Add the ability to copy configs between stacks #4971
Conversation
stack72
force-pushed
the
copy-stack-config
branch
from
9793932
to
2136bbd
Compare
stack72
force-pushed
the
copy-stack-config
branch
from
2136bbd
to
259a203
Compare
stack72
force-pushed
the
copy-stack-config
branch
4 times, most recently
from
c94dcce
to
28860fc
Compare
stack72
force-pushed
the
copy-stack-config
branch
from
28860fc
to
c8c08e3
Compare
There was a problem hiding this comment.
Some more comments, but getting closer.
I'd also still love to see some tests. Perhaps add some for Map.Copy in sdk/go/common/resource/config/map_test.go (and Value.Copy, if you add that, to sdk/go/common/resource/config/value_test.go)?
For the tests, I could imagine writing a custom crypter amongst the tests like (untested):
// Crypter that just adds a prefix to the plaintext string when encrypting,
// and removes the prefix from the ciphertext when decrypting.
type prefixCrypter struct {
prefix string
}
func newPrefixCrypter(prefix string) Crypter {
return prefixCrypter{prefix: prefix}
}
func (c prefixCrypter) DecryptValue(ciphertext string) (string, error) {
return strings.TrimPrefix(ciphertext, c.prefix), nil
}
func (c prefixCrypter) EncryptValue(plaintext string) (string, error) {
return c.prefix + plaintext, nil
}And then in tests, create a config map for the source stack with some secure values that use newPrefixCrypter("stackA"), and then copy to a "new stack" with newPrefixCrypter("stackB") and confirm the secure values in the result match as expected for "stackB".
|
Thanks for the review @justinvp - just working on the tests right now - this will be ready again for review soon |
|
Make the suggested changes and will merge on a successful build |
Fixes: #1583
Please note, I specifically tried to keep this code simple. As part of the work to change secrets provider, we will need to refactor some of this code around the building of a list of config to encrypt with a new provider