Skip to content

Commit

Permalink
PR Feedback
Browse files Browse the repository at this point in the history
  • Loading branch information
@grolu
grolu committed Nov 27, 2024
1 parent 0dda694 commit 5b82bcd
Show file tree
Hide file tree
Showing 15 changed files with 132 additions and 129 deletions.
4 changes: 2 additions & 2 deletions backend/lib/routes/cloudProviderCredentials.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ router.route('/')
.post(async (req, res, next) => {
try {
const user = req.user
const { method, params: body } = req.body
const { method, params } = req.body

let credentialOperation
switch (method) {
Expand All @@ -41,7 +41,7 @@ router.route('/')
default:
throw new UnprocessableEntity(`${method} not allowed for cloud provider credentials`)
}
res.send(await credentialOperation.call(cloudProviderCredentials, { user, body }))
res.send(await credentialOperation.call(cloudProviderCredentials, { user, params }))
} catch (err) {
next(err)
}
Expand Down
57 changes: 34 additions & 23 deletions backend/lib/services/cloudProviderCredentials.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,20 +11,21 @@ const { encodeBase64 } = require('../utils')
const createError = require('http-errors')
const logger = require('../logger')

exports.list = async function ({ user, body }) {
exports.list = async function ({ user, params }) {
const client = user.client
const { coordinate: { namespace } } = body
const { secretBindingNamespace } = params

const [
{ items: secretBindings },
{ items: referencedSecrets },
] = await Promise.all([
client['core.gardener.cloud'].secretbindings.list(namespace),
client.core.secrets.list(namespace, { labelSelector: 'reference.gardener.cloud/secretbinding=true' }),
client['core.gardener.cloud'].secretbindings.list(secretBindingNamespace),
client.core.secrets.list(secretBindingNamespace, { labelSelector: 'reference.gardener.cloud/secretbinding=true' }),
])

const secretMap = new Map(referencedSecrets.map(secret => [secret.metadata.name, secret]))
const credentialsList = secretBindings.map(secretBinding => {
const secret = referencedSecrets.find(secret => secret.metadata.name === secretBinding.secretRef.name)
const secret = secretMap.get(secretBinding.secretRef.name)

return {
secretBinding,
Expand All @@ -36,21 +37,28 @@ exports.list = async function ({ user, body }) {
return credentialsList
}

exports.create = async function ({ user, body }) {
exports.create = async function ({ user, params }) {
const client = user.client
const { coordinate: { namespace, name }, credential: { poviderType, secretData } } = body

const secretResource = toSecretResource({ namespace, name, data: secretData })
const secret = await client.core.secrets.create(namespace, secretResource)
const {
secretBindingNamespace,
secretBindingName,
secretBindingNamespace: secretNamespace,
secretBindingName: secretName,
poviderType,
secretData,
} = params

const secretResource = toSecretResource({ namespace: secretNamespace, name: secretName, data: secretData })
const secret = await client.core.secrets.create(secretNamespace, secretResource)

let secretBinding
try {
const secretRef = { namespace: secret.metadata.namespace, name: secret.metadata.name }
const secretBindingResource = toSecretBindingResource({ namespace, name, poviderType, secretRef })
secretBinding = await client['core.gardener.cloud'].secretbindings.create(namespace, secretBindingResource)
const secretBindingResource = toSecretBindingResource({ namespace: secretBindingNamespace, name: secretBindingName, poviderType, secretRef })
secretBinding = await client['core.gardener.cloud'].secretbindings.create(secretBindingNamespace, secretBindingResource)
} catch (err) {
logger.error('failed to create SecretBinding, cleaning up secret %s/%s', namespace, secret.metadata.name)
await client.core.secrets.delete(namespace, secret.metadata.name)
logger.error('failed to create SecretBinding, cleaning up secret %s/%s', secret.metadata.namespace, secret.metadata.name)
await client.core.secrets.delete(secretNamespace, secret.metadata.name)

throw err
}
Expand All @@ -62,11 +70,14 @@ exports.create = async function ({ user, body }) {
}
}

exports.patch = async function ({ user, body }) {
exports.patch = async function ({ user, params }) {
const client = user.client
const { coordinate: { namespace, name }, credential: { secretData } } = body

const secretBinding = await client['core.gardener.cloud'].secretbindings.get(namespace, name)
const {
secretBindingNamespace,
secretBindingName,
secretData,
} = params
const secretBinding = await client['core.gardener.cloud'].secretbindings.get(secretBindingNamespace, secretBindingName)

let data
try {
Expand All @@ -82,7 +93,7 @@ exports.patch = async function ({ user, body }) {
}]

const secretRef = secretBinding.secretRef
const secret = client.core.secrets.jsonPatch(secretRef.namespace, secretRef.name, patchOperations)
const secret = await client.core.secrets.jsonPatch(secretRef.namespace, secretRef.name, patchOperations)

return {
secretBinding,
Expand All @@ -91,15 +102,15 @@ exports.patch = async function ({ user, body }) {
}
}

exports.remove = async function ({ user, body }) {
exports.remove = async function ({ user, params }) {
const client = user.client
const { coordinate: { namespace, name } } = body
const { secretBindingNamespace, secretBindingName } = params

const secretBinding = await client['core.gardener.cloud'].secretbindings.get(namespace, name)
const secretBinding = await client['core.gardener.cloud'].secretbindings.get(secretBindingNamespace, secretBindingName)

const secretRef = secretBinding.secretRef
await Promise.all([
await client['core.gardener.cloud'].secretbindings.delete(namespace, name),
await client['core.gardener.cloud'].secretbindings.delete(secretBindingNamespace, secretBindingName),
await client.core.secrets.delete(secretRef.namespace, secretRef.name),
])
}
Expand Down
4 changes: 2 additions & 2 deletions frontend/src/components/GShootSecretName.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ SPDX-License-Identifier: Apache-2.0

<template>
<v-tooltip
:disabled="!secretBinding?.secretResource"
:disabled="!secretBinding?.secret"
location="top"
>
<template #activator="{ props }">
Expand All @@ -25,7 +25,7 @@ SPDX-License-Identifier: Apache-2.0
<g-secret-details-item-content
class="ma-1"
infra
:secret="secretBinding.secretResource"
:secret="secretBinding.secret"
:provider-type="secretBinding.provider.type"
/>
</v-card>
Expand Down
6 changes: 3 additions & 3 deletions frontend/src/components/NewShoot/GNewShootInfrastructureDetails.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ SPDX-License-Identifier: Apache-2.0
cols="3"
>
<g-select-secret
v-model="infrastructureSecret"
v-model="infrastructureSecretBinding"
:provider-type="providerType"
/>
</v-col>
Expand Down Expand Up @@ -214,7 +214,7 @@ export default {
const {
providerType,
cloudProfileName,
infrastructureSecret,
infrastructureSecretBinding,
region,
networkingType,
providerControlPlaneConfigLoadBalancerProviderName,
Expand Down Expand Up @@ -245,7 +245,7 @@ export default {
v$: useVuelidate(),
providerType,
cloudProfileName,
infrastructureSecret,
infrastructureSecretBinding,
region,
networkingType,
loadBalancerProviderName: providerControlPlaneConfigLoadBalancerProviderName,
Expand Down
44 changes: 23 additions & 21 deletions frontend/src/components/Secrets/GSecretDetailsItemContent.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,8 @@ SPDX-License-Identifier: Apache-2.0
</template>

<script>
import { decodeBase64 } from '@/utils'

import get from 'lodash/get'

export default {
Expand Down Expand Up @@ -76,7 +78,7 @@ export default {
getGCPProjectId (secret) {
try {
const serviceAccount = get(secret.data, ['serviceaccount.json'])
return get(JSON.parse(atob(serviceAccount)), ['project_id'])
return get(JSON.parse(decodeBase64(serviceAccount)), ['project_id'])
} catch (err) {
return undefined
}
Expand All @@ -89,64 +91,64 @@ export default {
return [
{
label: 'Domain Name',
value: atob(secretData.domainName),
value: decodeBase64(secretData.domainName),
},
{
label: 'Tenant Name',
value: atob(secretData.tenantName),
value: decodeBase64(secretData.tenantName),
},
]
case 'vsphere':
return [
{
label: 'vSphere Username',
value: atob(secretData.vsphereUsername),
value: decodeBase64(secretData.vsphereUsername),
},
{
label: 'NSX-T Username',
value: atob(secretData.nsxtUsername),
value: decodeBase64(secretData.nsxtUsername),
},
]
case 'aws':
return [
{
label: 'Access Key ID',
value: atob(secretData.accessKeyID),
value: decodeBase64(secretData.accessKeyID),
},
]
case 'azure':
return [
{
label: 'Subscription ID',
value: atob(secretData.subscriptionID),
value: decodeBase64(secretData.subscriptionID),
},
]
case 'gcp':
return [
{
label: 'Project',
value: atob(this.getGCPProjectId)(secret),
value: decodeBase64(this.getGCPProjectId)(secret),
},
]
case 'alicloud':
return [
{
label: 'Access Key ID',
value: atob(secretData.accessKeyID),
value: decodeBase64(secretData.accessKeyID),
},
]
case 'metal':
return [
{
label: 'API URL',
value: atob(secretData.metalAPIURL),
value: decodeBase64(secretData.metalAPIURL),
},
]
case 'hcloud':
return [
{
label: 'Hetzner Cloud Token',
value: atob(secretData.hcloudToken),
value: decodeBase64(secretData.hcloudToken),
},
]
default:
Expand All @@ -169,47 +171,47 @@ export default {
return [
{
label: 'Domain Name',
value: atob(secretData.domainName),
value: decodeBase64(secretData.domainName),
},
{
label: 'Tenant Name',
value: atob(secretData.tenantName),
value: decodeBase64(secretData.tenantName),
},
]
case 'aws-route53':
return [
{
label: 'Access Key ID',
value: atob(secretData.accessKeyID),
value: decodeBase64(secretData.accessKeyID),
},
]
case 'azure-dns':
case 'azure-private-dns':
return [
{
label: 'Subscription ID',
value: atob(secretData.subscriptionID),
value: decodeBase64(secretData.subscriptionID),
},
]
case 'google-clouddns':
return [
{
label: 'Project',
value: atob(secretData.project),
value: decodeBase64(secretData.project),
},
]
case 'alicloud-dns':
return [
{
label: 'Access Key ID',
value: atob(secretData.accessKeyID),
value: decodeBase64(secretData.accessKeyID),
},
]
case 'infoblox-dns':
return [
{
label: 'Infoblox Username',
value: atob(secretData.USERNAME),
value: decodeBase64(secretData.USERNAME),
},
]
case 'cloudflare-dns':
Expand All @@ -230,15 +232,15 @@ export default {
return [
{
label: 'Server',
value: atob(secretData.Server),
value: decodeBase64(secretData.Server),
},
{
label: 'TSIG Key Name',
value: atob(secretData.TSIGKeyName),
value: decodeBase64(secretData.TSIGKeyName),
},
{
label: 'Zone',
value: atob(secretData.Zone),
value: decodeBase64(secretData.Zone),
},
]
default:
Expand Down
12 changes: 5 additions & 7 deletions frontend/src/components/Secrets/GSecretDialog.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -315,14 +315,12 @@ export default {
}
},
save () {
const credential = {
poviderType: this.providerType,
secretData: this.secretData,
}
const poviderType = this.providerType
const secretData = this.secretData
if (this.isCreateMode) {
return this.createCredential({ name: this.name, credential })
return this.createCredential({ name: this.name, poviderType, secretData })
} else {
return this.updateCredential({ name: this.name, credential })
return this.updateCredential({ name: this.name, poviderType, secretData })
}
},
reset () {
Expand All @@ -333,7 +331,7 @@ export default {
setDelayedInputFocus(this, 'name')
} else {
this.name = get(this.secretBinding, ['metadata', 'name'])
this.updateWithSecret(this.secretBinding.secretResource)
this.updateWithSecret(this.secretBinding.secret)
}

this.errorMessage = undefined
Expand Down
2 changes: 1 addition & 1 deletion frontend/src/components/Secrets/GSecretRowInfra.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ SPDX-License-Identifier: Apache-2.0
<g-secret-details-item-content
infra
class="py-1"
:secret="item.secretBinding.secretResource"
:secret="item.secretBinding.secret"
:provider-type="item.providerType"
/>
</td>
Expand Down
4 changes: 2 additions & 2 deletions frontend/src/components/ShootDetails/GShootInfrastructureCard.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,10 +42,10 @@ SPDX-License-Identifier: Apache-2.0
/>
</g-list-item-content>
</g-list-item>
<g-list-item v-if="secretBinding?.secretResource">
<g-list-item v-if="secretBinding?.secret">
<g-secret-details-item-content
infra
:secret="secretBinding.secretResource"
:secret="secretBinding.secret"
:provider-type="secretBinding.provider.type"
details-title
/>
Expand Down
Loading

0 comments on commit 5b82bcd

Please sign in to comment.