Open poelzi opened 3 years ago
mittwald-machine
commented
2 years ago There has not been any activity to this pull request in the last 30 days. It will automatically be closed after 7 more days. Remove the stale label to prevent this.
poelzi
commented
2 years ago @martin-helmich can I have a review please ? :)
With this addition, it is possible to the password generator for more helm charts that require special formatted secrets like url formatted secrets. I think this is a very nice addition
martin-helmich
commented
2 years ago Hey Daniel,
thanks for your contribution 👍 and my apologies for the delay! 🙄🙏
TBH, I was already having mixed feelings before concerning the multitude of different annotations. Configuring the secret generation via annotation is already tedious and only provides limited extensibility.
In #35, we've added the possibility to define generated secrets as Custom Resources, which gives us way more possibilities to define their exact properties in a structured and well-defined way.
I'm thinking if instead, we could possibly extend the CR definition to accept templated expressions (maybe feature-freezing the generation by annotation entirely, in favour of the CR-based generation):
apiVersion: secretgenerator.mittwald.de/v1alpha1
kind: StringSecret
metadata:
name: example-pw
spec:
forceRegenerate: false
data:
user: testuser
fields:
- fieldName: password
encoding: base64
length: 32
dataTemplates:
- fieldName: loginUri
template: >
http://{{ .data.user | base64decode | urlquery }}:{{.data.password | base64decode | urlquery}}@localhost/Any thoughts are welcome. 🙂
mittwald-machine
commented
2 years ago There has not been any activity to this pull request in the last 30 days. It will automatically be closed after 7 more days. Remove the stale label to prevent this.
poelzi
commented
2 years ago @martin-helmich I rewrote the patch to use the new CRD. I think the new solution is quite elegant and allows even one template to use the output of a previous template.
poelzi
commented
2 years ago :( this codeclimate is the most annoying code checker i have seen so far. so creating a config file and adjusting one test somehow changes the complete behavior ? I tried different refactoring of the code, I either get complains about code duplication or about 5 arguments even on a internal function, is somehow to much. I tried to increase argument limit, but this does not work eigther
hensur
commented
2 years ago @poelzi Don't worry about code climate. I think I'm going to remove it from this repo anyways. As you say, it is quite annoying and not that useful for us.
I'm sorry that you had to deal with it.
mittwald-machine
commented
2 years ago There has not been any activity to this pull request in the last 30 days. It will automatically be closed after 7 more days. Remove the stale label to prevent this.
mittwald-machine
commented
2 years ago There has not been any activity to this pull request in the last 30 days. It will automatically be closed after 7 more days. Remove the stale label to prevent this.
This PR adds the possibility to format secret values according to rules defined in the new
format.secret-generator.v1.mittwald.de/annotation prefix. This allows secret-generator to generate specially formatted values containing the newly generated secret.Some charts or software require the username and password to be formatting in form of a uri. With this addition, it is now possible to use the secret generator with nearly every chart out there.