Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Creating an optional interface to get secret id references for driver with secrets. #7306

Merged
merged 12 commits into from
Apr 2, 2024
Merged

Creating an optional interface to get secret id references for driver with secrets. #7306

merged 12 commits into from
Apr 2, 2024

Conversation

vishwahiremat
Copy link
Contributor

Description

Refactoring module secret workflow.

  • Adding FindSecretIds function to get module secret references for driver with secrets.

Type of change

  • Creating an optional interface to get secret id references for driver with secrets.
  • This pull request is a minor refactor, code cleanup, test improvement, or other maintenance task and doesn't change the functionality of Radius (issue link optional).

Fixes: #issue_number

@vishwahiremat
initial commit
0daf9df 
Signed-off-by: Vishwanath Hiremath <[email protected]>
@vishwahiremat
refactoring module secret workflow
ae89843 
Signed-off-by: Vishwanath Hiremath <[email protected]>
@vishwahiremat vishwahiremat requested review from a team as code owners March 12, 2024 05:23
rynowak
rynowak reviewed Mar 12, 2024
View reviewed changes
pkg/recipes/driver/types.go
Driver

// FindSecretIDs gets the secret ID references from environment definition.
FindSecretIDs(ctx context.Context, config recipes.Configuration, definition recipes.EnvironmentDefinition) (string, error)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this return ([]string, error)?

What would happen in the future if a driver needed to read multiple secrets?

Copy link
Contributor Author

@vishwahiremat vishwahiremat Mar 13, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

currently we are keeping it to return module secret. But in the future when we have provider secrets etc, return type will be map because we may need to specify secret kind then ex: module secret or provider secret. It will be discussed in detail during the design for provider secrets.

rynowak
rynowak reviewed Mar 12, 2024
View reviewed changes
pkg/recipes/engine/engine.go Outdated
if secretStore != "" {
secrets, err = e.options.SecretsLoader.LoadSecrets(ctx, secretStore)
if err != nil {
return nil, nil, fmt.Errorf("failed to fetch secrets from the secret store resource id %s for Terraform recipe %s deployment: %w", secretStore, definition.TemplatePath, err)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this need its own error code?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree, we could add a new error code for load secrets failures.
thoughts on naming it as LOAD_SECRETS_FAILED ?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ARM-like error codes PascalCase so it would be LoadSecretsFailed

youngbupark
youngbupark reviewed Mar 12, 2024
View reviewed changes
pkg/recipes/driver/terraform.go
@@ -249,6 +249,11 @@ func (d *terraformDriver) GetRecipeMetadata(ctx context.Context, opts BaseOption
return recipeData, nil
}

func (d *terraformDriver) FindSecretIDs(ctx context.Context, envConfig recipes.Configuration, definition recipes.EnvironmentDefinition) (string, error) {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: Please add comment.

pkg/recipes/driver/types.go
@@ -42,6 +42,13 @@ type Driver interface {
GetRecipeMetadata(ctx context.Context, opts BaseOptions) (map[string]any, error)
}

type DriverWithSecrets interface {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: Please add comment

kachawla
kachawla reviewed Mar 13, 2024
View reviewed changes
pkg/recipes/driver/types.go Outdated
type DriverWithSecrets interface {
Driver

// FindSecretIDs gets the secret ID references from environment definition.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you add more details in this comment? What is the secret ID for example? Where does it read it from in the environment definition - recipe config. Why is it needed - to access private modules (for now, with providers change it would extend to secrets passed into the providers config as well)

@radius-functional-tests
Copy link

radius-functional-tests bot commented Mar 13, 2024
edited
Loading

Radius functional test overview

🔍 Go to test action run

Name Value
Repository vishwahiremat/radius
Commit ref ae89843
Unique ID 29b3441874
Image tag pr-29b3441874
Click here to see the list of tools in the current test run
  • gotestsum 1.10.0
  • KinD: v0.20.0
  • Dapr: 1.12.0
  • Azure KeyVault CSI driver: 1.4.2
  • Azure Workload identity webhook: 1.1.0
  • Bicep recipe location ghcr.io/radius-project/dev/test/functional/shared/recipes/<name>:pr-29b3441874
  • Terraform recipe location http://tf-module-server.radius-test-tf-module-server.svc.cluster.local/<name>.zip (in cluster)
  • applications-rp test image location: ghcr.io/radius-project/dev/applications-rp:pr-29b3441874
  • controller test image location: ghcr.io/radius-project/dev/controller:pr-29b3441874
  • ucp test image location: ghcr.io/radius-project/dev/ucpd:pr-29b3441874
  • deployment-engine test image location: ghcr.io/radius-project/deployment-engine:latest

Test Status

⌛ Building Radius and pushing container images for functional tests...
✅ Container images build succeeded
⌛ Publishing Bicep Recipes for functional tests...
✅ Recipe publishing succeeded
⌛ Starting kubernetes functional tests...
⌛ Starting shared functional tests...
⌛ Starting samples functional tests...
⌛ Starting daprrp functional tests...
⌛ Starting msgrp functional tests...
⌛ Starting cli functional tests...
⌛ Starting datastoresrp functional tests...
✅ msgrp functional tests succeeded
✅ kubernetes functional tests succeeded
✅ samples functional tests succeeded
✅ ucp functional tests succeeded
✅ daprrp functional tests succeeded
✅ shared functional tests succeeded
✅ datastoresrp functional tests succeeded
✅ cli functional tests succeeded

@vishwahiremat
addressing comments
8bd692f 
Signed-off-by: Vishwanath Hiremath <[email protected]>
@vishwahiremat
Merge branch 'main' into vishwahiremat/refactorModuleSecrets
f4da23b 
Signed-off-by: Vishwanath Hiremath <[email protected]>
@vishwahiremat
fixing linter issue
9de3a3e 
Signed-off-by: Vishwanath Hiremath <[email protected]>
kachawla
kachawla reviewed Mar 20, 2024
View reviewed changes
@vishwahiremat
adding unit tests
c30681a 
Signed-off-by: Vishwanath Hiremath <[email protected]>
@vishwahiremat
adding comments
8e2dfe8 
Signed-off-by: Vishwanath Hiremath <[email protected]>
@vishwahiremat
Merge branch 'main' into vishwahiremat/refactorModuleSecrets
f279d06 
Signed-off-by: Vishwanath Hiremath <[email protected]>
kachawla
kachawla previously approved these changes Mar 26, 2024
View reviewed changes
@kachawla
Update pkg/recipes/driver/types.go
e8b51e6 
Signed-off-by: Karishma Chawla <[email protected]>
@kachawla kachawla temporarily deployed to functional-tests March 26, 2024 22:34 — with GitHub Actions Inactive
@radius-functional-tests
Copy link

radius-functional-tests bot commented Mar 26, 2024
edited
Loading

Radius functional test overview

🔍 Go to test action run

Name Value
Repository vishwahiremat/radius
Commit ref cd7ab45
Unique ID func40e1c3b9a4
Image tag pr-func40e1c3b9a4
Click here to see the list of tools in the current test run
  • gotestsum 1.10.0
  • KinD: v0.20.0
  • Dapr: 1.12.0
  • Azure KeyVault CSI driver: 1.4.2
  • Azure Workload identity webhook: 1.1.0
  • Bicep recipe location ghcr.io/radius-project/dev/test/functional/shared/recipes/<name>:pr-func40e1c3b9a4
  • Terraform recipe location http://tf-module-server.radius-test-tf-module-server.svc.cluster.local/<name>.zip (in cluster)
  • applications-rp test image location: ghcr.io/radius-project/dev/applications-rp:pr-func40e1c3b9a4
  • controller test image location: ghcr.io/radius-project/dev/controller:pr-func40e1c3b9a4
  • ucp test image location: ghcr.io/radius-project/dev/ucpd:pr-func40e1c3b9a4
  • deployment-engine test image location: ghcr.io/radius-project/deployment-engine:latest

Test Status

⌛ Building Radius and pushing container images for functional tests...
✅ Container images build succeeded
⌛ Publishing Bicep Recipes for functional tests...
✅ Recipe publishing succeeded
⌛ Starting kubernetes functional tests...
⌛ Starting datastoresrp functional tests...
⌛ Starting shared functional tests...
⌛ Starting daprrp functional tests...
⌛ Starting msgrp functional tests...
⌛ Starting cli functional tests...
⌛ Starting ucp functional tests...
⌛ Starting samples functional tests...
✅ kubernetes functional tests succeeded
✅ msgrp functional tests succeeded
✅ samples functional tests succeeded
✅ ucp functional tests succeeded
✅ daprrp functional tests succeeded
✅ datastoresrp functional tests succeeded
✅ cli functional tests succeeded
✅ shared functional tests succeeded

kachawla
kachawla reviewed Mar 29, 2024
View reviewed changes
Copy link
Contributor

@kachawla kachawla left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@vishwahiremat can this be merged?

@radius-functional-tests
Copy link

radius-functional-tests bot commented Apr 1, 2024
edited
Loading

Radius functional test overview

🔍 Go to test action run

Name Value
Repository vishwahiremat/radius
Commit ref db4b7e4
Unique ID func282c34e3bc
Image tag pr-func282c34e3bc
Click here to see the list of tools in the current test run
  • gotestsum 1.10.0
  • KinD: v0.20.0
  • Dapr: 1.12.0
  • Azure KeyVault CSI driver: 1.4.2
  • Azure Workload identity webhook: 1.1.0
  • Bicep recipe location ghcr.io/radius-project/dev/test/testrecipes/test-bicep-recipes/<name>:pr-func282c34e3bc
  • Terraform recipe location http://tf-module-server.radius-test-tf-module-server.svc.cluster.local/<name>.zip (in cluster)
  • applications-rp test image location: ghcr.io/radius-project/dev/applications-rp:pr-func282c34e3bc
  • controller test image location: ghcr.io/radius-project/dev/controller:pr-func282c34e3bc
  • ucp test image location: ghcr.io/radius-project/dev/ucpd:pr-func282c34e3bc
  • deployment-engine test image location: ghcr.io/radius-project/deployment-engine:latest

Test Status

⌛ Building Radius and pushing container images for functional tests...
✅ Container images build succeeded
⌛ Publishing Bicep Recipes for functional tests...
✅ Recipe publishing succeeded
❌ Test tool installation for datastoresrp failed. Please check the logs for more details
❌ Test tool installation for msgrp failed. Please check the logs for more details
❌ Failed to install Radius for datastoresrp functional test. Please check the logs for more details
❌ Failed to install Radius for msgrp functional test. Please check the logs for more details
❌ Failed to install Radius for cli functional test. Please check the logs for more details
❌ datastoresrp functional test failed. Please check the logs for more details
❌ msgrp functional test failed. Please check the logs for more details
❌ cli functional test failed. Please check the logs for more details
❌ shared functional test cancelled. Please check the logs for more details
❌ daprrp functional test cancelled. Please check the logs for more details

@radius-functional-tests
Copy link

radius-functional-tests bot commented Apr 2, 2024
edited
Loading

Radius functional test overview

🔍 Go to test action run

Name Value
Repository vishwahiremat/radius
Commit ref e609071
Unique ID func34a2f3882f
Image tag pr-func34a2f3882f
Click here to see the list of tools in the current test run
  • gotestsum 1.10.0
  • KinD: v0.20.0
  • Dapr: 1.12.0
  • Azure KeyVault CSI driver: 1.4.2
  • Azure Workload identity webhook: 1.1.0
  • Bicep recipe location ghcr.io/radius-project/dev/test/testrecipes/test-bicep-recipes/<name>:pr-func34a2f3882f
  • Terraform recipe location http://tf-module-server.radius-test-tf-module-server.svc.cluster.local/<name>.zip (in cluster)
  • applications-rp test image location: ghcr.io/radius-project/dev/applications-rp:pr-func34a2f3882f
  • controller test image location: ghcr.io/radius-project/dev/controller:pr-func34a2f3882f
  • ucp test image location: ghcr.io/radius-project/dev/ucpd:pr-func34a2f3882f
  • deployment-engine test image location: ghcr.io/radius-project/deployment-engine:latest

Test Status

⌛ Building Radius and pushing container images for functional tests...
✅ Container images build succeeded
⌛ Publishing Bicep Recipes for functional tests...
✅ Recipe publishing succeeded
⌛ Starting samples functional tests...
⌛ Starting datastoresrp functional tests...
⌛ Starting ucp functional tests...
⌛ Starting cli functional tests...
⌛ Starting kubernetes functional tests...
⌛ Starting shared functional tests...
⌛ Starting msgrp functional tests...
⌛ Starting daprrp functional tests...
✅ samples functional tests succeeded
✅ ucp functional tests succeeded
✅ kubernetes functional tests succeeded
✅ msgrp functional tests succeeded
✅ datastoresrp functional tests succeeded
✅ cli functional tests succeeded
✅ shared functional tests succeeded

@lakshmimsft lakshmimsft merged commit 186994d into radius-project:main Apr 2, 2024
15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rynowak rynowak rynowak left review comments

@youngbupark youngbupark youngbupark left review comments

@kachawla kachawla kachawla approved these changes

@lakshmimsft lakshmimsft lakshmimsft approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@vishwahiremat @rynowak @youngbupark @kachawla @lakshmimsft