Decode base64 K8s secrets

[gl-johnson]

Desired Outcome

Add decoding of base64 secrets based on content-type annotation in the secrets manifest

Implemented Changes

• Adds helper func createSecretData which decodes secret values based on content-type
• Adds unit/integration tests
• Updates dev environment for K8s secrets mode with decoded secret

Manually tested with init container config:

kubectl exec $test_pod --namespace local-secrets-provider -- printenv VARIABLE_WITH_ENCODED_SECRET

Output:

secret-value

Manually tested with sidecar (rotation) config:

kubectl exec $test_pod --namespace local-secrets-provider -- printenv VARIABLE_WITH_ENCODED_SECRET && \
echo "Updating Conjur secret value" && \
kubectl exec $cli_pod --namespace local-conjur -- conjur variable set -i secrets/encoded -v "aGVsbG8gd29ybGQ=" && \
echo "Sleeping for 45s while secrets refresh…" && sleep 45 && \
kubectl exec $test_pod --namespace local-secrets-provider -- printenv VARIABLE_WITH_ENCODED_SECRET

Output:

secret-value
Updating Conjur secret value
Value added
Sleeping for 45s while secrets refresh…
hello world

Definition of Done

At least 1 todo must be completed in the sections below for the PR to be merged.

Changelog

• [ ] The CHANGELOG has been updated, or
• [x] This PR does not include user-facing changes and doesn't require a CHANGELOG update

Test coverage

• [x] This PR includes new unit and integration tests to go with the code changes, or
• [ ] The changes in this PR do not require tests

Documentation

• [ ] Docs (e.g. READMEs) were updated in this PR
• [x] A follow-up issue to update official docs has been filed here: [insert issue ID]
• [ ] This PR does not require updating any documentation

Behavior

• [ ] This PR changes product behavior and has been reviewed by a PO, or
• [x] These changes are part of a larger initiative that will be reviewed later, or
• [ ] No behavior was changed with this PR

Security

• [ ] Security architect has reviewed the changes in this PR,
• [x] These changes are part of a larger initiative with a separate security review, or
• [ ] There are no security aspects to these changes

[codeclimate[bot]]

Code Climate has analyzed commit 4274d140 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 89.2% (0.1% change).

View more on Code Climate.