From d203f3bc650ed75166bf3693409d260ef8117eba Mon Sep 17 00:00:00 2001
From: Kumbirai Tanekha <kumbirai.tanekha@gmail.com>
Date: Fri, 29 Oct 2021 18:34:13 +0100
Subject: [PATCH] Default to yaml secret file format

This change applies this default both at annotation parsing time and at secret fetching time.
---
 pkg/secrets/pushtofile/secret_group.go      |  7 ++++++-
 pkg/secrets/pushtofile/secret_group_test.go | 17 +++++++++++++++++
 2 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/pkg/secrets/pushtofile/secret_group.go b/pkg/secrets/pushtofile/secret_group.go
index 875775fb3..fe2732743 100644
--- a/pkg/secrets/pushtofile/secret_group.go
+++ b/pkg/secrets/pushtofile/secret_group.go
@@ -134,7 +134,7 @@ func maybeFileTemplateFromFormat(
 	fileFormat string,
 	secretSpecs []SecretSpec,
 ) (string, error) {
-	// One of file format or file template must be set
+	// Default to "yaml" file format
 	if len(fileTemplate)+len(fileFormat) == 0 {
 		fileFormat = "yaml"
 	}
@@ -206,6 +206,11 @@ func newSecretGroup(groupName string, secretsBasePath string, annotations map[st
 	fileFormat := annotations[secretGroupFileFormatPrefix+groupName]
 	policyPathPrefix := annotations[secretGroupPolicyPathPrefix+groupName]
 
+	// Default to "yaml" file format
+	if len(fileTemplate)+len(fileFormat) == 0 {
+		fileFormat = "yaml"
+	}
+
 	if len(fileFormat) > 0 {
 		_, err := FileTemplateForFormat(fileFormat, secretSpecs)
 		if err != nil {
diff --git a/pkg/secrets/pushtofile/secret_group_test.go b/pkg/secrets/pushtofile/secret_group_test.go
index 3857674de..22afe28c2 100644
--- a/pkg/secrets/pushtofile/secret_group_test.go
+++ b/pkg/secrets/pushtofile/secret_group_test.go
@@ -223,6 +223,23 @@ func TestNewSecretGroups(t *testing.T) {
 			"relative to secrets base path",
 		)
 	})
+
+	t.Run("secret file format yaml default", func(t *testing.T) {
+		groups, errs := NewSecretGroups("/basepath", map[string]string{
+			"conjur.org/conjur-secrets.first": `
+- path/to/secret/first1
+- aliasfirst2: path/to/secret/first2
+`,
+		})
+
+		assert.Len(t, errs, 0)
+		assert.Len(t, groups, 1)
+		assert.Contains(
+			t,
+			groups[0].FileFormat,
+			"yaml",
+		)
+	})
 }
 
 var pushToFileWithDepsTestCases = []pushToFileWithDepsTestCase{