/
secrets.resolvers.go
103 lines (84 loc) · 3.47 KB
/
secrets.resolvers.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
package graph
// This file will be automatically regenerated based on the schema, any resolver implementations
// will be copied through when generating and any unknown code will be moved to the end.
// Code generated by github.com/99designs/gqlgen
import (
"context"
"errors"
"github.com/nais/api/internal/auth/authz"
"github.com/nais/api/internal/graph/apierror"
"github.com/nais/api/internal/graph/gengql"
"github.com/nais/api/internal/graph/loader"
"github.com/nais/api/internal/graph/model"
"github.com/nais/api/internal/k8s"
"github.com/nais/api/internal/slug"
)
// CreateSecret is the resolver for the createSecret field.
func (r *mutationResolver) CreateSecret(ctx context.Context, name string, team slug.Slug, env string, data []*model.VariableInput) (*model.Secret, error) {
actor := authz.ActorFromContext(ctx)
err := authz.RequireTeamMembership(actor, team)
if err != nil {
return nil, err
}
ret, err := r.k8sClient.CreateSecret(ctx, name, team, env, data)
if errors.Is(err, k8s.ErrSecretUnmanaged) {
return nil, apierror.ErrSecretUnmanaged
}
return ret, err
}
// UpdateSecret is the resolver for the updateSecret field.
func (r *mutationResolver) UpdateSecret(ctx context.Context, name string, team slug.Slug, env string, data []*model.VariableInput) (*model.Secret, error) {
actor := authz.ActorFromContext(ctx)
err := authz.RequireTeamMembership(actor, team)
if err != nil {
return nil, err
}
ret, err := r.k8sClient.UpdateSecret(ctx, name, team, env, data)
if errors.Is(err, k8s.ErrSecretUnmanaged) {
return nil, apierror.ErrSecretUnmanaged
}
return ret, err
}
// DeleteSecret is the resolver for the deleteSecret field.
func (r *mutationResolver) DeleteSecret(ctx context.Context, name string, team slug.Slug, env string) (bool, error) {
actor := authz.ActorFromContext(ctx)
err := authz.RequireTeamMembership(actor, team)
if err != nil {
return false, err
}
deleted, err := r.k8sClient.DeleteSecret(ctx, name, team, env)
if errors.Is(err, k8s.ErrSecretUnmanaged) {
return false, apierror.ErrSecretUnmanaged
}
return deleted, err
}
// Env is the resolver for the env field.
func (r *secretResolver) Env(ctx context.Context, obj *model.Secret) (*model.Env, error) {
return &model.Env{Name: obj.GQLVars.Env, Team: obj.GQLVars.Team.String()}, nil
}
// Team is the resolver for the team field.
func (r *secretResolver) Team(ctx context.Context, obj *model.Secret) (*model.Team, error) {
return loader.GetTeam(ctx, obj.GQLVars.Team)
}
// Data is the resolver for the data field.
func (r *secretResolver) Data(ctx context.Context, obj *model.Secret) ([]*model.Variable, error) {
return convertSecretDataToVariables(obj.Data), nil
}
// Apps is the resolver for the apps field.
func (r *secretResolver) Apps(ctx context.Context, obj *model.Secret) ([]*model.App, error) {
return r.k8sClient.AppsUsingSecret(ctx, obj)
}
// Jobs is the resolver for the jobs field.
func (r *secretResolver) Jobs(ctx context.Context, obj *model.Secret) ([]*model.NaisJob, error) {
return r.k8sClient.NaisJobsUsingSecret(ctx, obj)
}
// LastModifiedBy is the resolver for the lastModifiedBy field.
func (r *secretResolver) LastModifiedBy(ctx context.Context, obj *model.Secret) (*model.User, error) {
if obj.GQLVars.LastModifiedBy == "" {
return nil, nil
}
return r.Query().User(ctx, nil, &obj.GQLVars.LastModifiedBy)
}
// Secret returns gengql.SecretResolver implementation.
func (r *Resolver) Secret() gengql.SecretResolver { return &secretResolver{r} }
type secretResolver struct{ *Resolver }