Merge pull request #46 from patoarvizu/fix-resources-field

Update upstream bank-vaults api
patoarvizu · Mar 9, 2021 · 4f024cb · 4f024cb
2 parents 14b196c + b64fe18
commit 4f024cb
Show file tree

Hide file tree

Showing 5 changed files with 454 additions and 619 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -76,6 +76,7 @@ jobs:
           go test github.com/patoarvizu/vault-dynamic-configuration-operator/test/e2e -v -ginkgo.focus="Single namespace"
           helm upgrade vault-dynamic-configuration-operator helm/vault-dynamic-configuration-operator/ -n vault --set flags.boundRolesToAllNamespaces=true
           go test github.com/patoarvizu/vault-dynamic-configuration-operator/test/e2e -v -ginkgo.focus="All namespaces"
+          go test github.com/patoarvizu/vault-dynamic-configuration-operator/test/e2e -v -ginkgo.focus="Any namespace"
     - save_cache:
         key: vault-dynamic-configuration-operator-golang-cache-{{ checksum "go.sum" }}
         paths:

diff --git a/controllers/serviceaccount_controller.go b/controllers/serviceaccount_controller.go
@@ -154,7 +154,7 @@ func (r *ServiceAccountReconciler) Reconcile(req ctrl.Request) (ctrl.Result, err
 	}
 
 	if instance.ObjectMeta.Name == "default" {
-		reqLogger.V(1).Info(fmt.Sprintf("Explicitly ignoring 'default' ServiceAccount in namespace %s, to avoid overwriting Vaults 'default' policy", &instance.ObjectMeta.Namespace))
+		reqLogger.V(1).Info(fmt.Sprintf("Explicitly ignoring 'default' ServiceAccount in namespace %s, to avoid overwriting Vaults 'default' policy", instance.ObjectMeta.Namespace))
 		return reconcile.Result{}, nil
 	}
 
@@ -391,6 +391,11 @@ func addOrUpdateKubernetesRole(kubernetesAuth *Auth, metadata metav1.ObjectMeta)
 }
 
 func updateDBSecretConfiguration(bvConfig BankVaultsConfig, vaultConfig *bankvaultsv1alpha1.Vault) error {
+	jsonMap := make(map[string]interface{})
+	err := json.Unmarshal([]byte(vaultConfig.Spec.ExternalConfigJSON()), &jsonMap)
+	if err != nil {
+		return err
+	}
 	dbSecret, err := bvConfig.GetDBSecret()
 	if err != nil {
 		return err
@@ -400,12 +405,26 @@ func updateDBSecretConfiguration(bvConfig BankVaultsConfig, vaultConfig *bankvau
 		if s.Type != "database" {
 			continue
 		}
-		return json.Unmarshal(configJsonData, &vaultConfig.Spec.ExternalConfig["secrets"].([]interface{})[i])
+		err = json.Unmarshal(configJsonData, &jsonMap["secrets"].([]interface{})[i])
+		if err != nil {
+			return err
+		}
+		unmarshaledJsonMap, err := json.Marshal(jsonMap)
+		if err != nil {
+			return err
+		}
+		vaultConfig.Spec.ExternalConfig.Raw = unmarshaledJsonMap
+		return nil
 	}
 	return nil
 }
 
 func updateKubernetesConfiguration(bvConfig BankVaultsConfig, vaultConfig *bankvaultsv1alpha1.Vault) error {
+	jsonMap := make(map[string]interface{})
+	err := json.Unmarshal([]byte(vaultConfig.Spec.ExternalConfigJSON()), &jsonMap)
+	if err != nil {
+		return err
+	}
 	kubernetesAuth, err := bvConfig.getKubernetesAuth()
 	if err != nil {
 		return err
@@ -418,11 +437,16 @@ func updateKubernetesConfiguration(bvConfig BankVaultsConfig, vaultConfig *bankv
 		if a.Type != "kubernetes" {
 			continue
 		}
-		err = json.Unmarshal(configJsonData, &vaultConfig.Spec.ExternalConfig["auth"].([]interface{})[i])
+		err = json.Unmarshal(configJsonData, &jsonMap["auth"].([]interface{})[i])
+		if err != nil {
+			return err
+		}
+		jsonMap["policies"] = bvConfig.Policies
+		unmarshaledJsonMap, err := json.Marshal(jsonMap)
 		if err != nil {
 			return err
 		}
-		vaultConfig.Spec.ExternalConfig["policies"] = bvConfig.Policies
+		vaultConfig.Spec.ExternalConfig.Raw = unmarshaledJsonMap
 		return nil
 	}
 	return nil

diff --git a/go.mod b/go.mod
@@ -3,19 +3,20 @@ module github.com/patoarvizu/vault-dynamic-configuration-operator
 go 1.13
 
 require (
-	github.com/Masterminds/semver/v3 v3.1.0
-	github.com/banzaicloud/bank-vaults v0.0.0-20200825124647-f70bdd822e23
-	github.com/coreos/prometheus-operator v0.41.1
-	github.com/go-logr/logr v0.1.0
-	github.com/google/martian v2.1.1-0.20190517191504-25dcb96d9e51+incompatible
-	github.com/onsi/ginkgo v1.12.1
+	github.com/banzaicloud/bank-vaults v1.7.1-0.20210215124259-db2bdd2dc82d
+	github.com/go-logr/logr v0.2.1
+	github.com/onsi/ginkgo v1.14.0
 	github.com/onsi/gomega v1.10.1
-	github.com/spf13/cast v1.3.1
-	k8s.io/api v0.18.6
-	k8s.io/apimachinery v0.18.6
+	k8s.io/api v0.19.3
+	k8s.io/apimachinery v0.19.3
 	k8s.io/client-go v11.0.0+incompatible
-	k8s.io/utils v0.0.0-20200729134348-d5654de09c73
 	sigs.k8s.io/controller-runtime v0.6.2
 )
 
-replace k8s.io/client-go => k8s.io/client-go v0.18.6
+replace (
+	google.golang.org/grpc => google.golang.org/grpc v1.29.1
+	k8s.io/api => k8s.io/api v0.19.3
+	k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.19.3
+	k8s.io/apimachinery => k8s.io/apimachinery v0.19.3
+	k8s.io/client-go => k8s.io/client-go v0.19.3
+)