Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Allow to use secret with key-value pairs #202

Merged
merged 1 commit into from
Sep 11, 2022

Conversation

Hi-Fi
Copy link
Contributor

@Hi-Fi Hi-Fi commented Jun 18, 2022

BREAKING CHANGE: API to define credentials changed

Fixes #179

@Hi-Fi Hi-Fi marked this pull request as draft June 18, 2022 12:50
@Hi-Fi Hi-Fi force-pushed the feat/credential_handling branch 4 times, most recently from 1926616 to 6f51719 Compare June 19, 2022 10:27
@wchaws
Copy link
Contributor

wchaws commented Jun 20, 2022

Thanks for your PR, Is it ready for review?

@Hi-Fi
Copy link
Contributor Author

Hi-Fi commented Jun 20, 2022

I'll try to check this in actual environment still today that it works as expected. So trying to get it ready for review today.

@Hi-Fi
Copy link
Contributor Author

Hi-Fi commented Jun 20, 2022

Some issues that needs to be checked still with Golang, so might take a while to find time to focus on those.

@Hi-Fi Hi-Fi force-pushed the feat/credential_handling branch 2 times, most recently from af2d2f8 to aa114d3 Compare June 21, 2022 16:36
@Hi-Fi Hi-Fi marked this pull request as ready for review June 21, 2022 16:40
@Hi-Fi Hi-Fi marked this pull request as draft June 21, 2022 16:54
@Hi-Fi Hi-Fi force-pushed the feat/credential_handling branch from aa114d3 to 3d58f51 Compare June 21, 2022 18:02
@Hi-Fi Hi-Fi marked this pull request as ready for review June 21, 2022 18:19
@Hi-Fi
Copy link
Contributor Author

Hi-Fi commented Jun 21, 2022

@wchaws Now Lambda seemed to work as should, so I think this is ready to be reviewed. Also build works in Docker.

@Hi-Fi
Copy link
Contributor Author

Hi-Fi commented Jun 27, 2022

@wchaws Do you have had time to check this?

@Hi-Fi
Copy link
Contributor Author

Hi-Fi commented Aug 4, 2022

@wchaws how about this?

@wchaws wchaws self-requested a review September 4, 2022 08:48
@wchaws
Copy link
Contributor

wchaws commented Sep 4, 2022

@wchaws Do you have had time to check this?

@Hi-Fi Sorry for the late reply. I was so busy for the last few months and didn't have time to review your PR until now.
Overall, your PR looks great except missing some unit test for main.go(I know it might be hard to test main.go, since main.go depends on SecretsManager).

@Hi-Fi
Copy link
Contributor Author

Hi-Fi commented Sep 4, 2022

@wchaws Do you have had time to check this?

@Hi-Fi Sorry for the late reply. I was so busy for the last few months and didn't have time to review your PR until now.
Overall, your PR looks great except missing some unit test for main.go(I know it might be hard to test main.go, since main.go depends on SecretsManager).

If remember correctly, I checked unit tests for that but it would require some refactoring to mock those secrets manager calls. But I can try to recheck those.

I think reflection is needed, and needs to be done also for S3 as currently main tests are skipped also due to that.

@Hi-Fi Hi-Fi force-pushed the feat/credential_handling branch 2 times, most recently from 547335b to 5739a25 Compare September 6, 2022 17:09
@Hi-Fi
Copy link
Contributor Author

Hi-Fi commented Sep 6, 2022

@wchaws I added testing for secretsmanager now. I didn't add mocking to existing tests that were skipped, even same approach could be used for those to mock out e.g. s3.

BREAKING CHANGE: API to define credentials changed
@Hi-Fi Hi-Fi force-pushed the feat/credential_handling branch from 5739a25 to 62d744f Compare September 6, 2022 17:19
Copy link
Contributor

@wchaws wchaws left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@wchaws wchaws merged commit fbeeee1 into cdklabs:main Sep 11, 2022
@wchaws
Copy link
Contributor

wchaws commented Feb 15, 2023

Hi @Hi-Fi, First, thanks for your contribution. But since this PR is blocking the sub-sequential release, I think I have to revert this commit. Besides that, I've been getting security alerts for quite some time now. Since our company mandates that these security vulnerabilities be solved, I think there are some issues with the current design. I will re-propose a new design to avoid receiving a lot of security vulnerabilities from go dependencies. The main idea is to download the skopeo cli tool directly instead of building go projects from scratch. I hope you can understand!

#222

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Feature request: support key-value secrets
2 participants