Class: KubesGoogle::Secrets

Inherits:

Object

• Object
• KubesGoogle::Secrets

Defined in:

lib/kubes_google/secrets.rb,
lib/kubes_google/secrets/fetcher.rb

Defined Under Namespace

Classes: Fetcher

Instance Method Summary

• #call ⇒ Object
• #data ⇒ Object
• #initialize(upcase: false, base64: false, prefix: nil) ⇒ Secrets constructor

  A new instance of Secrets.

Constructor Details

#initialize(upcase: false, base64: false, prefix: nil) ⇒ Secrets

Returns a new instance of Secrets.

# File 'lib/kubes_google/secrets.rb', line 5

def initialize(upcase: false, base64: false, prefix: nil)
  @upcase, @base64 = upcase, base64
  @prefix = ENV['GCP_SECRET_PREFIX'] || prefix
  @project_id = ENV['GOOGLE_PROJECT'] || raise("GOOGLE_PROJECT env variable is not set. It's required.")
  # IE: prefix: projects/686010496118/secrets/demo-dev-
end

Instance Method Details

#call ⇒ Object

# File 'lib/kubes_google/secrets.rb', line 12

def call
  client = Google::Cloud::SecretManager.secret_manager_service

  parent = "projects/#{@project_id}"
  resp = client.list_secrets(parent: parent) # note: page_size doesnt seem to get respected
  resp.each do |secret|
    next unless secret.name.include?(@prefix)
    version = client.access_secret_version(name: "#{secret.name}/versions/latest")

    # projects/686010496118/secrets/demo-dev-db_pass => DB_PASS
    key = secret.name.sub(@prefix,'')
    key = key.upcase if @upcase
    value = version.payload.data
    # strict_encode64 to avoid newlines https://stackoverflow.com/questions/2620975/strange-n-in-base64-encoded-string-in-ruby
    value = Base64.strict_encode64(value).strip if @base64
    self.class.data[key] = value
  end
end

#data ⇒ Object

# File 'lib/kubes_google/secrets.rb', line 31

def data
  self.class.data
end