Home Explore Help
Sign In
logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Merge pull request #533 from mixpanel/andy-GCP-SM-handle-non-string-values

Support common idiom for GCP SM
paul-the-alien[bot] 4 years ago
parent
b7ea9a603b 60fd67aeec
commit
b210907b2c
2 changed files with 16 additions and 2 deletions
Split View Show Diff Stats
  1. 8 2
      pkg/provider/gcp/secretmanager/secretsmanager.go
  2. 8 0
      pkg/provider/gcp/secretmanager/secretsmanager_test.go

+ 8 - 2
pkg/provider/gcp/secretmanager/secretsmanager.go
View File 

@@ -197,7 +197,7 @@ func (sm *ProviderGCP) GetSecretMap(ctx context.Context, ref esv1alpha1.External
 
 		return nil, err
 
 	}
 
 
-	kv := make(map[string]string)
 
+	kv := make(map[string]json.RawMessage)
 
 	err = json.Unmarshal(data, &kv)
 
 	if err != nil {
 
 		return nil, fmt.Errorf(errJSONSecretUnmarshal, err)
 
@@ -205,7 +205,13 @@ func (sm *ProviderGCP) GetSecretMap(ctx context.Context, ref esv1alpha1.External
 
 
 	secretData := make(map[string][]byte)
 
 	for k, v := range kv {
 
-		secretData[k] = []byte(v)
 
+		var strVal string
 
+		err = json.Unmarshal(v, &strVal)
 
+		if err == nil {
 
+			secretData[k] = []byte(strVal)
 
+		} else {
 
+			secretData[k] = v
 
+		}
 
 	}
 
 
 	return secretData, nil

+ 8 - 0
pkg/provider/gcp/secretmanager/secretsmanager_test.go
View File 

@@ -172,11 +172,19 @@ func TestGetSecretMap(t *testing.T) {
 
 		smtc.expectError = "unable to unmarshal secret"
 
 	}
 
 
+	// good case: deserialize nested json as []byte, if it's a string, decode the string
 
+	setNestedJSON := func(smtc *secretManagerTestCase) {
 
+		smtc.apiOutput.Payload.Data = []byte(`{"foo":{"bar":"baz"}, "qux": "qu\"z"}`)
 
+		smtc.expectedData["foo"] = []byte(`{"bar":"baz"}`)
 
+		smtc.expectedData["qux"] = []byte("qu\"z")
 
+	}
 
+
 
 	successCases := []*secretManagerTestCase{
 
 		makeValidSecretManagerTestCaseCustom(setDeserialization),
 
 		makeValidSecretManagerTestCaseCustom(setAPIErr),
 
 		makeValidSecretManagerTestCaseCustom(setNilMockClient),
 
 		makeValidSecretManagerTestCaseCustom(setInvalidJSON),
 
+		makeValidSecretManagerTestCaseCustom(setNestedJSON),
 
 	}
 
 
 	sm := ProviderGCP{}