Skip to content
This repository has been archived by the owner on Jul 26, 2022. It is now read-only.

fix(azure)!: Changes the values return type from Azure Key vault Prev… #460

Merged
merged 1 commit into from
Sep 29, 2020
Merged

fix(azure)!: Changes the values return type from Azure Key vault Prev… #460

merged 1 commit into from
Sep 29, 2020

Conversation

Flydiverny
Copy link
Member

@Flydiverny Flydiverny commented Jul 31, 2020
edited
Loading

This is a breaking change for azure key vault users

fix(azure)!: Changes the values return type from Azure Key vault Previously secret value was wrapped in an object { "value": } while now will be returned directly so KES features can be properly used (migration: "property: value" -> remove property selector)

Allows storing JSON in azure vault backend and extracting fields etc!

eg

Secret values in azure keyvault:

password=lolsogood
credentials={"username":"wtf","password":"lol","host":"greenland"}

apiVersion: 'kubernetes-client.io/v1'
kind: ExternalSecret
metadata:
  name: hello-service-azure
spec:
  backendType: azureKeyVault
  keyVaultName: kes-test
  data:
    - key: password
      name: password
    - key: credentials
      name: username
      property: username

->

apiVersion: v1
kind: Secret
metadata:
  name: hello-service-azure
  namespace: default
type: Opaque
data:
  password: bG9sc29nb29k
  username: d3Rm

and (removing property selector for credentials)

apiVersion: 'kubernetes-client.io/v1'
kind: ExternalSecret
metadata:
  name: hello-service-azure
spec:
  backendType: azureKeyVault
  keyVaultName: kes-test
  data:
    - key: password
      name: password
    - key: credentials
      name: username

->

apiVersion: v1
kind: Secret
metadata:
  name: hello-service-azure
  namespace: default
type: Opaque
data:
  password: bG9sc29nb29k
  username: eyJ1c2VybmFtZSI6Ind0ZiIsInBhc3N3b3JkIjoibG9sIiwiaG9zdCI6ImdyZWVubGFuZCJ9

Currently you have to do:

apiVersion: 'kubernetes-client.io/v1'
kind: ExternalSecret
metadata:
  name: hello-service-azure
spec:
  backendType: azureKeyVault
  keyVaultName: kes-test
  data:
    - key: password
      name: password
      property: value
    - key: credentials
      name: username
      property: value

which limits KES usability.

@Flydiverny
fix(azure)!: Changes the values return type from Azure Key vault Prev…
60c033f 
…iously secret value was wrapped in an object { "value": <secret> } while now <secret> will be returned directly so KES features can be properly used (migration: "property: value" -> remove property selector)
@Flydiverny Flydiverny mentioned this pull request Sep 28, 2020
Closed
@Flydiverny Flydiverny merged commit 36d5bbb into external-secrets:master Sep 29, 2020
@Flydiverny Flydiverny deleted the azure-fix branch September 29, 2020 00:29
@ninadpage ninadpage mentioned this pull request Dec 22, 2020
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@rxmarbles rxmarbles rxmarbles approved these changes

@silasbw silasbw Awaiting requested review from silasbw

Assignees
No one assigned
Labels
azure
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Flydiverny @rxmarbles