feat(kork/secrets): Adding SecretManager #219
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
link108
force-pushed
the
secret-manager
branch
from
f1aa86d
to
7e474a7
Compare
lwander
reviewed
Jan 15, 2019
| SecretEngine secretEngine = secretEngineRegistry.getEngine(encryptedSecret.getEngineIdentifier()); | ||
| if (secretEngine == null) { | ||
| throw new InvalidSecretFormatException("Secret Engine does not exist: " + encryptedSecret.getEngineIdentifier()); | ||
|
|
lwander
approved these changes
Jan 15, 2019
| SecretEngine secretEngine = secretEngineRegistry.getEngine(encryptedSecret.getEngineIdentifier()); | ||
| if (secretEngine == null) { | ||
| throw new InvalidSecretFormatException("Secret Engine does not exist: " + encryptedSecret.getEngineIdentifier()); | ||
|
|
| * @param filePathOrEncrypted | ||
| * @return path to temporary file that contains decrypted contents | ||
| */ | ||
| public String decryptFile(String filePathOrEncrypted) { |
There was a problem hiding this comment.
If you're returning a path to a file, I would recommend returning Path instead
| tempFile.deleteOnExit(); | ||
| return tempFile.getAbsolutePath(); | ||
| } catch (IOException e) { | ||
| throw new SecretDecryptionException(); |
There was a problem hiding this comment.
This should have a reference to e at the least
| */ | ||
| public String decrypt(String configValue) { | ||
| EncryptedSecret encryptedSecret = EncryptedSecret.parse(configValue); | ||
| if (encryptedSecret == null) { return configValue; } |
| public class SecretManager { | ||
|
|
||
| @Autowired | ||
| private SecretEngineRegistry secretEngineRegistry; |
There was a problem hiding this comment.
The pattern we've been following (to make this easier for testing & such) is to @Autowire the constructor. This removes the need for the package-private setter below, and allows you to treat this as final.
final private SecretEngineRegistry secretEngineRegistry;
@Autowired
SecretManager(SecretEngineRegistry secretEngineRegistry) {
this.secretEngineRegistry = secretEngineRegistry;
}
kork-secrets/kork-secrets.gradle
Outdated
|
|
||
| testCompile (group: 'org.springframework', name: 'spring-test', version: '4.3.20.RELEASE') | ||
| testCompile group: 'org.springframework.boot', name: 'spring-boot-test', version: '1.5.14.RELEASE' | ||
| testCompile group: 'org.mockito', name: 'mockito-core', version: '2.23.4' |
There was a problem hiding this comment.
@link108 small nit, could you make these more consistent? either remove the ( or add it to the others.
3 tasks
6 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Part of a series of PRs for the Secrets Management Project. This PR
adds SecretManager and SecretEngineRegistry.
spinnaker/spinnaker#3649