Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow sourcing secrets and authentication tokens from a file #623

Merged
merged 5 commits into from
Aug 28, 2019
Merged

Allow sourcing secrets and authentication tokens from a file #623

merged 5 commits into from
Aug 28, 2019

Conversation

xmudrii
Copy link
Member

@xmudrii xmudrii commented Aug 19, 2019
edited
Loading

What this PR does / why we need it:

This PR adds a new flag called --credentials (shorthand -c) that allows users to specify a YAML file to source secrets and authentication tokens from.

The file is supposed to be formatted as a string key/value pairs YAML, e.g.

$ cat credentials.yaml
AWS_ACCESS_KEY_ID: ...
AWS_SECRET_ACCESS_KEY: ...

Besides that, this PR introduces some code quality improvements, such as correctly utilizing constants in the credentials package.

This PR only allows credentials to be sourced. In a follow-up, I'll extend this to add a possibility to source the cloud-config file from.

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Partially addresses #492

Does this PR introduce a user-facing change?:

Add --credentials flag to allow sourcing secrets and authentication tokens from a file

@kubermatic-bot kubermatic-bot added release-note-none Denotes a PR that doesn't merit a release note. do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. dco-signoff: yes Denotes that all commits in the pull request have the valid DCO signoff message. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Aug 19, 2019
@xmudrii xmudrii force-pushed the credentials-refactor branch 2 times, most recently from 993ee80 to ec54406 Compare August 26, 2019 08:42
@kubermatic-bot kubermatic-bot added release-note Denotes a PR that will be considered when it comes time to generate release notes. and removed release-note-none Denotes a PR that doesn't merit a release note. labels Aug 27, 2019
@xmudrii xmudrii requested a review from kron4eg August 27, 2019 13:21
@xmudrii
Copy link
Member Author

xmudrii commented Aug 27, 2019

/assign @kron4eg

@xmudrii xmudrii changed the title [WIP] Refactor credentials handling Allow sourcing secrets and authentication tokens from a file Aug 27, 2019
@kubermatic-bot kubermatic-bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Aug 27, 2019
kron4eg
kron4eg reviewed Aug 27, 2019
View reviewed changes
Copy link
Member

@kron4eg kron4eg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is one problematic place IMO

@kron4eg
Copy link
Member

kron4eg commented Aug 27, 2019

Failed to fetch http://eu-west-3.ec2.archive.ubuntu.com/ubuntu/dists/bionic-updates/main/binary-amd64/Packages.xz File has unexpected size (712460 != 712500). Mirror sync in progress?

looks like AWS dpkg mirrors are funky today

@xmudrii xmudrii force-pushed the credentials-refactor branch from 512adda to dc75afe Compare August 28, 2019 08:35
@xmudrii
Copy link
Member Author

xmudrii commented Aug 28, 2019

/hold
validation is missing

@kubermatic-bot kubermatic-bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Aug 28, 2019
@xmudrii xmudrii force-pushed the credentials-refactor branch from dc75afe to 65eb56d Compare August 28, 2019 08:38
@xmudrii
Copy link
Member Author

xmudrii commented Aug 28, 2019

/hold cancel
validation was added by cd37cf2

@kubermatic-bot kubermatic-bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Aug 28, 2019
kron4eg
kron4eg approved these changes Aug 28, 2019
View reviewed changes
Copy link
Member

@kron4eg kron4eg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

@kubermatic-bot kubermatic-bot added the lgtm Indicates that a PR is ready to be merged. label Aug 28, 2019
@kubermatic-bot
Copy link
Contributor

LGTM label has been added.

Git tree hash: 1fdf248c9d9b14be99df4aef40557427786be046

@kubermatic-bot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: kron4eg

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@kubermatic-bot kubermatic-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Aug 28, 2019
@kubermatic-bot kubermatic-bot merged commit ca9f548 into master Aug 28, 2019
@kubermatic-bot kubermatic-bot deleted the credentials-refactor branch August 28, 2019 14:16
@xmudrii xmudrii mentioned this pull request Sep 30, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kron4eg kron4eg kron4eg approved these changes

Assignees

@kron4eg kron4eg

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. dco-signoff: yes Denotes that all commits in the pull request have the valid DCO signoff message. lgtm Indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@xmudrii @kron4eg @kubermatic-bot