Skip to content

Commit

Permalink
Keep secret-agent in a single package and make it backwards compatible
Browse files Browse the repository at this point in the history
  • Loading branch information
@alvaroaleman
alvaroaleman committed Jul 29, 2021
1 parent 3f2cda3 commit cda8633
Show file tree
Hide file tree
Showing 51 changed files with 79 additions and 395 deletions.
2 changes: 1 addition & 1 deletion experiment/manual-trigger/BUILD.bazel
View file
Expand Up @@ -7,7 +7,7 @@ go_library(
visibility = ["//visibility:private"],
deps = [
"//prow/apis/prowjobs/v1:go_default_library",
"//prow/config/secret/v2:go_default_library",
"//prow/config/secret:go_default_library",
"//prow/github:go_default_library",
"//prow/jenkins:go_default_library",
"//prow/pod-utils/downwardapi:go_default_library",
Expand Down
2 changes: 1 addition & 1 deletion experiment/manual-trigger/manual-trigger.go
View file
Expand Up @@ -27,7 +27,7 @@ import (
"github.com/sirupsen/logrus"

prowapi "k8s.io/test-infra/prow/apis/prowjobs/v1"
"k8s.io/test-infra/prow/config/secret/v2"
"k8s.io/test-infra/prow/config/secret"
"k8s.io/test-infra/prow/github"
"k8s.io/test-infra/prow/jenkins"
"k8s.io/test-infra/prow/pod-utils/downwardapi"
Expand Down
2 changes: 1 addition & 1 deletion label_sync/BUILD.bazel
View file
Expand Up @@ -40,7 +40,7 @@ go_library(
srcs = ["main.go"],
importpath = "k8s.io/test-infra/label_sync",
deps = [
"//prow/config/secret/v2:go_default_library",
"//prow/config/secret:go_default_library",
"//prow/flagutil:go_default_library",
"//prow/github:go_default_library",
"//prow/logrusutil:go_default_library",
Expand Down
2 changes: 1 addition & 1 deletion label_sync/main.go
View file
Expand Up @@ -38,7 +38,7 @@ import (
"k8s.io/apimachinery/pkg/util/sets"
"sigs.k8s.io/yaml"

"k8s.io/test-infra/prow/config/secret/v2"
"k8s.io/test-infra/prow/config/secret"
"k8s.io/test-infra/prow/flagutil"
"k8s.io/test-infra/prow/github"
"k8s.io/test-infra/prow/logrusutil"
Expand Down
1 change: 0 additions & 1 deletion maintenance/migratestatus/BUILD.bazel
View file
Expand Up @@ -24,7 +24,6 @@ go_library(
importpath = "k8s.io/test-infra/maintenance/migratestatus",
deps = [
"//maintenance/migratestatus/migrator:go_default_library",
"//prow/config/secret/v2:go_default_library",
"//prow/flagutil:go_default_library",
"//prow/logrusutil:go_default_library",
"@com_github_pkg_errors//:go_default_library",
Expand Down
1 change: 0 additions & 1 deletion prow/cmd/branchprotector/BUILD.bazel
View file
Expand Up @@ -34,7 +34,6 @@ go_library(
visibility = ["//visibility:public"],
deps = [
"//prow/config:go_default_library",
"//prow/config/secret/v2:go_default_library",
"//prow/flagutil:go_default_library",
"//prow/flagutil/config:go_default_library",
"//prow/github:go_default_library",
Expand Down
1 change: 0 additions & 1 deletion prow/cmd/checkconfig/BUILD.bazel
View file
Expand Up @@ -10,7 +10,6 @@ go_library(
deps = [
"//prow/apis/prowjobs/v1:go_default_library",
"//prow/config:go_default_library",
"//prow/config/secret/v2:go_default_library",
"//prow/external-plugins/needs-rebase/plugin:go_default_library",
"//prow/flagutil:go_default_library",
"//prow/flagutil/config:go_default_library",
Expand Down
7 changes: 1 addition & 6 deletions prow/cmd/checkconfig/main.go
View file
Expand Up @@ -387,12 +387,7 @@ func validate(o options) error {
}

if o.warningEnabled(validateGitHubAppInstallationWarning) {
secretAgent := &secret.Agent{}
if err := secretAgent.Start(nil); err != nil {
return fmt.Errorf("error starting secrets agent: %w", err)
}

githubClient, err := o.github.GitHubClient(secretAgent, false)
githubClient, err := o.github.GitHubClient(false)
if err != nil {
return fmt.Errorf("error loading GitHub client: %w", err)
}
Expand Down
2 changes: 1 addition & 1 deletion prow/cmd/crier/BUILD.bazel
View file
Expand Up @@ -9,7 +9,7 @@ go_library(
deps = [
"//prow/apis/prowjobs/v1:go_default_library",
"//prow/config:go_default_library",
"//prow/config/secret/v2:go_default_library",
"//prow/config/secret:go_default_library",
"//prow/crier:go_default_library",
"//prow/crier/reporters/gcs:go_default_library",
"//prow/crier/reporters/gcs/kubernetes:go_default_library",
Expand Down
2 changes: 1 addition & 1 deletion prow/cmd/crier/main.go
View file
Expand Up @@ -28,7 +28,7 @@ import (

prowapi "k8s.io/test-infra/prow/apis/prowjobs/v1"
"k8s.io/test-infra/prow/config"
"k8s.io/test-infra/prow/config/secret/v2"
"k8s.io/test-infra/prow/config/secret"
"k8s.io/test-infra/prow/crier"
gcsreporter "k8s.io/test-infra/prow/crier/reporters/gcs"
k8sgcsreporter "k8s.io/test-infra/prow/crier/reporters/gcs/kubernetes"
Expand Down
1 change: 0 additions & 1 deletion prow/cmd/deck/BUILD.bazel
View file
Expand Up @@ -132,7 +132,6 @@ go_library(
"//prow/client/clientset/versioned/typed/prowjobs/v1:go_default_library",
"//prow/cmd/deck/version:go_default_library",
"//prow/config:go_default_library",
"//prow/config/secret/v2:go_default_library",
"//prow/deck/jobs:go_default_library",
"//prow/flagutil:go_default_library",
"//prow/flagutil/config:go_default_library",
Expand Down
4 changes: 2 additions & 2 deletions prow/cmd/generic-autobumper/bumper/BUILD.bazel
View file
Expand Up @@ -6,7 +6,7 @@ go_library(
importpath = "k8s.io/test-infra/prow/cmd/generic-autobumper/bumper",
visibility = ["//visibility:public"],
deps = [
"//prow/config/secret/v2:go_default_library",
"//prow/config/secret:go_default_library",
"//prow/github:go_default_library",
"//robots/pr-creator/updater:go_default_library",
"@com_github_sirupsen_logrus//:go_default_library",
Expand All @@ -32,5 +32,5 @@ go_test(
srcs = ["bumper_test.go"],
data = glob(["testdata/**"]),
embed = [":go_default_library"],
deps = ["//prow/config/secret/v2:go_default_library"],
deps = ["//prow/config/secret:go_default_library"],
)
2 changes: 1 addition & 1 deletion prow/cmd/generic-autobumper/bumper/bumper.go
View file
Expand Up @@ -29,7 +29,7 @@ import (

"github.com/sirupsen/logrus"

"k8s.io/test-infra/prow/config/secret/v2"
"k8s.io/test-infra/prow/config/secret"
"k8s.io/test-infra/prow/github"
"k8s.io/test-infra/robots/pr-creator/updater"
)
Expand Down
2 changes: 1 addition & 1 deletion prow/cmd/generic-autobumper/bumper/bumper_test.go
View file
Expand Up @@ -24,7 +24,7 @@ import (
"strings"
"testing"

"k8s.io/test-infra/prow/config/secret/v2"
"k8s.io/test-infra/prow/config/secret"
)

func TestValidateOptions(t *testing.T) {
Expand Down
1 change: 0 additions & 1 deletion prow/cmd/hmac/BUILD.bazel
View file
Expand Up @@ -11,7 +11,6 @@ go_library(
deps = [
"//pkg/flagutil:go_default_library",
"//prow/config:go_default_library",
"//prow/config/secret/v2:go_default_library",
"//prow/flagutil:go_default_library",
"//prow/flagutil/config:go_default_library",
"//prow/ghhook:go_default_library",
Expand Down
2 changes: 1 addition & 1 deletion prow/cmd/hook/BUILD.bazel
View file
Expand Up @@ -46,7 +46,7 @@ go_library(
"//pkg/flagutil:go_default_library",
"//prow/bugzilla:go_default_library",
"//prow/config:go_default_library",
"//prow/config/secret/v2:go_default_library",
"//prow/config/secret:go_default_library",
"//prow/flagutil:go_default_library",
"//prow/flagutil/config:go_default_library",
"//prow/flagutil/plugins:go_default_library",
Expand Down
2 changes: 1 addition & 1 deletion prow/cmd/hook/main.go
View file
Expand Up @@ -29,7 +29,7 @@ import (
"k8s.io/test-infra/pkg/flagutil"
"k8s.io/test-infra/prow/bugzilla"
"k8s.io/test-infra/prow/config"
"k8s.io/test-infra/prow/config/secret/v2"
"k8s.io/test-infra/prow/config/secret"
prowflagutil "k8s.io/test-infra/prow/flagutil"
configflagutil "k8s.io/test-infra/prow/flagutil/config"
pluginsflagutil "k8s.io/test-infra/prow/flagutil/plugins"
Expand Down
1 change: 0 additions & 1 deletion prow/cmd/invitations-accepter/BUILD.bazel
View file
Expand Up @@ -18,7 +18,6 @@ go_library(
importpath = "k8s.io/test-infra/prow/cmd/invitations-accepter",
visibility = ["//visibility:private"],
deps = [
"//prow/config/secret/v2:go_default_library",
"//prow/flagutil:go_default_library",
"//prow/github:go_default_library",
"@com_github_sirupsen_logrus//:go_default_library",
Expand Down
2 changes: 1 addition & 1 deletion prow/cmd/jenkins-operator/BUILD.bazel
View file
Expand Up @@ -23,7 +23,7 @@ go_library(
importpath = "k8s.io/test-infra/prow/cmd/jenkins-operator",
deps = [
"//pkg/flagutil:go_default_library",
"//prow/config/secret/v2:go_default_library",
"//prow/config/secret:go_default_library",
"//prow/flagutil:go_default_library",
"//prow/flagutil/config:go_default_library",
"//prow/interrupts:go_default_library",
Expand Down
2 changes: 1 addition & 1 deletion prow/cmd/jenkins-operator/main.go
View file
Expand Up @@ -34,7 +34,7 @@ import (
"k8s.io/test-infra/prow/pjutil/pprof"

"k8s.io/test-infra/pkg/flagutil"
"k8s.io/test-infra/prow/config/secret/v2"
"k8s.io/test-infra/prow/config/secret"
prowflagutil "k8s.io/test-infra/prow/flagutil"
configflagutil "k8s.io/test-infra/prow/flagutil/config"
"k8s.io/test-infra/prow/interrupts"
Expand Down
1 change: 0 additions & 1 deletion prow/cmd/mkpj/BUILD.bazel
View file
Expand Up @@ -25,7 +25,6 @@ go_library(
deps = [
"//prow/apis/prowjobs/v1:go_default_library",
"//prow/config:go_default_library",
"//prow/config/secret/v2:go_default_library",
"//prow/flagutil:go_default_library",
"//prow/flagutil/config:go_default_library",
"//prow/github:go_default_library",
Expand Down
1 change: 0 additions & 1 deletion prow/cmd/peribolos/BUILD.bazel
View file
Expand Up @@ -11,7 +11,6 @@ go_library(
visibility = ["//visibility:private"],
deps = [
"//prow/config/org:go_default_library",
"//prow/config/secret/v2:go_default_library",
"//prow/flagutil:go_default_library",
"//prow/github:go_default_library",
"//prow/logrusutil:go_default_library",
Expand Down
1 change: 0 additions & 1 deletion prow/cmd/status-reconciler/BUILD.bazel
View file
Expand Up @@ -24,7 +24,6 @@ go_library(
visibility = ["//visibility:private"],
deps = [
"//pkg/flagutil:go_default_library",
"//prow/config/secret/v2:go_default_library",
"//prow/flagutil:go_default_library",
"//prow/flagutil/config:go_default_library",
"//prow/flagutil/plugins:go_default_library",
Expand Down
2 changes: 1 addition & 1 deletion prow/cmd/sub/BUILD.bazel
View file
Expand Up @@ -9,7 +9,7 @@ go_library(
deps = [
"//prow/apis/prowjobs/v1:go_default_library",
"//prow/client/clientset/versioned/typed/prowjobs/v1:go_default_library",
"//prow/config/secret/v2:go_default_library",
"//prow/config/secret:go_default_library",
"//prow/crier/reporters/pubsub:go_default_library",
"//prow/flagutil:go_default_library",
"//prow/flagutil/config:go_default_library",
Expand Down
2 changes: 1 addition & 1 deletion prow/cmd/sub/main.go
View file
Expand Up @@ -29,7 +29,7 @@ import (

prowapi "k8s.io/test-infra/prow/apis/prowjobs/v1"
prowv1 "k8s.io/test-infra/prow/client/clientset/versioned/typed/prowjobs/v1"
"k8s.io/test-infra/prow/config/secret/v2"
"k8s.io/test-infra/prow/config/secret"
"k8s.io/test-infra/prow/crier/reporters/pubsub"
"k8s.io/test-infra/prow/flagutil"
configflagutil "k8s.io/test-infra/prow/flagutil/config"
Expand Down
2 changes: 1 addition & 1 deletion prow/cmd/tackle/BUILD.bazel
View file
Expand Up @@ -9,7 +9,7 @@ go_library(
importpath = "k8s.io/test-infra/prow/cmd/tackle",
visibility = ["//visibility:public"],
deps = [
"//prow/config/secret/v2:go_default_library",
"//prow/config/secret:go_default_library",
"//prow/flagutil:go_default_library",
"//prow/github:go_default_library",
"@com_github_sirupsen_logrus//:go_default_library",
Expand Down
2 changes: 1 addition & 1 deletion prow/cmd/tackle/main.go
View file
Expand Up @@ -42,7 +42,7 @@ import (
"k8s.io/client-go/tools/clientcmd"
clientcmdapi "k8s.io/client-go/tools/clientcmd/api"

"k8s.io/test-infra/prow/config/secret/v2"
"k8s.io/test-infra/prow/config/secret"
"k8s.io/test-infra/prow/flagutil"
"k8s.io/test-infra/prow/github"

Expand Down
1 change: 0 additions & 1 deletion prow/cmd/tide/BUILD.bazel
View file
Expand Up @@ -17,7 +17,6 @@ go_library(
visibility = ["//visibility:private"],
deps = [
"//pkg/flagutil:go_default_library",
"//prow/config/secret/v2:go_default_library",
"//prow/flagutil:go_default_library",
"//prow/flagutil/config:go_default_library",
"//prow/git/v2:go_default_library",
Expand Down
4 changes: 2 additions & 2 deletions prow/config/BUILD.bazel
View file
Expand Up @@ -26,7 +26,7 @@ go_test(
deps = [
"//pkg/genyaml:go_default_library",
"//prow/apis/prowjobs/v1:go_default_library",
"//prow/config/secret/v2:go_default_library",
"//prow/config/secret:go_default_library",
"//prow/gerrit/client:go_default_library",
"//prow/git/localgit:go_default_library",
"//prow/git/v2:go_default_library",
Expand Down Expand Up @@ -100,7 +100,7 @@ filegroup(
":package-srcs",
"//prow/config/jobtests:all-srcs",
"//prow/config/org:all-srcs",
"//prow/config/secret/v2:all-srcs",
"//prow/config/secret:all-srcs",
],
tags = ["automanaged"],
)
Expand Down
2 changes: 1 addition & 1 deletion prow/config/config_test.go
View file
Expand Up @@ -46,7 +46,7 @@ import (
"k8s.io/test-infra/pkg/genyaml"
prowapi "k8s.io/test-infra/prow/apis/prowjobs/v1"
prowjobv1 "k8s.io/test-infra/prow/apis/prowjobs/v1"
"k8s.io/test-infra/prow/config/secret/v2"
"k8s.io/test-infra/prow/config/secret"
gerrit "k8s.io/test-infra/prow/gerrit/client"
"k8s.io/test-infra/prow/github"
"k8s.io/test-infra/prow/github/fakegithub"
Expand Down
43 changes: 43 additions & 0 deletions prow/config/secret/agent.go
View file
Expand Up @@ -29,6 +29,49 @@ import (
"k8s.io/test-infra/prow/secretutil"
)

// agent is the singleton that loads secrets for us
var agent *Agent

func init() {
agent = &Agent{
RWMutex: sync.RWMutex{},
secretsMap: map[string][]byte{},
ReloadingCensorer: secretutil.NewCensorer(),
}
logrus.SetFormatter(logrusutil.NewFormatterWithCensor(logrus.StandardLogger().Formatter, agent.ReloadingCensorer))
}

// Add registers a new path to the agent.
func Add(paths ...string) error {
secrets, err := LoadSecrets(paths)
if err != nil {
return err
}

for path, value := range secrets {
agent.setSecret(path, value)
// Start one goroutine for each file to monitor and update the secret's values.
go agent.reloadSecret(path)
}
return nil
}

// GetSecret returns the value of a secret stored in a map.
func GetSecret(secretPath string) []byte {
return agent.GetSecret(secretPath)
}

// GetTokenGenerator returns a function that gets the value of a given secret.
func GetTokenGenerator(secretPath string) func() []byte {
return func() []byte {
return GetSecret(secretPath)
}
}

func Censor(content []byte) []byte {
return agent.Censor(content)
}

// Agent watches a path and automatically loads the secrets stored.
type Agent struct {
sync.RWMutex
Expand Down
43 changes: 0 additions & 43 deletions prow/config/secret/v2/BUILD.bazel
View file

This file was deleted.

0 comments on commit cda8633

Please sign in to comment.