feat: create and update secrets through cli & api #129
Conversation
Pull Request Test Coverage Report for Build 1744262013
💛 - Coveralls |
store/postgres/migrations/000016_update_replay_table_add_config_column.down.sql
Show resolved
Hide resolved
|
I was thinking what if we have a single |
I think having create/update gives benefits of having extra validation, for example:
And the flexibility to differentiate who is authorized to create or update in the future. |
Make sense, what if we solve this using a flag |
arinda-arif
force-pushed
the
secret-management
branch
from
e95ed6a to
0127c4f
Compare
Got your point. I assume this is the behavior if we are having that flag:
Does |
To me it sounds a bit odd that we are using create to update the value of secret. Register seems like a reasonable alternative to update/create. |
|
+1 to |
|
Agree, let's have |
sbchaos
force-pushed
the
secret-management
branch
from
0127c4f to
64968f7
Compare
docs/docs/guides/manage-secrets.md
Outdated
|
|
||
| ## Updating a secret | ||
|
|
||
| Updating an already existing secret in Optimus can be done passing the flag update-only to set command: |
There was a problem hiding this comment.
These examples are misleading, update-only flag is generally used when you explicitly only want to update a secret when it is already there and don't want to create it by mistake. I think we should write it as such.
store/postgres/migrations/000016_update_replay_table_add_config_column.down.sql
Show resolved
Hide resolved
sbchaos
force-pushed
the
secret-management
branch
4 times, most recently
from
18d81f1 to
9a8a89b
Compare
cmd/secret.go
Outdated
| ) | ||
|
|
||
| var ( | ||
| secretTimeout = time.Minute * 15 |
There was a problem hiding this comment.
I think this is too long of a timeout to recognize the operation has occurred a problem. I guess 2 min should be enough.
There was a problem hiding this comment.
Sure, will update it to 2 minutes
api/handler/v1/runtime.go
Outdated
| return nil, status.Errorf(codes.Internal, "%s: failed to update secret %s", err.Error(), req.GetSecretName()) | ||
| } | ||
| } else { | ||
| if err := secretRepo.Save(ctx, models.ProjectSecretItem{ |
There was a problem hiding this comment.
wouldn't the current implementation of Save will fail this if the secret is already registered? I was thinking the behavior should be
- if the
setis called and it doesn't exist, it will create it - if the
setis called and it does exist, it will update it - if the
setis called with--update-onlyflag and it doesn't exist, it will fail - if the
setis called with--update-onlyflag and it does exist, it will update
There was a problem hiding this comment.
The current behaviour will update an existing secret at time of create.
If this is not going to be a problem, then I can keep the current behaviour.
There was a problem hiding this comment.
Sorry didn't get what you said, can you rephrase it, please? Is the current behavior match with those 4 points?
There was a problem hiding this comment.
Existing behaviour (without change on this PR), save will create a new secret, if it exists, it will update the secret.
It might be a problem when the update of existing secret is unintentional at the time of create.
If we encounter this problem very less(unintentional update) then we can retain the existing behaviour.
Otherwise it will be better to be intentional about create or update of secrets.
sbchaos
force-pushed
the
secret-management
branch
3 times, most recently
from
7d6d278 to
c07d01d
Compare
Co-authored-by: Sandeep Bhardwaj<sandeep.bhardwaj2307@gmail.com>
sbchaos
force-pushed
the
secret-management
branch
from
c07d01d to
52d19d1
Compare
| }, nil | ||
| } | ||
|
|
||
| func (sv *RuntimeServiceServer) RegisterSecret(ctx context.Context, req *pb.RegisterSecretRequest) (*pb.RegisterSecretResponse, error) { |
There was a problem hiding this comment.
Moving secrets management to separate file as runtime file is currently very big.
We can split it later as part of a refactor to jobs, resources and different apis.
cmd/secret.go
Outdated
| if updateSecretResponse.Success { | ||
| l.Info(coloredSuccess("Secret updated")) | ||
| } else { | ||
| return errors.New(fmt.Sprintf("Request failed for updating secret %s: %s", req.SecretName, |
There was a problem hiding this comment.
You should not start error with a capital letter as it could be embedded part of some other error. This is done in couple of places in this file
There was a problem hiding this comment.
Changed the error messages to lowercase
cmd/secret.go
Outdated
| return errors.Wrapf(err, "Request failed for updating secret %s", req.SecretName) | ||
| } | ||
|
|
||
| if updateSecretResponse.Success { |
There was a problem hiding this comment.
In what case this could be false?
There was a problem hiding this comment.
This check is not required.
cmd/secret.go
Outdated
| secretRequestTimeout, secretRequestCancel := context.WithTimeout(context.Background(), secretTimeout) | ||
| defer secretRequestCancel() | ||
|
|
||
| l.Info("please wait...") |
There was a problem hiding this comment.
Should we use a spinner here? and in Update call?
| return errors.Wrap(err, "unable to find secret by name") | ||
| } | ||
| resource, err := Secret{}.FromSpec(spec, repo.project, repo.hash) | ||
| return errors.New("secret already exist") |
There was a problem hiding this comment.
We should generalize this error to resource already exists or something similar to store.ErrResourceNotFound or should get rid of this logic of checking if it exists and only insert the secret? Can you check if gorm throws an error if it already exists?
Because currently, I think we are leaking our implementation detail out of an interface.
There was a problem hiding this comment.
Gorm will throw an error like
\x1b[31;1m /../optimus/store/postgres/secret_repository.go:135 \x1b[35;1mERROR: duplicate key value violates unique constraint \"secret_project_id_name_key\" (SQLSTATE 23505)" ....(prints whole query with values)
Which will return the implementation (and query) details back in the api, so we will need to replace the returned error.
Can you please explain how are we leaking implementation details out of interface ?
There was a problem hiding this comment.
checking explicitly is fine & we don't need to rely on gorm error.
|
Merging the PR, we can still have the conversation if needed. Any required changes will be made to the followup PR. |
No description provided.