From 2aa33c5fb87f5f1c1a3571e3da657a21351994ac Mon Sep 17 00:00:00 2001 From: Vitaly Antonenko Date: Thu, 11 Apr 2024 10:56:49 +0300 Subject: [PATCH] Add base64 encoding co Create and change Read fucntion to get value with decode. Add base64 encoding for values in Update --- internal/juju/secrets.go | 26 +++++++++++++++++++++--- internal/juju/secrets_test.go | 37 ++++++++++++++++++++++------------- 2 files changed, 46 insertions(+), 17 deletions(-) diff --git a/internal/juju/secrets.go b/internal/juju/secrets.go index a4d24016..533fb13f 100644 --- a/internal/juju/secrets.go +++ b/internal/juju/secrets.go @@ -4,6 +4,7 @@ package juju import ( + "encoding/base64" "errors" "fmt" @@ -90,7 +91,14 @@ func (c *secretsClient) CreateSecret(input *CreateSecretInput) (CreateSecretOutp defer func() { _ = conn.Close() }() secretAPIClient := c.getSecretAPIClient(conn) - secretId, err := secretAPIClient.CreateSecret(input.Name, input.Info, input.Value) + + // Encode the secret values as base64 + encodedValue := make(map[string]string, len(input.Value)) + for k, v := range input.Value { + encodedValue[k] = base64.StdEncoding.EncodeToString([]byte(v)) + } + + secretId, err := secretAPIClient.CreateSecret(input.Name, input.Info, encodedValue) if err != nil { return CreateSecretOutput{}, typedError(err) } @@ -135,10 +143,16 @@ func (c *secretsClient) ReadSecret(input *ReadSecretInput) (ReadSecretOutput, er return ReadSecretOutput{}, errors.New(results[0].Error) } + // Decode the secret values from base64 + decodedValue, err := results[0].Value.Values() + if err != nil { + return ReadSecretOutput{}, err + } + return ReadSecretOutput{ SecretId: results[0].Metadata.URI.String(), Name: results[0].Metadata.Label, - Value: results[0].Value.EncodedValues(), + Value: decodedValue, Info: results[0].Metadata.Description, }, nil } @@ -167,7 +181,13 @@ func (c *secretsClient) UpdateSecret(input *UpdateSecretInput) error { } var value map[string]string if input.Value != nil { - value = *input.Value + // Encode the secret values as base64 + encodedValue := make(map[string]string, len(*input.Value)) + for k, v := range *input.Value { + encodedValue[k] = base64.StdEncoding.EncodeToString([]byte(v)) + } + + value = encodedValue } else { value = map[string]string{} } diff --git a/internal/juju/secrets_test.go b/internal/juju/secrets_test.go index e95a52e1..02815fa9 100644 --- a/internal/juju/secrets_test.go +++ b/internal/juju/secrets_test.go @@ -48,15 +48,18 @@ func (s *SecretSuite) TestCreateSecret() { ctlr := s.setupMocks(s.T()) defer ctlr.Finish() + decodedValue := map[string]string{"key": "value"} + encodedValue := map[string]string{"key": base64.StdEncoding.EncodeToString([]byte("value"))} + s.mockSecretClient.EXPECT().CreateSecret( - "test-secret", "test info", map[string]string{"key": "value"}, + "test-secret", "test info", encodedValue, ).Return("secret-id", nil).AnyTimes() client := s.getSecretsClient() output, err := client.CreateSecret(&CreateSecretInput{ ModelName: s.testModelName, Name: "test-secret", - Value: map[string]string{"key": "value"}, + Value: decodedValue, Info: "test info", }) s.Require().NoError(err) @@ -71,15 +74,18 @@ func (s *SecretSuite) TestCreateSecretError() { errBoom := errors.New("boom") + decodedValue := map[string]string{"key": "value"} + encodedValue := map[string]string{"key": base64.StdEncoding.EncodeToString([]byte("value"))} + s.mockSecretClient.EXPECT().CreateSecret( - "test-secret", "test info", map[string]string{"key": "value"}, + "test-secret", "test info", encodedValue, ).Return("", errBoom).AnyTimes() client := s.getSecretsClient() output, err := client.CreateSecret(&CreateSecretInput{ ModelName: s.testModelName, Name: "test-secret", - Value: map[string]string{"key": "value"}, + Value: decodedValue, Info: "test info", }) s.Require().Error(err) @@ -130,6 +136,7 @@ func (s *SecretSuite) TestReadSecret() { s.Require().NoError(err) s.Assert().NotNil(output) + s.Assert().Equal("value", output.Value["key"]) } func (s *SecretSuite) TestReadSecretError() { @@ -171,13 +178,14 @@ func (s *SecretSuite) TestUpdateSecretWithRenaming() { secretInfo := "secret info" autoPrune := true - // update secret with value2 - value2 := base64.StdEncoding.EncodeToString([]byte("value2")) + decodedValue := map[string]string{"key": "value"} + encodedValue := map[string]string{"key": base64.StdEncoding.EncodeToString([]byte("value"))} + secretURI, err := coresecrets.ParseURI(secretId) s.Require().NoError(err) s.mockSecretClient.EXPECT().UpdateSecret( - secretURI, "", &autoPrune, newSecretName, "secret info", map[string]string{"key": value2}, + secretURI, "", &autoPrune, newSecretName, "secret info", encodedValue, ).Return(nil).AnyTimes() client := s.getSecretsClient() @@ -185,7 +193,7 @@ func (s *SecretSuite) TestUpdateSecretWithRenaming() { SecretId: secretId, ModelName: s.testModelName, Name: &newSecretName, - Value: &map[string]string{"key": value2}, + Value: &decodedValue, AutoPrune: &autoPrune, Info: &secretInfo, }) @@ -203,7 +211,7 @@ func (s *SecretSuite) TestUpdateSecretWithRenaming() { Revision: 1, }, }, - Value: coresecrets.NewSecretValue(map[string]string{"key": value2}), + Value: coresecrets.NewSecretValue(encodedValue), Error: "", }, }, nil).Times(1) @@ -226,20 +234,21 @@ func (s *SecretSuite) TestUpdateSecret() { secretInfo := "secret info" autoPrune := true - // update secret with value2 - value2 := base64.StdEncoding.EncodeToString([]byte("value2")) + decodedValue := map[string]string{"key": "value"} + encodedValue := map[string]string{"key": base64.StdEncoding.EncodeToString([]byte("value"))} + secretURI, err := coresecrets.ParseURI(secretId) s.Require().NoError(err) s.mockSecretClient.EXPECT().UpdateSecret( - secretURI, "", &autoPrune, "", "secret info", map[string]string{"key": value2}, + secretURI, "", &autoPrune, "", secretInfo, encodedValue, ).Return(nil).AnyTimes() client := s.getSecretsClient() err = client.UpdateSecret(&UpdateSecretInput{ SecretId: secretId, ModelName: s.testModelName, - Value: &map[string]string{"key": value2}, + Value: &decodedValue, AutoPrune: &autoPrune, Info: &secretInfo, }) @@ -258,7 +267,7 @@ func (s *SecretSuite) TestUpdateSecret() { Revision: 1, }, }, - Value: coresecrets.NewSecretValue(map[string]string{"key": value2}), + Value: coresecrets.NewSecretValue(encodedValue), Error: "", }, }, nil).Times(1)