From a31083fe8ff78053806805f0c9bccd47f55a303e Mon Sep 17 00:00:00 2001 From: Vladislav Sukhin Date: Fri, 20 Oct 2023 18:58:46 +0300 Subject: [PATCH] fix: enable secrets endpoint (#4469) * fix: enable secrets endpoint * fix: env mame typo * fix: visibility label for secrets * fix: dep update * fix: dep update --- cmd/api-server/main.go | 1 + docs/docs/articles/helm-chart.md | 3 +- go.mod | 2 +- go.sum | 4 +- internal/app/api/v1/server.go | 124 ++++++++++++++++--------------- internal/config/config.go | 1 + pkg/secret/client.go | 4 +- 7 files changed, 75 insertions(+), 64 deletions(-) diff --git a/cmd/api-server/main.go b/cmd/api-server/main.go index c76a8978c4..ae09ed9392 100644 --- a/cmd/api-server/main.go +++ b/cmd/api-server/main.go @@ -435,6 +435,7 @@ func main() { cfg.TestkubeHelmchartVersion, mode, eventBus, + cfg.EnableSecretsEndpoint, ) if mode == common.ModeAgent { diff --git a/docs/docs/articles/helm-chart.md b/docs/docs/articles/helm-chart.md index d8fa221569..751e0592b7 100644 --- a/docs/docs/articles/helm-chart.md +++ b/docs/docs/articles/helm-chart.md @@ -115,7 +115,8 @@ The following Helm defaults are used in the `testkube` chart: | testkube-api.cdeventsTarget | yes | "" | | testkube-api.dashboardUri | yes | "" | | testkube-api.clusterName | yes | "" | -| testkube-api.storage.compressArtifacts | yes | true +| testkube-api.storage.compressArtifacts | yes | true | +| testkube-api.enableSecretsEndpoint | yes | false | >For more configuration parameters of a `MongoDB` chart please visit: diff --git a/go.mod b/go.mod index beba0c96f2..6ed23c37bf 100644 --- a/go.mod +++ b/go.mod @@ -25,7 +25,7 @@ require ( github.com/gorilla/websocket v1.5.0 github.com/joshdk/go-junit v1.0.0 github.com/kelseyhightower/envconfig v1.4.0 - github.com/kubeshop/testkube-operator v1.10.8-0.20231020122730-3ec11798a62f + github.com/kubeshop/testkube-operator v1.10.8-0.20231020154056-62a79514fcf5 github.com/minio/minio-go/v7 v7.0.47 github.com/montanaflynn/stats v0.6.6 github.com/moogar0880/problems v0.1.1 diff --git a/go.sum b/go.sum index 14e292051f..f995d298e1 100644 --- a/go.sum +++ b/go.sum @@ -240,8 +240,8 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/kubeshop/testkube-operator v1.10.8-0.20231020122730-3ec11798a62f h1:ce4ifn6U9c442YSdkoDLcqwCNS6c84gLj/Pbl8mEygY= -github.com/kubeshop/testkube-operator v1.10.8-0.20231020122730-3ec11798a62f/go.mod h1:iwzgZriFxOzstinAqWB32g9iAMSORiQvGYWzX0FWbQk= +github.com/kubeshop/testkube-operator v1.10.8-0.20231020154056-62a79514fcf5 h1:FqvYIScljavtmGde5c+Tj2toqofWEh7+ntf/d2Rcznw= +github.com/kubeshop/testkube-operator v1.10.8-0.20231020154056-62a79514fcf5/go.mod h1:iwzgZriFxOzstinAqWB32g9iAMSORiQvGYWzX0FWbQk= github.com/leodido/go-urn v1.2.1 h1:BqpAaACuzVSgi/VLzGZIobT2z4v53pjosyNd9Yv6n/w= github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY= github.com/lithammer/fuzzysearch v1.1.8 h1:/HIuJnjHuXS8bKaiTMeeDlW2/AyIWk2brx1V8LFgLN4= diff --git a/internal/app/api/v1/server.go b/internal/app/api/v1/server.go index f8adec2374..9f40a9bf11 100644 --- a/internal/app/api/v1/server.go +++ b/internal/app/api/v1/server.go @@ -87,6 +87,7 @@ func NewTestkubeAPI( helmchartVersion string, mode string, eventsBus bus.Bus, + enableSecretsEndpoint bool, ) TestkubeAPI { var httpConfig server.Config @@ -103,34 +104,35 @@ func NewTestkubeAPI( } s := TestkubeAPI{ - HTTPServer: server.NewServer(httpConfig), - TestExecutionResults: testsuiteExecutionsResults, - ExecutionResults: testExecutionResults, - TestsClient: testsClient, - ExecutorsClient: executorsClient, - SecretClient: secretClient, - Clientset: clientset, - TestsSuitesClient: testsuitesClient, - TestKubeClientset: testkubeClientset, - Metrics: metrics, - Events: eventsEmitter, - WebhooksClient: webhookClient, - TestSourcesClient: testsourcesClient, - Namespace: namespace, - ConfigMap: configMap, - Executor: executor, - ContainerExecutor: containerExecutor, - jobTemplate: jobTemplate, - scheduler: scheduler, - slackLoader: slackLoader, - Storage: storage, - graphqlPort: graphqlPort, - artifactsStorage: artifactsStorage, - TemplatesClient: templatesClient, - dashboardURI: dashboardURI, - helmchartVersion: helmchartVersion, - mode: mode, - eventsBus: eventsBus, + HTTPServer: server.NewServer(httpConfig), + TestExecutionResults: testsuiteExecutionsResults, + ExecutionResults: testExecutionResults, + TestsClient: testsClient, + ExecutorsClient: executorsClient, + SecretClient: secretClient, + Clientset: clientset, + TestsSuitesClient: testsuitesClient, + TestKubeClientset: testkubeClientset, + Metrics: metrics, + Events: eventsEmitter, + WebhooksClient: webhookClient, + TestSourcesClient: testsourcesClient, + Namespace: namespace, + ConfigMap: configMap, + Executor: executor, + ContainerExecutor: containerExecutor, + jobTemplate: jobTemplate, + scheduler: scheduler, + slackLoader: slackLoader, + Storage: storage, + graphqlPort: graphqlPort, + artifactsStorage: artifactsStorage, + TemplatesClient: templatesClient, + dashboardURI: dashboardURI, + helmchartVersion: helmchartVersion, + mode: mode, + eventsBus: eventsBus, + enableSecretsEndpoint: enableSecretsEndpoint, } // will be reused in websockets handler @@ -157,36 +159,37 @@ func NewTestkubeAPI( type TestkubeAPI struct { server.HTTPServer - ExecutionResults result.Repository - TestExecutionResults testresult.Repository - Executor client.Executor - ContainerExecutor client.Executor - TestsSuitesClient *testsuitesclientv3.TestSuitesClient - TestsClient *testsclientv3.TestsClient - ExecutorsClient *executorsclientv1.ExecutorsClient - SecretClient *secret.Client - WebhooksClient *executorsclientv1.WebhooksClient - TestKubeClientset testkubeclientset.Interface - TestSourcesClient *testsourcesclientv1.TestSourcesClient - Metrics metrics.Metrics - Storage storage.Client - storageParams storageParams - Namespace string - oauthParams oauthParams - WebsocketLoader *ws.WebsocketLoader - Events *event.Emitter - ConfigMap config.Repository - jobTemplate string - scheduler *scheduler.Scheduler - Clientset kubernetes.Interface - slackLoader *slack.SlackLoader - graphqlPort string - artifactsStorage storage.ArtifactsStorage - TemplatesClient *templatesclientv1.TemplatesClient - dashboardURI string - helmchartVersion string - mode string - eventsBus bus.Bus + ExecutionResults result.Repository + TestExecutionResults testresult.Repository + Executor client.Executor + ContainerExecutor client.Executor + TestsSuitesClient *testsuitesclientv3.TestSuitesClient + TestsClient *testsclientv3.TestsClient + ExecutorsClient *executorsclientv1.ExecutorsClient + SecretClient *secret.Client + WebhooksClient *executorsclientv1.WebhooksClient + TestKubeClientset testkubeclientset.Interface + TestSourcesClient *testsourcesclientv1.TestSourcesClient + Metrics metrics.Metrics + Storage storage.Client + storageParams storageParams + Namespace string + oauthParams oauthParams + WebsocketLoader *ws.WebsocketLoader + Events *event.Emitter + ConfigMap config.Repository + jobTemplate string + scheduler *scheduler.Scheduler + Clientset kubernetes.Interface + slackLoader *slack.SlackLoader + graphqlPort string + artifactsStorage storage.ArtifactsStorage + TemplatesClient *templatesclientv1.TemplatesClient + dashboardURI string + helmchartVersion string + mode string + eventsBus bus.Bus + enableSecretsEndpoint bool } type storageParams struct { @@ -384,6 +387,11 @@ func (s *TestkubeAPI) InitRoutes() { files := s.Routes.Group("/uploads") files.Post("/", s.UploadFiles()) + if s.enableSecretsEndpoint { + files := s.Routes.Group("/secrets") + files.Get("/", s.ListSecretsHandler()) + } + repositories := s.Routes.Group("/repositories") repositories.Post("/", s.ValidateRepositoryHandler()) diff --git a/internal/config/config.go b/internal/config/config.go index 3179b21dc8..cf0645e82c 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -66,6 +66,7 @@ type Config struct { TestkubeHelmchartVersion string `envconfig:"TESTKUBE_HELMCHART_VERSION" default:""` DebugListenAddr string `envconfig:"DEBUG_LISTEN_ADDR" default:"0.0.0.0:1337"` EnableDebugServer bool `envconfig:"ENABLE_DEBUG_SERVER" default:"false"` + EnableSecretsEndpoint bool `envconfig:"ENABLE_SECRETS_ENDPOINT" default:"false"` } func Get() (*Config, error) { diff --git a/pkg/secret/client.go b/pkg/secret/client.go index 5b08339a13..37d9bb6031 100644 --- a/pkg/secret/client.go +++ b/pkg/secret/client.go @@ -85,7 +85,7 @@ func (c *Client) List(all bool) (map[string]map[string]string, error) { secretsClient := c.ClientSet.CoreV1().Secrets(c.Namespace) ctx := context.Background() - selector := "" + selector := "visibility=testkube" if !all { selector = fmt.Sprintf("testkube=%s", testkubeTestSecretLabel) } @@ -185,7 +185,7 @@ func NewSpec(id, namespace string, labels, stringData map[string]string) *v1.Sec ObjectMeta: metav1.ObjectMeta{ Name: id, Namespace: namespace, - Labels: map[string]string{"testkube": testkubeTestSecretLabel}, + Labels: map[string]string{"testkube": testkubeTestSecretLabel, "visibility": "testkube"}, }, Type: v1.SecretTypeOpaque, StringData: stringData,