From 3e06479cda9654d77b2e8c594a6f527431cac0a7 Mon Sep 17 00:00:00 2001 From: kjuulh Date: Sat, 25 May 2024 14:37:13 +0200 Subject: [PATCH] fix: only create vault secret template if actual secret found Signed-off-by: kjuulh --- .../src/catalog/vault_secret.rs | 33 +++++++++++++++---- 1 file changed, 27 insertions(+), 6 deletions(-) diff --git a/crates/cuddle-clusters/src/catalog/vault_secret.rs b/crates/cuddle-clusters/src/catalog/vault_secret.rs index 7a0d482..cd3301b 100644 --- a/crates/cuddle-clusters/src/catalog/vault_secret.rs +++ b/crates/cuddle-clusters/src/catalog/vault_secret.rs @@ -74,11 +74,31 @@ impl Component for VaultSecret { fn render( &self, _environment: &str, - _value: &serde_yaml::Value, + value: &serde_yaml::Value, ) -> Option> { - Some(Ok(( - format!("{}.yaml", self.name().replace("/", "_")), - r#"apiVersion: secrets.hashicorp.com/v1beta1 + value + .as_mapping() + .and_then(|map| map.get("env")) + .and_then(|v| v.as_mapping()) + .map(|v| { + v.iter() + .filter_map(|(k, v)| { + if v.as_mapping() + .map(|m| m.get("vault").filter(|v| v.as_bool() == Some(true))) + .is_some() + { + Some(k) + } else { + None + } + }) + .filter_map(|k| k.as_str()) + .collect::>() + }) + .map(|_| { + Ok(( + format!("{}.yaml", self.name().replace("/", "_")), + r#"apiVersion: secrets.hashicorp.com/v1beta1 kind: VaultStaticSecret metadata: name: {{ vars.vault_secret.file_name(vars.cuddle_vars.service) }} @@ -92,8 +112,9 @@ spec: refreshAfter: 30s type: kv-v2 "# - .into(), - ))) + .into(), + )) + }) } }