Use map[string][]byte instead of map[string]string

kanisterio · Nov 3, 2022 · c4a24f3 · c4a24f3
1 parent d14afbe
commit c4a24f3
Show file tree

Hide file tree

Showing 12 changed files with 424 additions and 77 deletions.
diff --git a/pkg/kopia/command/storage/azure_args.go b/pkg/kopia/command/storage/azure_args.go
@@ -27,7 +27,7 @@ const (
 	azureStorageDomainFlag  = "--storage-domain"
 )
 
-func kopiaAzureArgs(location map[string]string, artifactPrefix string) logsafe.Cmd {
+func kopiaAzureArgs(location map[string][]byte, artifactPrefix string) logsafe.Cmd {
 	artifactPrefix = GenerateFullRepoPath(getPrefixFromMap(location), artifactPrefix)
 
 	args := logsafe.NewLoggable(azureSubCommand)

diff --git a/pkg/kopia/command/storage/azure_args_test.go b/pkg/kopia/command/storage/azure_args_test.go
@@ -23,13 +23,13 @@ import (
 func (s *StorageUtilsSuite) TestAzureArgsUtil(c *check.C) {
 	artifactPrefix := "dir/sub-dir"
 	for _, tc := range []struct {
-		location        map[string]string
+		location        map[string][]byte
 		expectedCommand string
 	}{
 		{
-			location: map[string]string{
-				bucketKey: "test-bucket",
-				prefixKey: "test-prefix",
+			location: map[string][]byte{
+				bucketKey: []byte("test-bucket"),
+				prefixKey: []byte("test-prefix"),
 			},
 			expectedCommand: fmt.Sprint(azureSubCommand,
 				fmt.Sprintf(" %s=%s ", azureContainerFlag, "test-bucket"),

diff --git a/pkg/kopia/command/storage/filesystem_args.go b/pkg/kopia/command/storage/filesystem_args.go
@@ -25,7 +25,7 @@ const (
 	DefaultFSMountPath = "/mnt/data"
 )
 
-func kopiaFilesystemArgs(location map[string]string, artifactPrefix string) logsafe.Cmd {
+func kopiaFilesystemArgs(location map[string][]byte, artifactPrefix string) logsafe.Cmd {
 	artifactPrefix = GenerateFullRepoPath(getPrefixFromMap(location), artifactPrefix)
 
 	args := logsafe.NewLoggable(filesystemSubCommand)

diff --git a/pkg/kopia/command/storage/filesystem_args_test.go b/pkg/kopia/command/storage/filesystem_args_test.go
@@ -37,8 +37,8 @@ func (s *StorageUtilsSuite) TestFilesystemArgsUtil(c *check.C) {
 			expectedPath:   fmt.Sprintf("%s/test-prefix/dir1/subdir/", DefaultFSMountPath),
 		},
 	} {
-		sec := map[string]string{
-			prefixKey: tc.prefix,
+		sec := map[string][]byte{
+			prefixKey: []byte(tc.prefix),
 		}
 		args := kopiaFilesystemArgs(sec, tc.artifactPrefix)
 		expectedValue := fmt.Sprint(

diff --git a/pkg/kopia/command/storage/gcs_args.go b/pkg/kopia/command/storage/gcs_args.go
@@ -26,7 +26,7 @@ const (
 	gcsPrefixFlag       = "--prefix"
 )
 
-func kopiaGCSArgs(location map[string]string, artifactPrefix string) logsafe.Cmd {
+func kopiaGCSArgs(location map[string][]byte, artifactPrefix string) logsafe.Cmd {
 	artifactPrefix = GenerateFullRepoPath(getPrefixFromMap(location), artifactPrefix)
 
 	args := logsafe.NewLoggable(gcsSubCommand)

diff --git a/pkg/kopia/command/storage/gcs_args_test.go b/pkg/kopia/command/storage/gcs_args_test.go
@@ -21,9 +21,9 @@ import (
 )
 
 func (s *StorageUtilsSuite) TestGCSArgsUtil(c *check.C) {
-	locSecret := map[string]string{
-		prefixKey: "test-prefix",
-		bucketKey: "test-bucket",
+	locSecret := map[string][]byte{
+		prefixKey: []byte("test-prefix"),
+		bucketKey: []byte("test-bucket"),
 	}
 	artifactPrefix := "dir/sub-dir"
 	cmd := kopiaGCSArgs(locSecret, artifactPrefix)

diff --git a/pkg/kopia/command/storage/s3_args.go b/pkg/kopia/command/storage/s3_args.go
@@ -35,7 +35,7 @@ const (
 	s3RegionFlag           = "--region"
 )
 
-func kopiaS3Args(location map[string]string, assumeRoleDuration time.Duration, artifactPrefix string) logsafe.Cmd {
+func kopiaS3Args(location map[string][]byte, assumeRoleDuration time.Duration, artifactPrefix string) logsafe.Cmd {
 	args := logsafe.NewLoggable(s3SubCommand)
 	args = args.AppendLoggableKV(s3BucketFlag, getBucketNameFromMap(location))
 

diff --git a/pkg/kopia/command/storage/s3_args_test.go b/pkg/kopia/command/storage/s3_args_test.go
@@ -24,15 +24,15 @@ import (
 func (s *StorageUtilsSuite) TestS3ArgsUtil(c *check.C) {
 	artifactPrefix := "dir/sub-dir"
 	for _, tc := range []struct {
-		location        map[string]string
+		location        map[string][]byte
 		expectedCommand string
 	}{
 		{
-			location: map[string]string{
-				bucketKey:        "test-bucket",
-				prefixKey:        "test-prefix",
-				regionKey:        "test-region",
-				skipSSLVerifyKey: "true",
+			location: map[string][]byte{
+				bucketKey:        []byte("test-bucket"),
+				prefixKey:        []byte("test-prefix"),
+				regionKey:        []byte("test-region"),
+				skipSSLVerifyKey: []byte("true"),
 			},
 			expectedCommand: fmt.Sprint(s3SubCommand,
 				fmt.Sprintf(" %s=%s", s3BucketFlag, "test-bucket"),
@@ -42,21 +42,21 @@ func (s *StorageUtilsSuite) TestS3ArgsUtil(c *check.C) {
 			),
 		},
 		{
-			location: map[string]string{
-				bucketKey:   "test-bucket",
-				prefixKey:   "test-prefix",
-				endpointKey: "https://test.test:9000/",
+			location: map[string][]byte{
+				bucketKey:   []byte("test-bucket"),
+				prefixKey:   []byte("test-prefix"),
+				endpointKey: []byte("https://test.test:9000/"),
 			},
 			expectedCommand: fmt.Sprint(s3SubCommand,
 				fmt.Sprintf(" %s=%s", s3BucketFlag, "test-bucket"),
 				fmt.Sprintf(" %s=%s", s3EndpointFlag, "test.test:9000"),
 				fmt.Sprintf(" %s=%s", s3PrefixFlag, fmt.Sprintf("test-prefix/%s/", artifactPrefix))),
 		},
 		{
-			location: map[string]string{
-				bucketKey:   "test-bucket",
-				prefixKey:   "test-prefix",
-				endpointKey: "http://test.test:9000",
+			location: map[string][]byte{
+				bucketKey:   []byte("test-bucket"),
+				prefixKey:   []byte("test-prefix"),
+				endpointKey: []byte("http://test.test:9000"),
 			},
 			expectedCommand: fmt.Sprint(s3SubCommand,
 				fmt.Sprintf(" %s=%s", s3BucketFlag, "test-bucket"),

diff --git a/pkg/kopia/command/storage/secret_utils.go b/pkg/kopia/command/storage/secret_utils.go
@@ -14,45 +14,182 @@
 
 package storage
 
-type LocType string
+import (
+	"context"
+	"time"
 
-const (
-	LocTypeS3        LocType = "s3"
-	LocTypeGCS       LocType = "gcs"
-	LocTypeAzure     LocType = "azure"
-	LocTypeFilestore LocType = "filestore"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/pkg/errors"
+	v1 "k8s.io/api/core/v1"
+
+	"github.com/kanisterio/kanister/pkg/aws"
+	"github.com/kanisterio/kanister/pkg/secrets"
 )
 
+type LocType string
+
 const (
+	// Location secret keys
 	bucketKey        = "bucket"
 	endpointKey      = "endpoint"
 	prefixKey        = "prefix"
 	regionKey        = "region"
 	skipSSLVerifyKey = "skipSSLVerify"
 	typeKey          = "type"
+
+	// Location types
+	LocTypeS3        LocType = "s3"
+	LocTypeGCS       LocType = "gcs"
+	LocTypeAzure     LocType = "azure"
+	LocTypeFilestore LocType = "filestore"
+
+	// Azure location related environment variables
+	azureStorageAccountEnv = "AZURE_STORAGE_ACCOUNT"
+	azureStorageKeyEnv     = "AZURE_STORAGE_KEY"
+	azureStorageDomainEnv  = "AZURE_STORAGE_DOMAIN"
 )
 
-func getBucketNameFromMap(m map[string]string) string {
-	return m[bucketKey]
+func getBucketNameFromMap(m map[string][]byte) string {
+	return string(m[bucketKey])
 }
 
-func getEndpointFromMap(m map[string]string) string {
-	return m[endpointKey]
+func getEndpointFromMap(m map[string][]byte) string {
+	return string(m[endpointKey])
 }
 
-func getPrefixFromMap(m map[string]string) string {
-	return m[prefixKey]
+func getPrefixFromMap(m map[string][]byte) string {
+	return string(m[prefixKey])
 }
 
-func getRegionFromMap(m map[string]string) string {
-	return m[regionKey]
+func getRegionFromMap(m map[string][]byte) string {
+	return string(m[regionKey])
 }
 
-func checkSkipSSLVerifyFromMap(m map[string]string) bool {
-	v := m[skipSSLVerifyKey]
+func checkSkipSSLVerifyFromMap(m map[string][]byte) bool {
+	v := string(m[skipSSLVerifyKey])
 	return v == "true"
 }
 
-func locationType(m map[string]string) LocType {
+func locationType(m map[string][]byte) LocType {
 	return LocType(m[typeKey])
 }
+
+// GenerateEnvSpecFromCredentialSecret parses the secret and returns
+// list of EnvVar based on secret type
+func GenerateEnvSpecFromCredentialSecret(s *v1.Secret) ([]v1.EnvVar, error) {
+	if s == nil {
+		return nil, errors.New("Secret cannot be nil")
+	}
+	secType := string(s.Type)
+	switch secType {
+	case secrets.AWSSecretType:
+		return getEnvSpecForAWSCredentialSecret(s)
+	case secrets.AzureSecretType:
+		return getEnvSpecForAzureCredentialSecret(s)
+	}
+	// We only need to set the environment variables in cases where
+	// secret type is AWS or Azure.
+	return nil, nil
+}
+
+func getEnvSpecForAWSCredentialSecret(s *v1.Secret) ([]v1.EnvVar, error) {
+	var duration time.Duration
+	var err error
+	envVars := []v1.EnvVar{}
+	envVars = append(
+		envVars,
+		getEnvVarWithSecretRef(aws.AccessKeyID, s.Name, secrets.AWSAccessKeyID),
+		getEnvVarWithSecretRef(aws.SecretAccessKey, s.Name, secrets.AWSSecretAccessKey),
+	)
+	if val, ok := s.Data["assume_duration"]; ok {
+		duration, err = time.ParseDuration(string(val))
+		if err != nil {
+			return nil, errors.Wrap(err, "Failed to parse AWS Assume Role duration")
+		}
+	}
+	creds, err := secrets.ExtractAWSCredentials(context.Background(), s, duration)
+	if err != nil {
+		return nil, err
+	}
+	if creds.SessionToken != "" {
+		envVars = append(envVars, getEnvVarWithSecretRef(aws.SessionToken, s.Name, secrets.AWSSessionToken))
+	}
+	return envVars, nil
+}
+
+func getEnvSpecForAzureCredentialSecret(s *v1.Secret) ([]v1.EnvVar, error) {
+	envVars := []v1.EnvVar{}
+	envVars = append(
+		envVars,
+		getEnvVarWithSecretRef(azureStorageAccountEnv, s.Name, secrets.AzureStorageAccountID),
+		getEnvVarWithSecretRef(azureStorageKeyEnv, s.Name, secrets.AzureStorageAccountKey),
+	)
+	azureSecret, err := secrets.ExtractAzureCredentials(s)
+	if err != nil {
+		return nil, err
+	}
+	storageEnv := azureSecret.EnvironmentName
+	if storageEnv != "" {
+		env, err := azure.EnvironmentFromName(storageEnv)
+		if err != nil {
+			return nil, errors.Wrapf(err, "Failed to get azure environment from name: %s", storageEnv)
+		}
+		blobDomain := "blob." + env.StorageEndpointSuffix
+		// TODO : Check how we can set this env to use value from secret
+		envVars = append(envVars, getEnvVar(azureStorageDomainEnv, blobDomain))
+	}
+	return envVars, nil
+}
+
+func getEnvVarWithSecretRef(varName, secretName, secretKey string) v1.EnvVar {
+	return v1.EnvVar{
+		Name: varName,
+		ValueFrom: &v1.EnvVarSource{
+			SecretKeyRef: &v1.SecretKeySelector{
+				Key: secretKey,
+				LocalObjectReference: v1.LocalObjectReference{
+					Name: secretName,
+				},
+			},
+		},
+	}
+}
+
+func getEnvVar(varName, value string) v1.EnvVar {
+	return v1.EnvVar{
+		Name:  varName,
+		Value: value,
+	}
+}
+
+// GetMapForLocationValues return a map with valid keys
+// for different location values
+func GetMapForLocationValues(
+	locType LocType,
+	prefix,
+	region,
+	bucket,
+	endpoint,
+	skipSSLVerify string,
+) map[string][]byte {
+	m := map[string][]byte{}
+	if bucket != "" {
+		m[bucketKey] = []byte(bucket)
+	}
+	if endpoint != "" {
+		m[endpointKey] = []byte(endpoint)
+	}
+	if prefix != "" {
+		m[prefixKey] = []byte(prefix)
+	}
+	if region != "" {
+		m[regionKey] = []byte(region)
+	}
+	if skipSSLVerify != "" {
+		m[skipSSLVerifyKey] = []byte(skipSSLVerify)
+	}
+	if locType != "" {
+		m[typeKey] = []byte(locType)
+	}
+	return m
+}