Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adds support for kubernetes secrets engine #1515

Merged
merged 15 commits into from
Jul 20, 2022
Merged

Adds support for kubernetes secrets engine #1515

merged 15 commits into from
Jul 20, 2022

Conversation

austingebauer
Copy link
Contributor

@austingebauer austingebauer commented Jun 27, 2022
edited
Loading

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" comments, they generate extra noise for pull request followers and do not help prioritize the request

This PR adds resources and a data source for Vault Kubernetes Secrets Engine.

Closes: #1522

Release note for CHANGELOG:

* Adds support for Vault [Kubernetes Secrets Engine](https://www.vaultproject.io/docs/secrets/kubernetes) (#1515)

Output from acceptance testing:

$ make testacc TESTARGS='-count=1 -run=TestAccKubernetesSecret'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test -v -count=1 -run=TestAccKubernetesSecret -timeout 30m ./...
=== RUN   TestAccKubernetesSecretCredentialsDataSource
--- PASS: TestAccKubernetesSecretCredentialsDataSource (1.50s)
=== RUN   TestAccKubernetesSecretBackendRole
--- PASS: TestAccKubernetesSecretBackendRole (3.12s)
=== RUN   TestAccKubernetesSecretBackend
--- PASS: TestAccKubernetesSecretBackend (3.14s)
PASS
ok      github.com/hashicorp/terraform-provider-vault/vault     9.856s

@austingebauer
Copy link
Contributor Author

austingebauer commented Jun 27, 2022
edited
Loading

Documentation is still in progress. Will update this PR when they are ready for review.

tvoran
tvoran reviewed Jun 28, 2022
View reviewed changes
Copy link
Member

@tvoran tvoran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good so far, and I tested it a bit locally too.

vault/resource_kubernetes_secret_backend.go Outdated Show resolved Hide resolved
vault/resource_kubernetes_secret_backend_role.go Outdated Show resolved Hide resolved
benashz
benashz reviewed Jun 30, 2022
View reviewed changes
Copy link
Contributor

@benashz benashz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great! I add some initial comments/suggestions.

internal/consts/consts.go Show resolved Hide resolved
internal/consts/consts.go Show resolved Hide resolved
vault/resource_kubernetes_secret_backend.go Outdated Show resolved Hide resolved
vault/provider.go Outdated Show resolved Hide resolved
vault/provider.go Outdated Show resolved Hide resolved
vault/resource_kubernetes_secret_backend_test.go Outdated Show resolved Hide resolved
vault/resource_kubernetes_secret_backend.go Outdated Show resolved Hide resolved
vault/resource_kubernetes_secret_backend.go Show resolved Hide resolved
vault/resource_kubernetes_secret_backend_role.go Show resolved Hide resolved
vault/resource_kubernetes_secret_backend_role_test.go Show resolved Hide resolved
benashz
benashz reviewed Jun 30, 2022
View reviewed changes
Copy link
Contributor

@benashz benashz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, I noticed that we did not include the website docs. If you could also add/update those, that would be great!

@austingebauer austingebauer mentioned this pull request Jul 6, 2022
Closed
@austingebauer
Copy link
Contributor Author

Documentation has been added in fb6dbe4.

@benashz
Add k8s-secrets docs to the sidebar (#1539)
62c97f8 
- fix formatting issues
- tweak the example a bit
- document import
@benashz benashz added this to the 3.8.0 milestone Jul 19, 2022
benashz
benashz approved these changes Jul 19, 2022
View reviewed changes
Copy link
Contributor

@benashz benashz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great!

vault/resource_kubernetes_secret_backend_role_test.go Show resolved Hide resolved
@austingebauer austingebauer merged commit aaa7b1a into release/vault-next Jul 20, 2022
@austingebauer austingebauer deleted the resource/k8s-secrets branch July 20, 2022 00:11
marcboudreau pushed a commit to marcboudreau/terraform-provider-vault that referenced this pull request Nov 6, 2022
@austingebauer @benashz
Adds support for kubernetes secrets engine (hashicorp#1515)
0528151 
* Adds support for kubernetes secrets engine

* rename datasource read func

* mark service_account_jwt as sensitive

* Update vault/provider.go

Co-authored-by: Ben Ash <[email protected]>

* Update vault/provider.go

Co-authored-by: Ben Ash <[email protected]>

* add mount schema with mustAddSchema

* use testCheckMountDestroyed

* change token_max_ttl, token_default_ttl to integer seconds

* adds documentation

* remove computed from kubernetes_host, kubernetes_ca_cert

* change env var in comment to be accurate

* Add k8s-secrets docs to the sidebar (hashicorp#1539)

- fix formatting issues
- tweak the example a bit
- document import

* adds comment to test about needed config to run it

Co-authored-by: Ben Ash <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@benashz benashz benashz approved these changes

@vinay-gopalan vinay-gopalan vinay-gopalan approved these changes

@tvoran tvoran Awaiting requested review from tvoran

Assignees
No one assigned
Labels
documentation size/XL
Projects
None yet
Milestone
3.8.0
Development

Successfully merging this pull request may close these issues.
4 participants
@austingebauer @tvoran @benashz @vinay-gopalan