Skip to content

Commit

Permalink
Allow configuration of Kubernetes Secret destination from command-lin…
Browse files Browse the repository at this point in the history
…e flags (#44801)
  • Loading branch information
strideynet authored Jul 30, 2024
1 parent 03588e6 commit 766bf72
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 0 deletions.
21 changes: 21 additions & 0 deletions lib/tbot/config/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -631,6 +631,27 @@ func destinationFromURI(uriString string) (bot.Destination, error) {
)
}
return &DestinationMemory{}, nil
case "kubernetes-secret":
if uri.Host != "" {
return nil, trace.BadParameter(
"kubernetes-secret scheme should not be specified with host",
)
}
if uri.Path == "" {
return nil, trace.BadParameter(
"kubernetes-secret scheme should have a path specified",
)
}
// kubernetes-secret:///my-secret
// TODO(noah): Eventually we'll support namespace in the host part of
// the URI. For now, we'll default to the namespace tbot is running in.

// Path will be prefixed with '/' so we'll strip it off.
secretName := strings.TrimPrefix(uri.Path, "/")

return &DestinationKubernetesSecret{
Name: secretName,
}, nil
default:
return nil, trace.BadParameter(
"unrecognized data storage scheme",
Expand Down
13 changes: 13 additions & 0 deletions lib/tbot/config/config_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -198,6 +198,19 @@ func TestDestinationFromURI(t *testing.T) {
in: "foobar://",
wantErr: true,
},
{
in: "kubernetes-secret:///my-secret",
want: &DestinationKubernetesSecret{
Name: "my-secret",
},
},
{
in: "kubernetes-secret://my-secret",
want: &DestinationKubernetesSecret{
Name: "my-secret",
},
wantErr: true,
},
}
for _, tt := range tests {
t.Run(tt.in, func(t *testing.T) {
Expand Down

0 comments on commit 766bf72

Please sign in to comment.