Call host secrets plugin directly when resolving secrets #3155
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We should not require all secret plugins to call the host secrets plugin for non secret values. Instead we should call the host secrets plugin directly. Signed-off-by: Kim Christensen <kimworking@gmail.com>
kichristensen
force-pushed
the
callHostSecretsPlugin
branch
from
fc8ddd2 to
59a86c9
Compare
kichristensen
requested review from
schristoff,
sgettys,
bdegeeter and
troy0820
as code owners
schristoff
reviewed
Aug 23, 2024
| }, | ||
| }), | ||
| } | ||
| err := r.loadCredentials(context.Background(), b, &run) |
There was a problem hiding this comment.
Think we could make a testcontext and pass that in here, but we don't have to (the func is like NewPorterTestContext or NewTestContext ?)
schristoff
reviewed
Aug 23, 2024
| @@ -23,3 +24,7 @@ func NewTestStore(tc *config.TestConfig) TestStore { | |||
| func (s TestStore) Close() error { | |||
| return s.testPlugin.Close() | |||
| } | |||
|
|
|||
There was a problem hiding this comment.
We should comment on what this logic is reasoning about
schristoff
approved these changes
Aug 23, 2024
jmcudd
pushed a commit
to jmcudd/porter
that referenced
this pull request
Sep 21, 2024
) We should not require all secret plugins to call the host secrets plugin for non secret values. Instead we should call the host secrets plugin directly. Signed-off-by: Kim Christensen <kimworking@gmail.com> Co-authored-by: schristoff <28318173+schristoff@users.noreply.github.com> Signed-off-by: John Cudd <jmcudd@gmail.com>
kichristensen
added a commit
that referenced
this pull request
Sep 24, 2024
* Simplified the bundle script Signed-off-by: John Cudd <jmcudd@gmail.com> * Added contributor Signed-off-by: John Cudd <jmcudd@gmail.com> * Updated docs Signed-off-by: John Cudd <jmcudd@gmail.com> * Removed trailing space Signed-off-by: John Cudd <jmcudd@gmail.com> * Added a note about mixins not being included Signed-off-by: John Cudd <jmcudd@gmail.com> * Tweaked the docs a bit Signed-off-by: John Cudd <jmcudd@gmail.com> * Added link at top Signed-off-by: John Cudd <jmcudd@gmail.com> * Add bundle script to release and netify redirects Signed-off-by: John Cudd <jmcudd@gmail.com> * Call host secrets plugin directly when resolving secrets (#3155) We should not require all secret plugins to call the host secrets plugin for non secret values. Instead we should call the host secrets plugin directly. Signed-off-by: Kim Christensen <kimworking@gmail.com> Co-authored-by: schristoff <28318173+schristoff@users.noreply.github.com> Signed-off-by: John Cudd <jmcudd@gmail.com> * Add doc for AKS integration (#3206) * add doc for AKS integration Signed-off-by: dejanualex <dejanualexandru@gmail.com> * remove merge action and outputs Signed-off-by: dejanualex <dejanualexandru@gmail.com> --------- Signed-off-by: dejanualex <dejanualexandru@gmail.com> Co-authored-by: Kim Christensen <2461567+kichristensen@users.noreply.github.com> Signed-off-by: John Cudd <jmcudd@gmail.com> * Do not reference CNAB invocation images in documentation (#3200) * Do not reference CNAB invocation images As CNAB is an implementation detail as this point, we no longer want to use the term 'invocation image'. Instead we should use the term 'bundle image'. This PR ensures that the current references to 'invocation image' is changed to 'bundle image'. Signed-off-by: Kim Christensen <kimworking@gmail.com> --------- Signed-off-by: Kim Christensen <kimworking@gmail.com> Co-authored-by: schristoff <28318173+schristoff@users.noreply.github.com> Signed-off-by: John Cudd <jmcudd@gmail.com> * Bump actions/download-artifact from 3.0.1 to 4.1.7 in /.github/workflows in the github_actions group across 1 directory (#3217) Bump actions/download-artifact Bumps the github_actions group with 1 update in the /.github/workflows directory: [actions/download-artifact](https://github.com/actions/download-artifact). Updates `actions/download-artifact` from 3.0.1 to 4.1.7 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@v3.0.1...v4.1.7) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production dependency-group: github_actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: John Cudd <jmcudd@gmail.com> * fix: Update version of upload-artifact (#3219) fix: Update upload-artifact action version Signed-off-by: Kim Christensen <kimworking@gmail.com> Signed-off-by: John Cudd <jmcudd@gmail.com> * Correct the Cosign links that have stopped working (#3220) fix: Correct the Cosign links that have stopped working Signed-off-by: Kim Christensen <kimworking@gmail.com> Co-authored-by: schristoff <28318173+schristoff@users.noreply.github.com> Signed-off-by: John Cudd <jmcudd@gmail.com> * Upgrade should not be allowed if installation is not installed (#3213) fix: Upgrade should not be allowed if installation is not installed Signed-off-by: Kim Christensen <kimworking@gmail.com> Signed-off-by: John Cudd <jmcudd@gmail.com> * Updated documentation to explain mongo Also removed echo from the extraction instructions. Signed-off-by: John Cudd <jmcudd@gmail.com> --------- Signed-off-by: John Cudd <jmcudd@gmail.com> Signed-off-by: Kim Christensen <kimworking@gmail.com> Signed-off-by: dejanualex <dejanualexandru@gmail.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Kim Christensen <2461567+kichristensen@users.noreply.github.com> Co-authored-by: schristoff <28318173+schristoff@users.noreply.github.com> Co-authored-by: dejanualex <dejanualexandru@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this change
We should not require all secret plugins to call the host secrets plugin for non secret values. Instead we should call the host secrets plugin directly.
What issue does it fix
Closes #2223
Notes for the reviewer
No integration test was added, as there already is an existing integration test covering the case
porter/tests/integration/install_test.go
Line 44 in 75d49d2
Checklist