Class: Kube::Cluster::Standard::ESO::ExternalSecret

Inherits:

Object

Object
Kube::Cluster::Standard::ESO::ExternalSecret

show all

Defined in:: lib/kube/cluster/standard/eso/external_secret.rb

Defined Under Namespace

Classes: KeyRef, TemplateRef

Instance Attribute Summary collapse

#secret_name ⇒ Object readonly

Returns the value of attribute secret_name.

Instance Method Summary collapse

#initialize(name:, store:, remote_key:, keys: nil, deletion_policy: nil, &block) ⇒ ExternalSecret constructor

A new instance of ExternalSecret.
#key(key_name) ⇒ Object

Returns a KeyRef for mounting a single key from this secret as a file.
#register_template!(env_key, template_string) ⇒ Object

Called by env processing to register a template entry.
#template(template_string) ⇒ Object (also: #with_template)

Returns a TemplateRef.

Constructor Details

#initialize(name:, store:, remote_key:, keys: nil, deletion_policy: nil, &block) ⇒ `ExternalSecret`

Returns a new instance of ExternalSecret.

# File 'lib/kube/cluster/standard/eso/external_secret.rb', line 23

def initialize(name:, store:, remote_key:, keys: nil, deletion_policy: nil, &block)
  @secret_name = name
  @remote_key = remote_key
  @_template_data = {}
  @_remote_properties = {}
  @_keys = keys
  @_deletion_policy = deletion_policy

  super() do
    metadata.name = name
    spec.refreshInterval = '1h'
    spec.secretStoreRef = { kind: 'ClusterSecretStore', name: store }

    target = { name: name, creationPolicy: 'Owner' }
    target[:deletionPolicy] = deletion_policy if deletion_policy
    spec.target = target

    if keys
      spec.data = keys.map do |secret_key, property|
        { secretKey: secret_key, remoteRef: { key: remote_key, property: property } }
      end
    end

    instance_exec(&block) if block
  end
end

Instance Attribute Details

#secret_name ⇒ `Object` (readonly)

Returns the value of attribute secret_name.



21
22
23

# File 'lib/kube/cluster/standard/eso/external_secret.rb', line 21

def secret_name
  @secret_name
end

Instance Method Details

#key(key_name) ⇒ `Object`

Returns a KeyRef for mounting a single key from this secret as a file. The volume processing layer uses this to generate the volume and mount.



59
60
61

# File 'lib/kube/cluster/standard/eso/external_secret.rb', line 59

def key(key_name)
  KeyRef.new(self, key_name)
end

#register_template!(env_key, template_string) ⇒ `Object`

Called by env processing to register a template entry.

# File 'lib/kube/cluster/standard/eso/external_secret.rb', line 64

def register_template!(env_key, template_string)
  @_template_data[env_key] = template_string

  template_string.scan(/\{\{\s*\.(\w+)\s*\}\}/) do |match|
    @_remote_properties[match[0]] = true
  end

  @data.spec.target.template = { data: @_template_data }
  @data.spec.data = @_remote_properties.keys.map do |prop|
    { secretKey: prop, remoteRef: { key: @remote_key, property: prop } }
  end
end

#template(template_string) ⇒ `Object` Also known as: with_template

Returns a TemplateRef. The env hash processor calls .register! on the ref to wire up the template data and remote properties.



52
53
54

# File 'lib/kube/cluster/standard/eso/external_secret.rb', line 52

def template(template_string)
  TemplateRef.new(self, template_string)
end