Home Explore Help
Sign In
logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

feat: add externalsecret namespace for webhook provider (#5155)

* feat: add externalsecret namespace for webhook provider

Signed-off-by: Matheus Mazzoni <matheusdiasmazzoni@gmail.com>

* refactor: remove debug fmt for webhook

Signed-off-by: Matheus Mazzoni <54732019+matheusmazzoni@users.noreply.github.com>

---------

Signed-off-by: Matheus Mazzoni <matheusdiasmazzoni@gmail.com>
Signed-off-by: Matheus Mazzoni <54732019+matheusmazzoni@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <skarlso777@gmail.com>
Matheus Mazzoni 7 months ago
parent
a0a992455a
commit
92c34dbecc
2 changed files with 31 additions and 9 deletions
Split View Show Diff Stats
  1. 8 7
      pkg/common/webhook/webhook.go
  2. 23 2
      pkg/provider/webhook/webhook_test.go

+ 8 - 7
pkg/common/webhook/webhook.go
View File 

@@ -122,15 +122,17 @@ func (w *Webhook) GetTemplateData(ctx context.Context, ref *esv1.ExternalSecretD
 
 	if ref != nil {
 
 		if urlEncode {
 
 			data["remoteRef"] = map[string]string{
 
-				"key":      url.QueryEscape(ref.Key),
 
-				"version":  url.QueryEscape(ref.Version),
 
-				"property": url.QueryEscape(ref.Property),
 
+				"key":       url.QueryEscape(ref.Key),
 
+				"version":   url.QueryEscape(ref.Version),
 
+				"property":  url.QueryEscape(ref.Property),
 
+				"namespace": w.Namespace,
 
 			}
 
 		} else {
 
 			data["remoteRef"] = map[string]string{
 
-				"key":      ref.Key,
 
-				"version":  ref.Version,
 
-				"property": ref.Property,
 
+				"key":       ref.Key,
 
+				"version":   ref.Version,
 
+				"property":  ref.Property,
 
+				"namespace": w.Namespace,
 
 			}
 
 		}
 
 	}
 
@@ -138,7 +140,6 @@ func (w *Webhook) GetTemplateData(ctx context.Context, ref *esv1.ExternalSecretD
 
 	if err := w.getTemplatedSecrets(ctx, secrets, data); err != nil {
 
 		return nil, err
 
 	}
 
-
 
 	return data, nil
 
 }

+ 23 - 2
pkg/provider/webhook/webhook_test.go
View File 

@@ -375,6 +375,26 @@ args:
 
 want:
 
   path: /api/getsecrets?folder=%2Fmyapp%2Fsecrets
 
   body: '{"folder": "/myapp/secrets"}'
 
+---
 
+case: namespace template in headers
 
+args:
 
+  url: /api/getsecret?id={{ .remoteRef.key }}
 
+  key: testkey
 
+  response: secret-value
 
+want:
 
+  path: /api/getsecret?id=testkey
 
+  err: ''
 
+  result: secret-value
 
+---
 
+case: namespace template in url
 
+args:
 
+  url: /api/getsecret?id={{ .remoteRef.key }}&namespace={{ .remoteRef.namespace }}
 
+  key: testkey
 
+  response: secret-value
 
+want:
 
+  path: /api/getsecret?id=testkey&namespace=testnamespace
 
+  err: ''
 
+  result: secret-value
 
 `
 
 
 func TestWebhookGetSecret(t *testing.T) {
 
@@ -669,8 +689,9 @@ func makeClusterSecretStore(url string, args args) *esv1.ClusterSecretStore {
 
 					URL:  url + args.URL,
 
 					Body: args.Body,
 
 					Headers: map[string]string{
 
-						"Content-Type": "application.json",
 
-						"X-SecretKey":  "{{ .remoteRef.key }}",
 
+						"Content-Type":           "application.json",
 
+						"X-SecretKey":            "{{ .remoteRef.key }}",
 
+						"X-Kubernetes-Namespace": "{{ .remoteRef.namespace }}",
 
 					},
 
 					Result: esv1.WebhookResult{
 
 						JSONPath: args.JSONPath,