Changed provider interface to pass a SecretSinkRemoteRef

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>

apis/externalsecrets/v1alpha1/secretsink_types.go

@@ -48,6 +48,10 @@ type SecretSinkRemoteRefs struct {
 	RemoteKey string `json:"remoteKey"`
 }
 
+func (r SecretSinkRemoteRefs) GetRemoteKey() string {
+	return r.RemoteKey
+}
+
 type SecretSinkMatch struct {
 	SecretKey  string                 `json:"secretKey"`
 	RemoteRefs []SecretSinkRemoteRefs `json:"remoteRefs"`

apis/externalsecrets/v1beta1/provider.go

@@ -68,7 +68,7 @@ type SecretsClient interface {
 	GetSecret(ctx context.Context, ref ExternalSecretDataRemoteRef) ([]byte, error)
 
 	// SetSecret will write a single secret into the provider
-	SetSecret(secretKey, remoteKey string) error
+	SetSecret(ctx context.Context, value []byte, remoteRef PushRemoteRef) error
 
 	// Validate checks if the client is configured correctly
 	// and is able to retrieve secrets from the provider.

apis/externalsecrets/v1beta1/provider_schema_test.go

@@ -35,7 +35,7 @@ func (p *PP) NewClient(ctx context.Context, store GenericStore, kube client.Clie
 }
 
 // SetSecret writes a single secret into a provider.
-func (p *PP) SetSecret(secretKey, remoteKey string) error {
+func (p *PP) SetSecret(ctx context.Context, value []byte, remoteRef PushRemoteRef) error {
 	return nil
 }
 

pkg/controllers/secretsink/secretsink_controller.go

@@ -112,21 +112,17 @@ func (r *Reconciler) SetSecretToProviders(ctx context.Context, stores []v1beta1.
 				r.Log.Error(err, errCloseStoreClient)
 			}
 		}()
-		var secretKey string
-		var remoteKey string
 		for _, ref := range ss.Spec.Data {
 			for _, match := range ref.Match {
-				secretKey = match.SecretKey
-				secretValue, ok := secret.Data[secretKey]
+				secretValue, ok := secret.Data[match.SecretKey]
 				if !ok {
-					return fmt.Errorf("secret key %v does not exist", secretKey)
+					return fmt.Errorf("secret key %v does not exist", match.SecretKey)
 				}
 				for _, rK := range match.RemoteRefs {
-					remoteKey = rK.RemoteKey
-				}
-				err := client.SetSecret(remoteKey, string(secretValue))
-				if err != nil {
-					return fmt.Errorf(errSetSecretFailed, match.SecretKey, store.GetName(), err)
+					err := client.SetSecret(ctx, secretValue, rK)
+					if err != nil {
+						return fmt.Errorf(errSetSecretFailed, match.SecretKey, store.GetName(), err)
+					}
 				}
 			}
 		}

pkg/provider/akeyless/akeyless.go

@@ -170,7 +170,7 @@ func (a *Akeyless) Validate() (esv1beta1.ValidationResult, error) {
 	return esv1beta1.ValidationResultReady, nil
 }
 
-func (a *Akeyless) SetSecret(secretKey, remoteKey string) error {
+func (a *Akeyless) SetSecret(ctx context.Context, value []byte, remoteRef esv1beta1.PushRemoteRef) error {
 	return fmt.Errorf("not implemented")
 }
 

pkg/provider/alibaba/kms.go

@@ -114,7 +114,7 @@ func (c *Client) setAuth(ctx context.Context) error {
 	return nil
 }
 
-func (kms *KeyManagementService) SetSecret(secretKey, remoteKey string) error {
+func (kms *KeyManagementService) SetSecret(ctx context.Context, value []byte, remoteRef esv1beta1.PushRemoteRef) error {
 	return fmt.Errorf("not implemented")
 }
 

pkg/provider/aws/parameterstore/parameterstore.go

@@ -61,7 +61,7 @@ func New(sess *session.Session) (*ParameterStore, error) {
 }
 
 // Not Implemented SetSecret.
-func (pm *ParameterStore) SetSecret(secretKey, remoteKey string) error {
+func (pm *ParameterStore) SetSecret(ctx context.Context, value []byte, remoteRef esv1beta1.PushRemoteRef) error {
 	return fmt.Errorf("not implemented")
 }
 

pkg/provider/aws/secretsmanager/secretsmanager.go

@@ -105,7 +105,7 @@ func (sm *SecretsManager) fetch(_ context.Context, ref esv1beta1.ExternalSecretD
 }
 
 // Not Implemented SetSecret.
-func (sm *SecretsManager) SetSecret(secretKey, remoteKey string) error {
+func (sm *SecretsManager) SetSecret(ctx context.Context, value []byte, remoteRef esv1beta1.PushRemoteRef) error {
 	return fmt.Errorf("not implemented")
 }
 

pkg/provider/azure/keyvault/keyvault.go

@@ -202,7 +202,7 @@ func (a *Azure) ValidateStore(store esv1beta1.GenericStore) error {
 }
 
 // Not Implemented SetSecret.
-func (a *Azure) SetSecret(secretKey, remoteKey string) error {
+func (a *Azure) SetSecret(ctx context.Context, value []byte, remoteRef esv1beta1.PushRemoteRef) error {
 	return fmt.Errorf("not implemented")
 }
 

pkg/provider/fake/fake.go

@@ -95,11 +95,11 @@ func getProvider(store esv1beta1.GenericStore) (*esv1beta1.FakeProvider, error)
 }
 
 // Not Implemented SetSecret.
-func (p *Provider) SetSecret(key, value string) error {
-	currentData, ok := p.config[key]
+func (p *Provider) SetSecret(ctx context.Context, value []byte, remoteRef esv1beta1.PushRemoteRef) error {
+	currentData, ok := p.config[remoteRef.GetRemoteKey()]
 	if !ok {
-		p.config[key] = &Data{
-			Value:  value,
+		p.config[remoteRef.GetRemoteKey()] = &Data{
+			Value:  string(value),
 			Origin: FakeSetSecret,
 		}
 		return nil
@@ -107,7 +107,7 @@ func (p *Provider) SetSecret(key, value string) error {
 	if currentData.Origin != FakeSetSecret {
 		return fmt.Errorf("key already exists")
 	}
-	currentData.Value = value
+	currentData.Value = string(value)
 	return nil
 }
 

pkg/provider/fake/fake_test.go

@@ -22,6 +22,7 @@ import (
 	"github.com/onsi/gomega"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
+	esv1alpha1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1alpha1"
 	esv1beta1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
 )
 
@@ -197,7 +198,9 @@ func TestSetSecret(t *testing.T) {
 				},
 			}, nil, "")
 			gomega.Expect(err).ToNot(gomega.HaveOccurred())
-			err = cl.SetSecret(row.requestKey, row.expValue)
+			err = cl.SetSecret(context.TODO(), []byte(row.expValue), esv1alpha1.SecretSinkRemoteRefs{
+				RemoteKey: row.requestKey,
+			})
 			if row.expErr != "" {
 				gomega.Expect(err).To(gomega.MatchError(row.expErr))
 			} else {

pkg/provider/gcp/secretmanager/secretsmanager.go

@@ -220,7 +220,7 @@ func (sm *ProviderGCP) NewClient(ctx context.Context, store esv1beta1.GenericSto
 }
 
 // Not Implemented SetSecret.
-func (sm *ProviderGCP) SetSecret(secretKey, remoteKey string) error {
+func (sm *ProviderGCP) SetSecret(ctx context.Context, value []byte, remoteRef esv1beta1.PushRemoteRef) error {
 	return fmt.Errorf("not implemented")
 }
 

pkg/provider/gitlab/gitlab.go

@@ -162,7 +162,7 @@ func (g *Gitlab) NewClient(ctx context.Context, store esv1beta1.GenericStore, ku
 }
 
 // Not Implemented SetSecret.
-func (g *Gitlab) SetSecret(secretKey, remoteKey string) error {
+func (g *Gitlab) SetSecret(ctx context.Context, value []byte, remoteRef esv1beta1.PushRemoteRef) error {
 	return fmt.Errorf("not implemented")
 }
 

pkg/provider/ibm/provider.go

@@ -101,7 +101,7 @@ func (c *client) setAuth(ctx context.Context) error {
 }
 
 // Not Implemented SetSecret.
-func (ibm *providerIBM) SetSecret(secretKey, remoteKey string) error {
+func (ibm *providerIBM) SetSecret(ctx context.Context, value []byte, remoteRef esv1beta1.PushRemoteRef) error {
 	return fmt.Errorf("not implemented")
 }
 

pkg/provider/kubernetes/kubernetes.go

@@ -131,7 +131,7 @@ func (k *ProviderKubernetes) Close(ctx context.Context) error {
 }
 
 // Not Implemented SetSecret.
-func (k *ProviderKubernetes) SetSecret(secretKey, remoteKey string) error {
+func (k *ProviderKubernetes) SetSecret(ctx context.Context, value []byte, remoteRef esv1beta1.PushRemoteRef) error {
 	return fmt.Errorf("not implemented")
 }
 

pkg/provider/onepassword/onepassword.go

@@ -154,7 +154,7 @@ func validateStore(store esv1beta1.GenericStore) error {
 }
 
 // Not Implemented SetSecret.
-func (provider *ProviderOnePassword) SetSecret(secretKey, remoteKey string) error {
+func (provider *ProviderOnePassword) SetSecret(ctx context.Context, value []byte, remoteRef esv1beta1.PushRemoteRef) error {
 	return fmt.Errorf("not implemented")
 }
 

pkg/provider/oracle/oracle.go

@@ -66,7 +66,7 @@ type VMInterface interface {
 }
 
 // Not Implemented SetSecret.
-func (vms *VaultManagementService) SetSecret(secretKey, remoteKey string) error {
+func (vms *VaultManagementService) SetSecret(ctx context.Context, value []byte, remoteRef esv1beta1.PushRemoteRef) error {
 	return fmt.Errorf("not implemented")
 }
 

pkg/provider/senhasegura/dsm/dsm.go

@@ -91,7 +91,7 @@ func New(isoSession *senhaseguraAuth.SenhaseguraIsoSession) (*DSM, error) {
 }
 
 // Not Implemented SetSecret.
-func (dsm *DSM) SetSecret(secretKey, remoteKey string) error {
+func (dsm *DSM) SetSecret(ctx context.Context, value []byte, remoteRef esv1beta1.PushRemoteRef) error {
 	return fmt.Errorf("not implemented")
 }
 

pkg/provider/testing/fake/fake.go

@@ -68,7 +68,7 @@ func (v *Client) GetAllSecrets(ctx context.Context, ref esv1beta1.ExternalSecret
 }
 
 // Not Implemented SetSecret.
-func (v *Client) SetSecret(secretKey, remoteKey string) error {
+func (v *Client) SetSecret(ctx context.Context, value []byte, remoteRef esv1beta1.PushRemoteRef) error {
 	return v.SetSecretFn()
 }
 

pkg/provider/vault/vault.go

@@ -361,7 +361,7 @@ func (c *connector) ValidateStore(store esv1beta1.GenericStore) error {
 }
 
 // Not Implemented SetSecret.
-func (v *client) SetSecret(secretKey, remoteKey string) error {
+func (v *client) SetSecret(ctx context.Context, value []byte, remoteRef esv1beta1.PushRemoteRef) error {
 	return fmt.Errorf("not implemented")
 }
 

pkg/provider/webhook/webhook.go

@@ -117,7 +117,7 @@ func (w *WebHook) getStoreSecret(ctx context.Context, ref esmeta.SecretKeySelect
 }
 
 // Not Implemented SetSecret.
-func (w *WebHook) SetSecret(secretKey, remoteKey string) error {
+func (w *WebHook) SetSecret(ctx context.Context, value []byte, remoteRef esv1beta1.PushRemoteRef) error {
 	return fmt.Errorf("not implemented")
 }
 

pkg/provider/yandex/common/secretsclient.go

@@ -34,7 +34,7 @@ func (c *yandexCloudSecretsClient) GetSecret(ctx context.Context, ref esv1beta1.
 	return c.secretGetter.GetSecret(ctx, c.iamToken, ref.Key, ref.Version, ref.Property)
 }
 
-func (c *yandexCloudSecretsClient) SetSecret(secretKey, remoteKey string) error {
+func (c *yandexCloudSecretsClient) SetSecret(ctx context.Context, value []byte, remoteRef esv1beta1.PushRemoteRef) error {
 	return fmt.Errorf("not implemented")
 }