Skip to content

Add support for template secrets #143

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Dec 20, 2023
Merged

Add support for template secrets #143

merged 2 commits into from
Dec 20, 2023

Conversation

reddec
Copy link
Contributor

@reddec reddec commented Dec 13, 2023

Add support for template secrets.

Users can specify the structure and content of secrets based on their unique requirements using standard
Go templates. This flexibility allows for a more tailored approach to
meeting the specific needs of different applications.

Available context:

Variable Meaning
.Host Database host
.Role Generated user/role name
.Database Referenced database name
.Password Generated role password

Example

apiVersion: db.movetokube.com/v1alpha1
kind: PostgresUser
metadata:
  name: my-db-user
spec:
  role: username
  database: my-db
  secretName: my-secret
  privileges: OWNER
  template:
    PQ_URL: "host={{.Host}} user={{.Role}} password={{.Password}} dbname={{.Database}}"

Change is backward compatible: no need to update existing CRDs in cluster.

@reddec
Copy link
Contributor Author

reddec commented Dec 13, 2023

@hitman99 sorry for bothering you, but could you please review one more PR?

@reddec reddec mentioned this pull request Dec 15, 2023
Closed
hitman99
hitman99 reviewed Dec 19, 2023
View reviewed changes
README.md Outdated
@@ -173,6 +174,8 @@ spec:
privileges: OWNER # Can be OWNER/READ/WRITE
annotations: # Annotations to be propagated to the secrets metadata section (optional)
foo: "bar"
template: # Output secrets can be customized using standard Go templates
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that template is a bit misleading, would it be possible to change it to secretTemplate or something else that indicates that this fiel is used to template data in the secret

hitman99
hitman99 requested changes Dec 19, 2023
View reviewed changes
Copy link
Member

@hitman99 hitman99 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it's a bit misleading to name that field template. From the name itself it's not clear that it is allowing to template the data in the secret

@reddec
Copy link
Contributor Author

reddec commented Dec 19, 2023

@hitman99 updated

@reddec reddec requested a review from hitman99 December 20, 2023 03:58
@hitman99 hitman99 merged commit aaa3af7 into movetokube:master Dec 20, 2023
@95gabor 95gabor mentioned this pull request Dec 27, 2023
Merged
@reddec reddec mentioned this pull request Feb 10, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hitman99 hitman99 hitman99 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@reddec @hitman99