Skip to content

Commit

Permalink
Correct multiple secret values in one array parameter that references…
Browse files Browse the repository at this point in the history
… different secret variables
  • Loading branch information
SaschaSchwarze0 committed Apr 2, 2024
1 parent faa06d9 commit e56ad84
Show file tree
Hide file tree
Showing 3 changed files with 77 additions and 1 deletion.
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,8 @@ anaconda-mode/
*.dylib
# Test binary, build with 'go test -c'
*.test
# Ginkgo report
ginkgo.report
# Output of the go coverage tool, specifically when used with LiteIDE
*.out
### Vim ###
Expand Down
3 changes: 2 additions & 1 deletion pkg/reconciler/buildrun/resources/params.go
Original file line number Diff line number Diff line change
Expand Up @@ -160,7 +160,8 @@ func HandleTaskRunParam(taskRun *pipelineapi.TaskRun, parameterDefinition *build
return nil

default:
for index, value := range paramValue.Values {
for index := range paramValue.Values {
value := paramValue.Values[index]
switch {
case value.ConfigMapValue != nil:
envVarName, err := addConfigMapEnvVar(taskRun, paramValue.Name, value.ConfigMapValue.Name, value.ConfigMapValue.Key)
Expand Down
73 changes: 73 additions & 0 deletions pkg/reconciler/buildrun/resources/params_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -674,5 +674,78 @@ var _ = Describe("HandleTaskRunParam", func() {
},
}))
})

It("adds multiple environment variables correctly", func() {
err := HandleTaskRunParam(taskRun, parameterDefinition, buildv1beta1.ParamValue{
Name: "array-parameter",
Values: []buildv1beta1.SingleValue{
{
Value: pointer.String("first entry"),
},
{
SecretValue: &buildv1beta1.ObjectKeyRef{
Name: "secret-name",
Key: "secret-key-1",
},
},
{
SecretValue: &buildv1beta1.ObjectKeyRef{
Name: "secret-name",
Key: "secret-key-2",
Format: pointer.String("The secret value is ${SECRET_VALUE}"),
},
},
},
})
Expect(err).ToNot(HaveOccurred())

// Verify the environment variable that is only added to the second step
Expect(len(taskRun.Spec.TaskSpec.Steps[0].Env)).To(Equal(0))

Expect(len(taskRun.Spec.TaskSpec.Steps[1].Env)).To(Equal(2))

envVarName1 := taskRun.Spec.TaskSpec.Steps[1].Env[0].Name
Expect(envVarName1).To(HavePrefix("SHP_SECRET_PARAM_"))
Expect(taskRun.Spec.TaskSpec.Steps[1].Env[0]).To(BeEquivalentTo(corev1.EnvVar{
Name: envVarName1,
ValueFrom: &corev1.EnvVarSource{
SecretKeyRef: &corev1.SecretKeySelector{
LocalObjectReference: corev1.LocalObjectReference{
Name: "secret-name",
},
Key: "secret-key-1",
},
},
}))

envVarName2 := taskRun.Spec.TaskSpec.Steps[1].Env[1].Name
Expect(envVarName2).To(HavePrefix("SHP_SECRET_PARAM_"))
Expect(taskRun.Spec.TaskSpec.Steps[1].Env[1]).To(BeEquivalentTo(corev1.EnvVar{
Name: envVarName2,
ValueFrom: &corev1.EnvVarSource{
SecretKeyRef: &corev1.SecretKeySelector{
LocalObjectReference: corev1.LocalObjectReference{
Name: "secret-name",
},
Key: "secret-key-2",
},
},
}))

// Verify the parameters
Expect(taskRun.Spec.Params).To(BeEquivalentTo([]pipelineapi.Param{
{
Name: "array-parameter",
Value: pipelineapi.ParamValue{
Type: pipelineapi.ParamTypeArray,
ArrayVal: []string{
"first entry",
fmt.Sprintf("$(%s)", envVarName1),
fmt.Sprintf("The secret value is $(%s)", envVarName2),
},
},
},
}))
})
})
})

0 comments on commit e56ad84

Please sign in to comment.