple methods to write and read data to all three providers secret managers. At the moment we pass secret manager access configuration all the way down from the controller down to a key manager which is unnecessary and cumbersome and hard to test.
Goal is to have an interface for the secret manager:
type SecretManager interface {
EnsureSecret(ctx context.Context, secretName string, value []byte) error
LoadSecret(ctx context.Context, secretName string) ([]byte, error)
}
The interface should be created with a NewSecretManager function that takes an app config, adds the credentials etc, to a struct that is returned meeting the interface.
Code from ~LOC L87-125 in controllers/secretagentconfiguration_controller.go should be lifted into the NewSecretManager func.
The controller should now call this new function then add the returned object to the GenKeysConfig and then secretManagerHasData and syncKeys will now call the load and ensure functions passing the interface instead of an appconfig object
update all ensure/load key manager interfaces use the new interface properly
The secret manager package in secret agent provides a couple methods to write and read data to all three providers secret managers. At the moment we pass secret manager access configuration all the way down from the controller down to a key manager which is unnecessary and cumbersome and hard to test.
Goal is to have an interface for the secret manager:
The interface should be created with a NewSecretManager function that takes an app config, adds the credentials etc, to a struct that is returned meeting the interface.
e.g.