From 74fc767824fbf3a4c2839a593db66ad3427bc726 Mon Sep 17 00:00:00 2001 From: Aaron Miller <1521726+aaroniscode@users.noreply.github.com> Date: Mon, 19 Aug 2024 10:12:30 -0700 Subject: [PATCH] update: `example-ascp` with `--json-format` and `--k8s-secret` (#221) --- pkg/application/example/ascp/ascp.go | 11 +++---- pkg/application/example/ascp/manifest.go | 28 ++++++++++++++-- pkg/application/example/ascp/options.go | 42 ++++++++++++++++++++++++ 3 files changed, 72 insertions(+), 9 deletions(-) create mode 100644 pkg/application/example/ascp/options.go diff --git a/pkg/application/example/ascp/ascp.go b/pkg/application/example/ascp/ascp.go index 81337c6..93e2ba5 100644 --- a/pkg/application/example/ascp/ascp.go +++ b/pkg/application/example/ascp/ascp.go @@ -12,6 +12,8 @@ import ( // func NewApp() *application.Application { + options, flags := newOptions() + return &application.Application{ Command: cmd.Command{ Parent: "example", @@ -31,6 +33,8 @@ func NewApp() *application.Application { }), }, + Flags: flags, + Installer: &installer.ManifestInstaller{ AppName: "example-ascp", ResourceTemplate: &template.TextTemplate{ @@ -38,12 +42,7 @@ func NewApp() *application.Application { }, }, - Options: &application.ApplicationOptions{ - DisableServiceAccountFlag: true, - DisableVersionFlag: true, - Namespace: "ascp", - ServiceAccount: "nginx-deployment-sa", - }, + Options: options, } } diff --git a/pkg/application/example/ascp/manifest.go b/pkg/application/example/ascp/manifest.go index 85e828b..fc3e3a8 100644 --- a/pkg/application/example/ascp/manifest.go +++ b/pkg/application/example/ascp/manifest.go @@ -1,6 +1,6 @@ package ascp -// https://github.com/aws/secrets-store-csi-driver-provider-aws/blob/main/examples/ExampleDeployment.yaml +// https://github.com/aws/secrets-store-csi-driver-provider-aws/blob/main/examples/ExampleSecretProviderClass.yaml const secretsProviderClassTemplate = `--- apiVersion: secrets-store.csi.x-k8s.io/v1 kind: SecretProviderClass @@ -10,8 +10,30 @@ spec: provider: aws parameters: objects: | - - objectName: "MySecret" - objectType: "secretsmanager" + - objectName: "MySecret" + objectType: "secretsmanager" +{{- if .JSONFormat }} + jmesPath: + - path: "username" + objectAlias: "dbuser" + - path: "password" + objectAlias: "dbpass" +{{- end }} +{{- if .K8sSecret }} + secretObjects: + - data: + {{- if .JSONFormat }} + - key: dbuser + objectName: dbuser + - key: dbpass + objectName: dbpass + {{- else }} + - key: mysecret + objectName: MySecret + {{- end}} + secretName: nginx-deployment-aws-secrets + type: Opaque +{{- end }} ` const serviceAccountTemplate = `--- diff --git a/pkg/application/example/ascp/options.go b/pkg/application/example/ascp/options.go new file mode 100644 index 0000000..282c82f --- /dev/null +++ b/pkg/application/example/ascp/options.go @@ -0,0 +1,42 @@ +package ascp + +import ( + "github.com/awslabs/eksdemo/pkg/application" + "github.com/awslabs/eksdemo/pkg/cmd" +) + +type Options struct { + application.ApplicationOptions + JSONFormat bool + K8sSecret bool +} + +func newOptions() (options *Options, flags cmd.Flags) { + options = &Options{ + ApplicationOptions: application.ApplicationOptions{ + DisableServiceAccountFlag: true, + DisableVersionFlag: true, + Namespace: "ascp", + ServiceAccount: "nginx-deployment-sa", + }, + } + + flags = cmd.Flags{ + &cmd.BoolFlag{ + CommandFlag: cmd.CommandFlag{ + Name: "json-format", + Description: "mount key/value pairs from a secret in json format", + }, + Option: &options.JSONFormat, + }, + &cmd.BoolFlag{ + CommandFlag: cmd.CommandFlag{ + Name: "k8s-secret", + Description: "create a Kubernetes Secret to mirror the mounted secret", + }, + Option: &options.K8sSecret, + }, + } + + return +}