jenkins/sap-jenkins-library
1
0
Fork 0
mirror of https://github.com/SAP/jenkins-library.git synced 2025-02-21 19:48:53 +02:00
Code Issues Releases Activity

fix(vault): properly consider vault parameters & flags (#5118)

Browse Source
This commit is contained in:
Oliver Nocon 2024-10-04 09:33:53 +02:00 committed by GitHub
parent 5230c3d454
commit ef25e31acb
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 37 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
cmd/getConfig.go
View File

@ -65,7 +65,7 @@ func ConfigCommand() *cobra.Command {
OpenFile: config.OpenPiperFile,
})
var createConfigCmd = &cobra.Command{
createConfigCmd := &cobra.Command{
Use: "getConfig",
Short: "Loads the project 'Piper' configuration respecting defaults and parameters.",
PreRun: func(cmd *cobra.Command, args []string) {
@ -76,7 +76,7 @@ func ConfigCommand() *cobra.Command {
GeneralConfig.GitHubAccessTokens = ResolveAccessTokens(GeneralConfig.GitHubTokens)
},
Run: func(cmd *cobra.Command, _ []string) {
if err := generateConfigWrapper(); err != nil {
if err := generateConfigWrapper(cmd); err != nil {
log.SetErrorCategory(log.ErrorConfiguration)
log.Entry().WithError(err).Fatal("failed to retrieve configuration")
}
@ -152,6 +152,10 @@ func GetStageConfig() (config.StepConfig, error) {
}
func getConfig() (config.StepConfig, error) {
return getConfigWithFlagValues(nil)
}
func getConfigWithFlagValues(cmd *cobra.Command) (config.StepConfig, error) {
var myConfig config.Config
var stepConfig config.StepConfig
var err error
@ -208,13 +212,16 @@ func getConfig() (config.StepConfig, error) {
}
}
var flags map[string]interface{}
if configOptions.ContextConfig {
metadata.Spec.Inputs.Parameters = []config.StepParameters{}
}
stepConfig, err = myConfig.GetStepConfig(flags, GeneralConfig.ParametersJSON, customConfig, defaultConfig, GeneralConfig.IgnoreCustomDefaults, paramFilter, metadata, resourceParams, GeneralConfig.StageName, metadata.Metadata.Name)
var flagValues map[string]interface{}
if cmd != nil {
flagValues = config.AvailableFlagValues(cmd, &paramFilter)
}
stepConfig, err = myConfig.GetStepConfig(flagValues, GeneralConfig.ParametersJSON, customConfig, defaultConfig, GeneralConfig.IgnoreCustomDefaults, paramFilter, metadata, resourceParams, GeneralConfig.StageName, metadata.Metadata.Name)
if err != nil {
return stepConfig, errors.Wrap(err, "getting step config failed")
}
@ -227,7 +234,7 @@ func getConfig() (config.StepConfig, error) {
return stepConfig, nil
}
func generateConfigWrapper() error {
func generateConfigWrapper(cmd *cobra.Command) error {
var formatter func(interface{}) (string, error)
switch strings.ToLower(configOptions.Output) {
case "yaml", "yml":
@ -237,13 +244,13 @@ func generateConfigWrapper() error {
default:
formatter = config.GetJSON
}
return GenerateConfig(formatter)
return GenerateConfig(cmd, formatter)
}
func GenerateConfig(formatter func(interface{}) (string, error)) error {
func GenerateConfig(cmd *cobra.Command, formatter func(interface{}) (string, error)) error {
utils := newGetConfigUtilsUtils()
stepConfig, err := getConfig()
stepConfig, err := getConfigWithFlagValues(cmd)
if err != nil {
return err
}
@ -254,7 +261,7 @@ func GenerateConfig(formatter func(interface{}) (string, error)) error {
}
if len(configOptions.OutputFile) > 0 {
if err := utils.FileWrite(configOptions.OutputFile, []byte(myConfig), 0666); err != nil {
if err := utils.FileWrite(configOptions.OutputFile, []byte(myConfig), 0o666); err != nil {
return fmt.Errorf("failed to write output file %v: %w", configOptions.OutputFile, err)
}
return nil
@ -265,7 +272,6 @@ func GenerateConfig(formatter func(interface{}) (string, error)) error {
}
func addConfigFlags(cmd *cobra.Command) {
// ToDo: support more output options, like https://kubernetes.io/docs/reference/kubectl/overview/#formatting-output
cmd.Flags().StringVar(&configOptions.Output, "output", "json", "Defines the output format")
cmd.Flags().StringVar(&configOptions.OutputFile, "outputFile", "", "Defines a file path. f set, the output will be written to the defines file")
@ -276,7 +282,6 @@ func addConfigFlags(cmd *cobra.Command) {
cmd.Flags().StringVar(&configOptions.StepMetadata, "stepMetadata", "", "Step metadata, passed as path to yaml")
cmd.Flags().StringVar(&configOptions.StepName, "stepName", "", "Step name, used to get step metadata if yaml path is not set")
cmd.Flags().BoolVar(&configOptions.ContextConfig, "contextConfig", false, "Defines if step context configuration should be loaded instead of step config")
}
func defaultsAndFilters(metadata *config.StepData, stepName string) ([]io.ReadCloser, config.StepFilters, error) {
@ -316,7 +321,7 @@ func prepareOutputEnvironment(outputResources []config.StepResources, envRootPat
}
if _, err := os.Stat(filepath.Dir(paramPath)); errors.Is(err, os.ErrNotExist) {
log.Entry().Debugf("Creating directory: %v", filepath.Dir(paramPath))
_ = os.MkdirAll(filepath.Dir(paramPath), 0777)
_ = os.MkdirAll(filepath.Dir(paramPath), 0o777)
}
}
}
@ -332,7 +337,7 @@ func prepareOutputEnvironment(outputResources []config.StepResources, envRootPat
for _, dir := range stepOutputDirectories {
if _, err := os.Stat(dir); errors.Is(err, os.ErrNotExist) {
log.Entry().Debugf("Creating directory: %v", dir)
_ = os.MkdirAll(dir, 0777)
_ = os.MkdirAll(dir, 0o777)
}
}
}

22
pkg/config/config.go
View File

@ -218,6 +218,8 @@ func (c *Config) GetStepConfig(flagValues map[string]interface{}, paramJSON stri
// merge parameters provided via env vars
stepConfig.mixIn(envValues(filters.All), filters.All, metadata)
vaultParams := map[string]interface{}{}
// if parameters are provided in JSON format merge them
if len(paramJSON) != 0 {
var params map[string]interface{}
@ -228,10 +230,17 @@ func (c *Config) GetStepConfig(flagValues map[string]interface{}, paramJSON stri
// apply aliases
for _, p := range parameters {
params = setParamValueFromAlias(stepName, params, filters.Parameters, p.Name, p.Aliases)
vaultParams = setParamValueFromAlias(stepName, vaultParams, vaultFilter, p.Name, p.Aliases)
}
for _, s := range secrets {
params = setParamValueFromAlias(stepName, params, filters.Parameters, s.Name, s.Aliases)
}
// retrieve Vault config if provided
for _, v := range vaultFilter {
if params[v] != nil {
vaultParams[v] = params[v]
}
}
stepConfig.mixIn(params, filters.Parameters, metadata)
}
@ -239,8 +248,13 @@ func (c *Config) GetStepConfig(flagValues map[string]interface{}, paramJSON stri
// merge command line flags
if flagValues != nil {
flagFilter := append(filters.Parameters, vaultFilter...)
stepConfig.mixIn(flagValues, flagFilter, metadata)
stepConfig.mixIn(flagValues, filters.Parameters, metadata)
// retrieve Vault config from flags if provided
for _, v := range vaultFilter {
if flagValues[v] != nil {
vaultParams[v] = flagValues[v]
}
}
}
if verbose, ok := stepConfig.Config["verbose"].(bool); ok && verbose {
@ -249,7 +263,7 @@ func (c *Config) GetStepConfig(flagValues map[string]interface{}, paramJSON stri
log.Entry().Warnf("invalid value for parameter verbose: '%v'", stepConfig.Config["verbose"])
}
stepConfig.mixinVaultConfig(parameters, c.General, c.Steps[stepName], c.Stages[stageName])
stepConfig.mixinVaultConfig(parameters, c.General, c.Steps[stepName], c.Stages[stageName], vaultParams)
reportingConfig, err := cloneConfig(c)
if err != nil {
@ -517,7 +531,7 @@ func merge(base, overlay map[string]interface{}, metadata StepData) map[string]i
tVal := reflect.TypeOf(value).String()
if v.Name == key && tVal != v.Type {
if tVal == "[]interface {}" && v.Type == "[]string" {
//json Unmarshal genertes arrays of interface{} for string arrays
// json Unmarshal genertes arrays of interface{} for string arrays
for _, interfaceValue := range value.([]interface{}) {
arrayValueType := reflect.TypeOf(interfaceValue).String()
if arrayValueType != "string" {

2
pkg/config/vault.go
View File

@ -306,7 +306,6 @@ func resolveVaultCredentials(config *StepConfig, client VaultClient) {
}
func populateTestCredentialsAsEnvs(config *StepConfig, secret map[string]string, keys []string) (matched bool) {
vaultTestCredentialEnvPrefix, ok := config.Config["vaultTestCredentialEnvPrefix"].(string)
if !ok || len(vaultTestCredentialEnvPrefix) == 0 {
vaultTestCredentialEnvPrefix = vaultTestCredentialEnvPrefixDefault
@ -326,7 +325,6 @@ func populateTestCredentialsAsEnvs(config *StepConfig, secret map[string]string,
}
func populateCredentialsAsEnvs(config *StepConfig, secret map[string]string, keys []string) (matched bool) {
vaultCredentialEnvPrefix, ok := config.Config["vaultCredentialEnvPrefix"].(string)
isCredentialEnvPrefixDefault := false