From 114fab48709016942de3d6dacdb7cb1332fba284 Mon Sep 17 00:00:00 2001 From: Patrice Ferlet Date: Mon, 23 May 2022 12:11:23 +0200 Subject: [PATCH] Fix the problem with environment as secret We needed to filter the environment coming from a env file, but declared as secet in `secret-vars` label fix #17 --- generator/main.go | 11 ++++++++++- helm/configAndSecretMap.go | 36 +++++++++++++++++++++++++++++------- 2 files changed, 39 insertions(+), 8 deletions(-) diff --git a/generator/main.go b/generator/main.go index 88580b8..b2fe43f 100644 --- a/generator/main.go +++ b/generator/main.go @@ -573,6 +573,15 @@ func prepareEnvFromFiles(name string, s *types.ServiceConfig, container *helm.Co secretsFiles = strings.Split(v, ",") } + var secretVars []string + if v, ok := s.Labels[helm.LABEL_SECRETVARS]; ok { + secretVars = strings.Split(v, ",") + } + + for i, s := range secretVars { + secretVars[i] = strings.TrimSpace(s) + } + // manage environment files (env_file in compose) for _, envfile := range s.EnvFile { f := PathToName(envfile) @@ -594,7 +603,7 @@ func prepareEnvFromFiles(name string, s *types.ServiceConfig, container *helm.Co } envfile = filepath.Join(compose.GetCurrentDir(), envfile) - if err := store.AddEnvFile(envfile); err != nil { + if err := store.AddEnvFile(envfile, secretVars); err != nil { logger.ActivateColors = true logger.Red(err.Error()) logger.ActivateColors = false diff --git a/helm/configAndSecretMap.go b/helm/configAndSecretMap.go index e3e7b47..3fe07fe 100644 --- a/helm/configAndSecretMap.go +++ b/helm/configAndSecretMap.go @@ -9,11 +9,14 @@ import ( // InlineConfig is made to represent a configMap or a secret type InlineConfig interface { - AddEnvFile(filename string) error + AddEnvFile(filename string, filter []string) error AddEnv(key, val string) error Metadata() *Metadata } +var _ InlineConfig = (*ConfigMap)(nil) +var _ InlineConfig = (*Secret)(nil) + // ConfigMap is made to represent a configMap with data. type ConfigMap struct { *K8sBase `yaml:",inline"` @@ -42,7 +45,7 @@ func (c *ConfigMap) Metadata() *Metadata { } // AddEnvFile adds an environment file to the configMap. -func (c *ConfigMap) AddEnvFile(file string) error { +func (c *ConfigMap) AddEnvFile(file string, filter []string) error { content, err := ioutil.ReadFile(file) if err != nil { return err @@ -51,8 +54,8 @@ func (c *ConfigMap) AddEnvFile(file string) error { lines := strings.Split(string(content), "\n") for _, l := range lines { //Check if the line is a comment - isComment := strings.HasPrefix(l, "#") l = strings.TrimSpace(l) + isComment := strings.HasPrefix(l, "#") if len(l) == 0 || isComment { continue } @@ -60,7 +63,16 @@ func (c *ConfigMap) AddEnvFile(file string) error { if len(parts) < 2 { return errors.New("The environment file " + file + " is not valid") } - c.Data[parts[0]] = parts[1] + + var skip bool + for _, filterEnv := range filter { + if parts[0] == filterEnv { + skip = true + } + } + if !skip { + c.Data[parts[0]] = parts[1] + } } return nil } @@ -93,7 +105,7 @@ func NewSecret(name, path string) *Secret { } // AddEnvFile adds an environment file to the secret. -func (s *Secret) AddEnvFile(file string) error { +func (s *Secret) AddEnvFile(file string, filter []string) error { content, err := ioutil.ReadFile(file) if err != nil { return err @@ -102,14 +114,24 @@ func (s *Secret) AddEnvFile(file string) error { lines := strings.Split(string(content), "\n") for _, l := range lines { l = strings.TrimSpace(l) - if len(l) == 0 { + isComment := strings.HasPrefix(l, "#") + if len(l) == 0 || isComment { continue } parts := strings.SplitN(l, "=", 2) if len(parts) < 2 { return errors.New("The environment file " + file + " is not valid") } - s.Data[parts[0]] = fmt.Sprintf(`{{ "%s" | b64enc }}`, parts[1]) + + var skip bool + for _, filterEnv := range filter { + if parts[0] == filterEnv { + skip = true + } + } + if !skip { + s.Data[parts[0]] = fmt.Sprintf(`{{ "%s" | b64enc }}`, parts[1]) + } } return nil