Sha256: 8a441701bf17f578e0ff328bb699772bfa2b399a0dbcaddbd2ca4b2949f60e68
Contents?: true
Size: 1.62 KB
Versions: 1
Compression:
Stored size: 1.62 KB
Contents
require "base64"
module TerraspacePluginGoogle::Interfaces::Helper
class Secret
include TerraspacePluginGoogle::Clients
include TerraspacePluginGoogle::Logging
def initialize(options={})
@options = options
@base64 = options[:base64]
@project_id = options[:google_project] || ENV['GOOGLE_PROJECT'] || raise("GOOGLE_PROJECT env variable is not set. It's required.")
end
def fetch(short_name, version: "latest")
value = fetch_value(short_name, version)
value = Base64.strict_encode64(value).strip if @base64
value
end
def fetch_value(short_name, version="latest")
name = "projects/#{project_number}/secrets/#{short_name}/versions/#{version}"
version = secret_manager_service.access_secret_version(name: name)
version.payload.data
rescue Google::Cloud::NotFoundError => e
logger.info "WARN: secret #{name} not found".color(:yellow)
logger.info e.message
"NOT FOUND #{name}" # simple string so Kubernetes YAML is valid
end
# TODO: Get the project from the list project api instead. Unsure where the docs are for this.
# If someone knows, let me know.
# Right now grabbing the first secret to then be able to get the google project number
@@project_number = nil
def project_number
return @@project_number if @@project_number
parent = "projects/#{@project_id}"
resp = secret_manager_service.list_secrets(parent: parent) # note: page_size doesnt seem to get respected
name = resp.first.name # IE: projects/111111111111/secrets/demo-dev-db_host
@@project_number = name.split('/')[1]
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| terraspace_plugin_google-0.3.0 | lib/terraspace_plugin_google/interfaces/helper/secret.rb |