|
|
@@ -233,8 +233,65 @@ func NestedJSONWithGJSON(f *framework.Framework) (string, func(*framework.TestCa
|
|
|
func DockerJSONConfig(f *framework.Framework) (string, func(*framework.TestCase)) {
|
|
|
return "[common] should sync docker configurated json secrets with template", func(tc *framework.TestCase) {
|
|
|
cloudSecretName := fmt.Sprintf("%s-%s", f.Namespace.Name, "docker-config-example")
|
|
|
- cloudSecretValue := `{"auths":{"https://index.docker.io/v1/": {"auth": "c3R...zE2"}}}`
|
|
|
+ //cloudSecretValue := `{"auths":{"https://index.docker.io/v1/": {"auth": "c3R...zE2"}}}`
|
|
|
+ dockerconfig := `{"auths":{"https://index.docker.io/v1/": {"auth": "c3R...zE2"}}}` // so we have the json string that is the final docker config that we want
|
|
|
+ cloudSecretValue := fmt.Sprintf(`{"dockerconfig": %s}`, dockerconfig)
|
|
|
+ /*cloudSecretValue := `{
|
|
|
+ "dockerconfig": {
|
|
|
+ "auths": {
|
|
|
+ "https://index.docker.io/v1/": {
|
|
|
+ "auth": "c3R...zE2"
|
|
|
+ }
|
|
|
+ }
|
|
|
+ }
|
|
|
+ }`*/
|
|
|
+ tc.Secrets = map[string]string{
|
|
|
+ cloudSecretName: cloudSecretValue,
|
|
|
+ }
|
|
|
+
|
|
|
+ tc.ExpectedSecret = &v1.Secret{
|
|
|
+ Type: v1.SecretTypeOpaque,
|
|
|
+ Data: map[string][]byte{
|
|
|
+ ".dockerconfigjson": []byte(dockerconfig),
|
|
|
+ },
|
|
|
+ }
|
|
|
+
|
|
|
+ tc.ExternalSecret.Spec.Data = []esv1alpha1.ExternalSecretData{
|
|
|
+ {
|
|
|
+ SecretKey: "mysecret",
|
|
|
+ RemoteRef: esv1alpha1.ExternalSecretDataRemoteRef{
|
|
|
+ Key: cloudSecretName,
|
|
|
+ Property: "dockerconfig",
|
|
|
+ },
|
|
|
+ },
|
|
|
+ }
|
|
|
|
|
|
+ tc.ExternalSecret.Spec.Target.Template = &esv1alpha1.ExternalSecretTemplate{
|
|
|
+ Data: map[string]string{
|
|
|
+ ".dockerconfigjson": "{{ .mysecret | toString }}",
|
|
|
+ },
|
|
|
+ }
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+// This case creates a secret with a Docker json configuration value.
|
|
|
+// The values from the nested data are extracted using gjson.
|
|
|
+// not supported by: vault.
|
|
|
+func DockerJSONConfigVault(f *framework.Framework) (string, func(*framework.TestCase)) {
|
|
|
+ return "[common] should sync docker configurated json secrets with template", func(tc *framework.TestCase) {
|
|
|
+ cloudSecretName := fmt.Sprintf("%s-%s", f.Namespace.Name, "docker-config-example")
|
|
|
+ //cloudSecretValue := `{"auths":{"https://index.docker.io/v1/": {"auth": "c3R...zE2"}}}`
|
|
|
+ dockerconfig := `{"auths":{"https://index.docker.io/v1/": {"auth": "c3R...zE2"}}}`
|
|
|
+ cloudSecretValue := fmt.Sprintf(`{"dockerconfig": %s}`, dockerconfig)
|
|
|
+ /*cloudSecretValue := `{
|
|
|
+ "dockerconfig": {
|
|
|
+ "auths": {
|
|
|
+ "https://index.docker.io/v1/": {
|
|
|
+ "auth": "c3R...zE2"
|
|
|
+ }
|
|
|
+ }
|
|
|
+ }
|
|
|
+ }`*/
|
|
|
tc.Secrets = map[string]string{
|
|
|
cloudSecretName: cloudSecretValue,
|
|
|
}
|
|
|
@@ -242,7 +299,7 @@ func DockerJSONConfig(f *framework.Framework) (string, func(*framework.TestCase)
|
|
|
tc.ExpectedSecret = &v1.Secret{
|
|
|
Type: v1.SecretTypeOpaque,
|
|
|
Data: map[string][]byte{
|
|
|
- ".dockerconfigjson": []byte(cloudSecretValue),
|
|
|
+ ".dockerconfigjson": []byte(dockerconfig),
|
|
|
},
|
|
|
}
|
|
|
|
|
|
@@ -250,7 +307,8 @@ func DockerJSONConfig(f *framework.Framework) (string, func(*framework.TestCase)
|
|
|
{
|
|
|
SecretKey: "mysecret",
|
|
|
RemoteRef: esv1alpha1.ExternalSecretDataRemoteRef{
|
|
|
- Key: cloudSecretName,
|
|
|
+ Key: cloudSecretName,
|
|
|
+ Property: "dockerconfig",
|
|
|
},
|
|
|
},
|
|
|
}
|