Skip to content

Add decoding support for secret values in config package #504

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 9 commits into
base: main
Choose a base branch
from
Open

Add decoding support for secret values in config package #504

wants to merge 9 commits into from

Conversation

dgulli
Copy link

@dgulli dgulli commented Dec 20, 2024

  • Introduced a new field Encoding in the Secret struct to specify the encoding type of the secret value, currently supporting "base64".
  • Added a DecodeContent method to handle decoding of the secret content based on the specified encoding.
  • Done this to make it comparable to the way Hashicorp Vault secrets interact with GKE (base64 encoding)

@dgulli
Add encoding support for secret values in config package
382ccdc 
- Introduced a new field `Encoding` in the `Secret` struct to specify the encoding type of the secret value, currently supporting "base64".
- Added a `DecodeContent` method to handle decoding of the secret content based on the specified encoding.
dgulli added 2 commits January 31, 2025 15:53
@dgulli
Add base64 encoding support for secret mounting
1179e29 
- Update server to handle base64 encoded secrets during mount
- Add test cases for base64 and non-encoded secret scenarios
- Update example configuration template to demonstrate base64 encoding
@dgulli
Merge branch 'main' into main
05c213e
@dargudear-google
Copy link
Member

/assign jainsuyogj

@dgulli
Copy link
Author

dgulli commented Mar 17, 2025
edited
Loading

Hi all, do i need to do anything here? there are workflows with pending checks and im not sure if i need to trigger anything on my side? @jainsuyogj or @dargudear-google any guidance?

dgulli added 2 commits March 18, 2025 14:59
@dgulli
Update e2e workflow to use secrets for project configuration
9fa078c 
- Added environment variables for PROJECT_ID, CLUSTER_NAME, and LOCATION_ID using GitHub secrets.
- Updated project_id in the setup-gcloud action to reference the new secret.
@dgulli
Refactor runner.sh to use environment variables for configuration
7200444 
- Updated CLUSTER_NAME, PROJECT_ID, and LOCATION_ID to use environment variables with default values.
- This change allows for more flexible configuration when running the script.
jainsuyogj
jainsuyogj reviewed Mar 19, 2025
View reviewed changes
.DS_Store Outdated
Copy link
Collaborator

@jainsuyogj jainsuyogj Mar 19, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This file is not required for the PR

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok no worries, reverted to the original

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The file still is shown as a "created file" in this PR. Revert hasn't happened I believe

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The .DS_Store file

jainsuyogj
jainsuyogj reviewed Mar 19, 2025
View reviewed changes
.github/workflows/e2e.yml Outdated
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The {{ secrets.TEST_PROJECT_ID}} isn't defined in our project. Setting it empty(due to non existence) might cause problems to the default code in runner.sh. Maybe tests should catch this.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok no worries, reverted to the original

jainsuyogj
jainsuyogj reviewed Mar 19, 2025
View reviewed changes
Copy link
Collaborator

@jainsuyogj jainsuyogj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes LGTM

jainsuyogj
jainsuyogj requested changes Mar 25, 2025
View reviewed changes
Copy link
Collaborator

@jainsuyogj jainsuyogj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor comment: But should the title say that we are adding decoding support for secret values?

@jainsuyogj jainsuyogj self-requested a review March 25, 2025 07:14
@dgulli dgulli changed the title Add encoding support for secret values in config package Add decoding support for secret values in config package Apr 1, 2025
jainsuyogj
jainsuyogj reviewed Apr 1, 2025
View reviewed changes
.gitignore Outdated
@@ -0,0 +1 @@
.DS_Store
Copy link
Collaborator

@jainsuyogj jainsuyogj Apr 1, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dgulli Can you do a "git rm .DS_Store" and "git rm .gitignore" on your branch and then push a commit?

If you wish, you can keep these file locally on your branch, but as you have pushed those changes, they will also get merged in the GCP repo, which we don't want.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

@dgulli dgulli requested a review from arpangoswami as a code owner April 15, 2025 03:07
@jainsuyogj
Copy link
Collaborator

@dgulli Do you have an concrete example of what use case this solves?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jainsuyogj jainsuyogj jainsuyogj requested changes

@amitmodak amitmodak Awaiting requested review from amitmodak amitmodak is a code owner

@NaMNDV NaMNDV Awaiting requested review from NaMNDV NaMNDV is a code owner

@dargudear-google dargudear-google Awaiting requested review from dargudear-google dargudear-google is a code owner

@abheda-crest abheda-crest Awaiting requested review from abheda-crest abheda-crest is a code owner

@arpangoswami arpangoswami Awaiting requested review from arpangoswami arpangoswami is a code owner

Requested changes must be addressed to merge this pull request.

Assignees

@jainsuyogj jainsuyogj

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dgulli @dargudear-google @jainsuyogj