You've already forked sap-jenkins-library
mirror of
https://github.com/SAP/jenkins-library.git
synced 2025-11-06 09:09:19 +02:00
add vaultSecretFileReferences (#2203)
* add vaultSecretFileReferences * fix test * fix test * go generate * remove code duplication Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
This commit is contained in:
Kevin Stiehl
GitHub
@@ -93,6 +93,7 @@ It resolves the dotted version string into version, support package level and pa
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
commonPipelineEnvironment.persist(GeneralConfig.EnvRootPath, "commonPipelineEnvironment")
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
|
||||
@@ -93,6 +93,7 @@ It resolves the dotted version string into version, support package stack level
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
commonPipelineEnvironment.persist(GeneralConfig.EnvRootPath, "commonPipelineEnvironment")
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
|
||||
@@ -93,6 +93,7 @@ The Target Vector describes the software state, which shall be reached in the ma
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
commonPipelineEnvironment.persist(GeneralConfig.EnvRootPath, "commonPipelineEnvironment")
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
|
||||
@@ -62,6 +62,7 @@ With targetVectorScope "T" the Target Vector will be published to the test envir
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -94,6 +94,7 @@ The new status "L"ocked is written back to the addonDescriptor in the commonPipe
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
commonPipelineEnvironment.persist(GeneralConfig.EnvRootPath, "commonPipelineEnvironment")
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
|
||||
@@ -91,6 +91,7 @@ store. The new status "R"eleased is written back to the addonDescriptor in the c
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
commonPipelineEnvironment.persist(GeneralConfig.EnvRootPath, "commonPipelineEnvironment")
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
|
||||
@@ -96,6 +96,7 @@ The name, type and namespace of each package is written back to the addonDescrip
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
commonPipelineEnvironment.persist(GeneralConfig.EnvRootPath, "commonPipelineEnvironment")
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
|
||||
@@ -98,6 +98,7 @@ Platform ABAP Environment system and saves the corresponding [SAR archive](https
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
commonPipelineEnvironment.persist(GeneralConfig.EnvRootPath, "commonPipelineEnvironment")
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
|
||||
@@ -72,6 +72,7 @@ Please provide either of the following options:
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -72,6 +72,7 @@ Please provide either of the following options:
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -71,6 +71,7 @@ Please provide either of the following options:
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -73,6 +73,7 @@ Regardless of the option you chose, please make sure to provide the configuratio
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -173,6 +173,7 @@ Define ` + "`" + `buildTool: custom` + "`" + `, ` + "`" + `filePath: <path to yo
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
commonPipelineEnvironment.persist(GeneralConfig.EnvRootPath, "commonPipelineEnvironment")
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
|
||||
@@ -209,6 +209,7 @@ thresholds instead of ` + "`" + `percentage` + "`" + ` whereas we strongly recom
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
influx.persist(GeneralConfig.EnvRootPath, "influx")
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
|
||||
@@ -64,6 +64,7 @@ func CloudFoundryCreateServiceKeyCommand() *cobra.Command {
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -76,6 +76,7 @@ Please provide either of the following options:
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -63,6 +63,7 @@ Mandatory:
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -63,6 +63,7 @@ func CloudFoundryDeleteServiceCommand() *cobra.Command {
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -63,6 +63,7 @@ Mandatory:
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -136,6 +136,7 @@ func CloudFoundryDeployCommand() *cobra.Command {
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
influx.persist(GeneralConfig.EnvRootPath, "influx")
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
|
||||
@@ -60,6 +60,7 @@ It can be used no matter if a Docker daemon is available or not. It will also wo
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -71,6 +71,7 @@ Please configure your BlackDuck server Url using the serverUrl parameter and the
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -170,6 +170,7 @@ DISCLAIMER: The step has not yet been tested on a wide variaty of projects, and
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
influx.persist(GeneralConfig.EnvRootPath, "influx")
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
|
||||
@@ -61,6 +61,7 @@ func GctsCloneRepositoryCommand() *cobra.Command {
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -65,6 +65,7 @@ func GctsCreateRepositoryCommand() *cobra.Command {
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -62,6 +62,7 @@ func GctsDeployCommand() *cobra.Command {
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -61,6 +61,7 @@ func GctsExecuteABAPUnitTestsCommand() *cobra.Command {
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -66,6 +66,7 @@ gctsRollback will rollback to the previously active commit in the local reposito
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -65,6 +65,7 @@ It can for example be used to verify if certain status checks are mandatory. Thi
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -68,6 +68,7 @@ It can for example be used for GitOps scenarios or for scenarios where you want
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -79,6 +79,7 @@ The result looks like
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -73,6 +73,7 @@ It can for example be used to create additional check indicators for a pull requ
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -69,6 +69,7 @@ As of today, it supports the update of deployment yaml files via kubectl patch.
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -58,6 +58,7 @@ This step can, e.g., be used if there is a json schema which needs to be patched
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -98,6 +98,7 @@ func KanikoExecuteCommand() *cobra.Command {
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
commonPipelineEnvironment.persist(GeneralConfig.EnvRootPath, "commonPipelineEnvironment")
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
|
||||
@@ -67,6 +67,7 @@ In the Docker network, the containers can be referenced by the values provided i
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -95,6 +95,7 @@ helm upgrade <deploymentName> <chartPath> --install --force --namespace <namespa
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -61,6 +61,7 @@ func MalwareExecuteScanCommand() *cobra.Command {
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -63,6 +63,7 @@ supports ci friendly versioning by flattening the pom before installing.`,
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -62,6 +62,7 @@ the integration tests via the Jacoco Maven-plugin.`,
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -73,6 +73,7 @@ For PMD the failure priority and the max allowed violations are configurable via
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -63,6 +63,7 @@ func MavenExecuteCommand() *cobra.Command {
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -95,6 +95,7 @@ func MtaBuildCommand() *cobra.Command {
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
commonPipelineEnvironment.persist(GeneralConfig.EnvRootPath, "commonPipelineEnvironment")
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
|
||||
@@ -83,6 +83,7 @@ If an image for mavenExecute is configured, and npm packages are to be published
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -57,6 +57,7 @@ either use ESLint configurations present in the project or use the provided gene
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -60,6 +60,7 @@ func NpmExecuteScriptsCommand() *cobra.Command {
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -124,6 +124,7 @@ func ProtecodeExecuteScanCommand() *cobra.Command {
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
influx.persist(GeneralConfig.EnvRootPath, "influx")
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
|
||||
@@ -117,6 +117,7 @@ func SonarExecuteScanCommand() *cobra.Command {
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
influx.persist(GeneralConfig.EnvRootPath, "influx")
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
|
||||
@@ -107,6 +107,7 @@ check and additional Free and Open Source Software Publicly Known Vulnerabilitie
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
telemetry.Send(&telemetryData)
|
||||
|
||||
@@ -98,6 +98,7 @@ func XsDeployCommand() *cobra.Command {
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
commonPipelineEnvironment.persist(GeneralConfig.EnvRootPath, "commonPipelineEnvironment")
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
telemetryData.ErrorCategory = log.GetErrorCategory().String()
|
||||
|
||||
@@ -234,7 +234,7 @@ func (c *Config) GetStepConfig(flagValues map[string]interface{}, paramJSON stri
|
||||
return StepConfig{}, err
|
||||
}
|
||||
if vaultClient != nil {
|
||||
addVaultCredentials(&stepConfig, vaultClient, parameters)
|
||||
resolveAllVaultReferences(&stepConfig, vaultClient, parameters)
|
||||
}
|
||||
|
||||
// finally do the condition evaluation post processing
|
||||
|
||||
@@ -1,13 +1,17 @@
|
||||
package config
|
||||
|
||||
import (
|
||||
"io/ioutil"
|
||||
"os"
|
||||
|
||||
"github.com/SAP/jenkins-library/pkg/config/interpolation"
|
||||
"github.com/SAP/jenkins-library/pkg/log"
|
||||
"github.com/SAP/jenkins-library/pkg/vault"
|
||||
"github.com/hashicorp/vault/api"
|
||||
)
|
||||
|
||||
var vaultFilter = []string{
|
||||
var (
|
||||
vaultFilter = []string{
|
||||
"vaultAppRoleID",
|
||||
"vaultAppRoleSecreId",
|
||||
"vaultServerUrl",
|
||||
@@ -15,7 +19,11 @@ var vaultFilter = []string{
|
||||
"vaultBasePath",
|
||||
"vaultPipelineName",
|
||||
"vaultPath",
|
||||
}
|
||||
}
|
||||
|
||||
// VaultSecretFileDirectory holds the directory for the current step run to temporarily store secret files fetched from vault
|
||||
VaultSecretFileDirectory = ""
|
||||
)
|
||||
|
||||
// VaultCredentials hold all the auth information needed to fetch configuration from vault
|
||||
type VaultCredentials struct {
|
||||
@@ -51,16 +59,22 @@ func getVaultClientFromConfig(config StepConfig, creds VaultCredentials) (vaultC
|
||||
return &client, nil
|
||||
}
|
||||
|
||||
func addVaultCredentials(config *StepConfig, client vaultClient, params []StepParameters) {
|
||||
func resolveAllVaultReferences(config *StepConfig, client vaultClient, params []StepParameters) {
|
||||
for _, param := range params {
|
||||
// we don't overwrite secrets that have already been set in any way
|
||||
if _, ok := config.Config[param.Name].(string); ok {
|
||||
continue
|
||||
}
|
||||
ref := param.GetReference("vaultSecret")
|
||||
if ref == nil {
|
||||
continue
|
||||
if ref := param.GetReference("vaultSecret"); ref != nil {
|
||||
resolveVaultReference(ref, config, client, param)
|
||||
}
|
||||
if ref := param.GetReference("vaultSecretFile"); ref != nil {
|
||||
resolveVaultReference(ref, config, client, param)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func resolveVaultReference(ref *ResourceReference, config *StepConfig, client vaultClient, param StepParameters) {
|
||||
var secretValue *string
|
||||
for _, vaultPath := range ref.Paths {
|
||||
// it should be possible to configure the root path were the secret is stored
|
||||
@@ -71,17 +85,53 @@ func addVaultCredentials(config *StepConfig, client vaultClient, params []StepPa
|
||||
|
||||
secretValue = lookupPath(client, vaultPath, ¶m)
|
||||
if secretValue != nil {
|
||||
config.Config[param.Name] = *secretValue
|
||||
log.Entry().Infof("Resolved param '%s' with vault path '%s'", param.Name, vaultPath)
|
||||
if ref.Type == "vaultSecret" {
|
||||
config.Config[param.Name] = *secretValue
|
||||
} else if ref.Type == "vaultSecretFile" {
|
||||
filePath, err := createTemporarySecretFile(param.Name, *secretValue)
|
||||
if err != nil {
|
||||
log.Entry().WithError(err).Warnf("Couldn't create temporary secret file for '%s'", param.Name)
|
||||
return
|
||||
}
|
||||
config.Config[param.Name] = filePath
|
||||
}
|
||||
break
|
||||
}
|
||||
}
|
||||
if secretValue == nil {
|
||||
log.Entry().Warnf("Could not resolve param '%s' from vault", param.Name)
|
||||
}
|
||||
}
|
||||
|
||||
// RemoveVaultSecretFiles removes all secret files that have been created during execution
|
||||
func RemoveVaultSecretFiles() {
|
||||
if VaultSecretFileDirectory != "" {
|
||||
os.RemoveAll(VaultSecretFileDirectory)
|
||||
}
|
||||
}
|
||||
|
||||
func createTemporarySecretFile(namePattern string, content string) (string, error) {
|
||||
if VaultSecretFileDirectory == "" {
|
||||
var err error
|
||||
VaultSecretFileDirectory, err = ioutil.TempDir("", "vault")
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
}
|
||||
|
||||
file, err := ioutil.TempFile(VaultSecretFileDirectory, namePattern)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
defer file.Close()
|
||||
_, err = file.WriteString(content)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
return file.Name(), nil
|
||||
}
|
||||
|
||||
func lookupPath(client vaultClient, path string, param *StepParameters) *string {
|
||||
log.Entry().Infof("Trying to resolve vault parameter '%s' at '%s'", param.Name, path)
|
||||
secret, err := client.GetKvSecret(path)
|
||||
|
||||
@@ -2,6 +2,8 @@ package config
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/mock"
|
||||
@@ -22,7 +24,7 @@ func TestVaultConfigLoad(t *testing.T) {
|
||||
vaultData := map[string]string{secretName: "value1"}
|
||||
|
||||
vaultMock.On("GetKvSecret", "team1/pipelineA").Return(vaultData, nil)
|
||||
addVaultCredentials(&stepConfig, vaultMock, stepParams)
|
||||
resolveAllVaultReferences(&stepConfig, vaultMock, stepParams)
|
||||
assert.Equal(t, "value1", stepConfig.Config[secretName])
|
||||
})
|
||||
|
||||
@@ -35,7 +37,7 @@ func TestVaultConfigLoad(t *testing.T) {
|
||||
stepParams := []StepParameters{stepParam(secretName, "vaultSecret", "$(vaultBasePath)/pipelineA")}
|
||||
vaultData := map[string]string{secretName: "value1"}
|
||||
vaultMock.On("GetKvSecret", "team1/pipelineA").Return(vaultData, nil)
|
||||
addVaultCredentials(&stepConfig, vaultMock, stepParams)
|
||||
resolveAllVaultReferences(&stepConfig, vaultMock, stepParams)
|
||||
|
||||
assert.Equal(t, "preset value", stepConfig.Config[secretName])
|
||||
})
|
||||
@@ -47,7 +49,7 @@ func TestVaultConfigLoad(t *testing.T) {
|
||||
}}
|
||||
stepParams := []StepParameters{stepParam(secretName, "vaultSecret", "$(vaultBasePath)/pipelineA")}
|
||||
vaultMock.On("GetKvSecret", "team1/pipelineA").Return(nil, fmt.Errorf("test"))
|
||||
addVaultCredentials(&stepConfig, vaultMock, stepParams)
|
||||
resolveAllVaultReferences(&stepConfig, vaultMock, stepParams)
|
||||
assert.Len(t, stepConfig.Config, 1)
|
||||
})
|
||||
|
||||
@@ -58,7 +60,7 @@ func TestVaultConfigLoad(t *testing.T) {
|
||||
}}
|
||||
stepParams := []StepParameters{stepParam(secretName, "vaultSecret", "$(vaultBasePath)/pipelineA")}
|
||||
vaultMock.On("GetKvSecret", "team1/pipelineA").Return(nil, nil)
|
||||
addVaultCredentials(&stepConfig, vaultMock, stepParams)
|
||||
resolveAllVaultReferences(&stepConfig, vaultMock, stepParams)
|
||||
assert.Len(t, stepConfig.Config, 1)
|
||||
})
|
||||
|
||||
@@ -73,7 +75,7 @@ func TestVaultConfigLoad(t *testing.T) {
|
||||
vaultData := map[string]string{secretName: "value1"}
|
||||
vaultMock.On("GetKvSecret", "team1/pipelineA").Return(nil, nil)
|
||||
vaultMock.On("GetKvSecret", "team1/pipelineB").Return(vaultData, nil)
|
||||
addVaultCredentials(&stepConfig, vaultMock, stepParams)
|
||||
resolveAllVaultReferences(&stepConfig, vaultMock, stepParams)
|
||||
assert.Equal(t, "value1", stepConfig.Config[secretName])
|
||||
})
|
||||
|
||||
@@ -87,7 +89,7 @@ func TestVaultConfigLoad(t *testing.T) {
|
||||
}
|
||||
vaultData := map[string]string{secretName: "value1"}
|
||||
vaultMock.On("GetKvSecret", "team1/pipelineA").Return(vaultData, nil)
|
||||
addVaultCredentials(&stepConfig, vaultMock, stepParams)
|
||||
resolveAllVaultReferences(&stepConfig, vaultMock, stepParams)
|
||||
assert.Equal(t, "value1", stepConfig.Config[secretName])
|
||||
vaultMock.AssertNotCalled(t, "GetKvSecret", "team1/pipelineB")
|
||||
})
|
||||
@@ -96,12 +98,54 @@ func TestVaultConfigLoad(t *testing.T) {
|
||||
vaultMock := &mocks.VaultMock{}
|
||||
stepConfig := StepConfig{Config: map[string]interface{}{}}
|
||||
stepParams := []StepParameters{stepParam(secretName, "vaultSecret", "$(vaultBasePath)/pipelineA")}
|
||||
addVaultCredentials(&stepConfig, vaultMock, stepParams)
|
||||
resolveAllVaultReferences(&stepConfig, vaultMock, stepParams)
|
||||
assert.Equal(t, nil, stepConfig.Config[secretName])
|
||||
vaultMock.AssertNotCalled(t, "GetKvSecret", mock.AnythingOfType("string"))
|
||||
})
|
||||
}
|
||||
|
||||
func TestVaultSecretFiles(t *testing.T) {
|
||||
const secretName = "testSecret"
|
||||
t.Run("Test Vault Secret File Reference", func(t *testing.T) {
|
||||
vaultMock := &mocks.VaultMock{}
|
||||
stepConfig := StepConfig{Config: map[string]interface{}{
|
||||
"vaultPath": "team1",
|
||||
}}
|
||||
stepParams := []StepParameters{stepParam(secretName, "vaultSecretFile", "$(vaultPath)/pipelineA")}
|
||||
vaultData := map[string]string{secretName: "value1"}
|
||||
vaultMock.On("GetKvSecret", "team1/pipelineA").Return(vaultData, nil)
|
||||
resolveAllVaultReferences(&stepConfig, vaultMock, stepParams)
|
||||
assert.NotNil(t, stepConfig.Config[secretName])
|
||||
path := stepConfig.Config[secretName].(string)
|
||||
contentByte, err := ioutil.ReadFile(path)
|
||||
assert.NoError(t, err)
|
||||
content := string(contentByte)
|
||||
assert.Equal(t, content, "value1")
|
||||
})
|
||||
|
||||
os.RemoveAll(VaultSecretFileDirectory)
|
||||
VaultSecretFileDirectory = ""
|
||||
|
||||
t.Run("Test temporary secret file cleanup", func(t *testing.T) {
|
||||
vaultMock := &mocks.VaultMock{}
|
||||
stepConfig := StepConfig{Config: map[string]interface{}{
|
||||
"vaultPath": "team1",
|
||||
}}
|
||||
stepParams := []StepParameters{stepParam(secretName, "vaultSecretFile", "$(vaultPath)/pipelineA")}
|
||||
vaultData := map[string]string{secretName: "value1"}
|
||||
assert.NoDirExists(t, VaultSecretFileDirectory)
|
||||
vaultMock.On("GetKvSecret", "team1/pipelineA").Return(vaultData, nil)
|
||||
resolveAllVaultReferences(&stepConfig, vaultMock, stepParams)
|
||||
assert.NotNil(t, stepConfig.Config[secretName])
|
||||
path := stepConfig.Config[secretName].(string)
|
||||
assert.DirExists(t, VaultSecretFileDirectory)
|
||||
assert.FileExists(t, path)
|
||||
RemoveVaultSecretFiles()
|
||||
assert.NoFileExists(t, path)
|
||||
assert.NoDirExists(t, VaultSecretFileDirectory)
|
||||
})
|
||||
}
|
||||
|
||||
func stepParam(name string, refType string, refPaths ...string) StepParameters {
|
||||
return StepParameters{
|
||||
Name: name,
|
||||
|
||||
@@ -114,6 +114,7 @@ func {{.CobraCmdFuncName}}() *cobra.Command {
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
{{- range $notused, $oRes := .OutputResources }}
|
||||
{{ index $oRes "name" }}.persist({{if $.ExportPrefix}}{{ $.ExportPrefix }}.{{end}}GeneralConfig.EnvRootPath, "{{ index $oRes "name" }}"){{ end }}
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
|
||||
@@ -131,6 +131,7 @@ func TestStepCommand() *cobra.Command {
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
commonPipelineEnvironment.persist(piperOsCmd.GeneralConfig.EnvRootPath, "commonPipelineEnvironment")
|
||||
influxTest.persist(piperOsCmd.GeneralConfig.EnvRootPath, "influxTest")
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
|
||||
@@ -130,6 +130,7 @@ func TestStepCommand() *cobra.Command {
|
||||
telemetryData := telemetry.CustomData{}
|
||||
telemetryData.ErrorCode = "1"
|
||||
handler := func() {
|
||||
config.RemoveVaultSecretFiles()
|
||||
commonPipelineEnvironment.persist(GeneralConfig.EnvRootPath, "commonPipelineEnvironment")
|
||||
influxTest.persist(GeneralConfig.EnvRootPath, "influxTest")
|
||||
telemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds())
|
||||
|
||||
Reference in New Issue
Block a user