chainloop-dev · migmartri · Oct 16, 2023 · Oct 12, 2023 · Oct 13, 2023 · Oct 13, 2023
diff --git a/app/artifact-cas/configs/samples/config.yaml b/app/artifact-cas/configs/samples/config.yaml
@@ -33,6 +33,12 @@ credentials_service:
   #   project_id: 522312304548
   #   auth_key: "./configs/gcp_auth_key.json"
 
+  # azure_key_vault:
+  #   tenant_id: AD-tenant-id
+  #   client_id: Service Principal ID
+  #   client_secret: Service Principal Secret
+  #   vault_uri: https://myvault.vault.azure.net/
+
 observability:
   sentry:
     dsn: "http://sentryDomain"

diff --git a/app/controlplane/configs/samples/config.yaml b/app/controlplane/configs/samples/config.yaml
@@ -40,4 +40,10 @@ credentials_service:
 
   # gcp_secret_manager:
   #   project_id: 522312304548
-  #   auth_key: "./configs/gcp_auth_key.json"
+  #   auth_key: "./configs/gcp_auth_key.json"
+
+  # azure_key_vault:
+  #   tenant_id: AD-tenant-id
+  #   client_id: Service Principal ID
+  #   client_secret: Service Principal Secret
+  #   vault_uri: https://myvault.vault.azure.net/
diff --git a/app/controlplane/internal/biz/casbackend.go b/app/controlplane/internal/biz/casbackend.go
@@ -386,7 +386,7 @@ func (uc *CASBackendUseCase) Delete(ctx context.Context, id string) error {
 	uc.logger.Infow("msg", "deleting CAS backend external secrets", "ID", id, "secretName", backend.SecretName)
 	// Delete the secret in the external secrets manager
 	if err := uc.credsRW.DeleteCredentials(ctx, backend.SecretName); err != nil {
-		return fmt.Errorf("deleting the credentials: %w", err)
+		uc.logger.Errorw("msg", "deleting CAS backend external secrets", "ID", id, "secretName", backend.SecretName, "error", err)
 	}
 
 	uc.logger.Infow("msg", "CAS Backend deleted", "ID", id)

diff --git a/app/controlplane/internal/biz/organization.go b/app/controlplane/internal/biz/organization.go
@@ -17,6 +17,7 @@ package biz
 
 import (
 	"context"
+	"fmt"
 	"time"
 
 	"github.com/go-kratos/kratos/v2/log"
@@ -101,18 +102,14 @@ func (uc *OrganizationUseCase) Delete(ctx context.Context, id string) error {
 		}
 	}
 
-	// Delete the associated repository
-	// Currently there is only one repository per organization
-	ociRepository, err := uc.casBackendUseCase.FindDefaultBackend(ctx, org.ID)
-	if err != nil && !IsNotFound(err) {
-		return err
+	backends, err := uc.casBackendUseCase.List(ctx, org.ID)
+	if err != nil {
+		return fmt.Errorf("failed to list backends: %w", err)
 	}
 
-	if ociRepository != nil {
-		// We make sure to call the OCI repository use case to delete the repository
-		// including the external secret
-		if err := uc.casBackendUseCase.Delete(ctx, ociRepository.ID.String()); err != nil {
-			return err
+	for _, b := range backends {
+		if err := uc.casBackendUseCase.Delete(ctx, b.ID.String()); err != nil {
+			return fmt.Errorf("failed to delete backend: %w", err)
 		}
 	}
 

diff --git a/go.mod b/go.mod
@@ -82,6 +82,7 @@ require (
 	cloud.google.com/go/pubsub v1.33.0 // indirect
 	dario.cat/mergo v1.0.0 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.1 // indirect
 	github.com/AzureAD/microsoft-authentication-library-for-go v1.0.0 // indirect
 	github.com/acomagu/bufpipe v1.0.4 // indirect
 	github.com/anchore/go-struct-converter v0.0.0-20230627203149-c72ef8859ca9 // indirect
@@ -123,6 +124,7 @@ require (
 	cloud.google.com/go/compute v1.23.0 // indirect
 	cloud.google.com/go/compute/metadata v0.2.3 // indirect
 	cloud.google.com/go/iam v1.1.2 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets v0.12.0
 	github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
 	github.com/Microsoft/go-winio v0.6.1 // indirect
 	github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 // indirect

diff --git a/go.sum b/go.sum
@@ -90,6 +90,10 @@ github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0 h1:vcYCAze6p19qBW7MhZybI
 github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0/go.mod h1:OQeznEEkTZ9OrhHJoDD8ZDq51FHgXjqtP9z6bEwBq9U=
 github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 h1:sXr+ck84g/ZlZUOZiNELInmMgOsuGwdjjVkEIde0OtY=
 github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0/go.mod h1:okt5dMMTOFjX/aovMlrjvvXoPMBVSPzk9185BT0+eZM=
+github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets v0.12.0 h1:xnO4sFyG8UH2fElBkcqLTOZsAajvKfnSlgBBW8dXYjw=
+github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets v0.12.0/go.mod h1:XD3DIOOVgBCO03OleB1fHjgktVRFxlT++KwKgIOewdM=
+github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.1 h1:FbH3BbSb4bvGluTesZZ+ttN/MDsnMmQP36OSnDuSXqw=
+github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.1/go.mod h1:9V2j0jn9jDEkCkv8w/bKTNppX/d0FVA1ud77xCIP4KA=
 github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage v1.2.0 h1:Ma67P/GGprNwsslzEH6+Kb8nybI8jpDTm4Wmzu2ReK8=
 github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage v1.2.0/go.mod h1:c+Lifp3EDEamAkPVzMooRNOK6CZjNSdEnf1A7jsI9u4=
 github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.0.0 h1:yfJe15aSwEQ6Oo6J+gdfdulPNoZ3TEhmbhLIoxZcA+U=