Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix authentication configuration options #50

Merged
merged 1 commit into from
Jan 5, 2025
Merged

Fix authentication configuration options #50

merged 1 commit into from
Jan 5, 2025

Conversation

m1so
Copy link
Contributor

@m1so m1so commented Dec 15, 2024

Description of your changes

Fixes #49 where authentication configuration options weren't propagated correctly, e.g.

provider "vault" {
  auth_login {
    path = "auth/approle/login"

    parameters = {
      role_id = "my-role"
    }
  }
}

is mapped to Kubernetes Secret as:

apiVersion: v1
kind: Secret
metadata:
  name: vault-creds
  namespace: vault
type: Opaque
stringData:
  approle-login: |
    {
      "auth_login": {
        "path": "auth/approle/login",
        "parameters": {"role_id": "my-role"}
      }
    }

but the contents of approle-login key needs to be internally passed to terraform.Setup{}.Configuration["auth_login"] as array of a single element, not as a map

see: https://registry.terraform.io/providers/hashicorp/vault/latest/docs#vault-authentication-configuration-options

I have:

  • Read and followed Crossplane's contribution process.
  • Run make reviewable test to ensure this PR is ready for review.

How has this code been tested

  1. make local-deploy
  2. make uptest UPTEST_EXAMPLE_LIST=xyz.yaml
  3. run ./cluster/test/setup-auth.sh to generate AppRole auth and role (Vault must be port-forwarded to :8200)
  4. run any uptest example with ProviderConfig reference changed to vault-provider-config-approle

@m1so m1so mentioned this pull request Dec 16, 2024
Closed
@tschlaepfer tschlaepfer mentioned this pull request Jan 3, 2025
Open
2 tasks
sergenyalcin
sergenyalcin approved these changes Jan 3, 2025
View reviewed changes
Copy link
Member

@sergenyalcin sergenyalcin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @m1so LGTM!

@sergenyalcin sergenyalcin merged commit 9a68b11 into upbound:main Jan 5, 2025
6 checks passed
@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 6, 2025

Successfully created backport PR #51 for release-2.0.

@github-actions github-actions bot mentioned this pull request Jan 6, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sergenyalcin sergenyalcin sergenyalcin approved these changes

@ulucinar ulucinar Awaiting requested review from ulucinar ulucinar is a code owner

Assignees
No one assigned
Labels
backport release-2.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Observe failed when upgrading to v2.0.0
2 participants
@m1so @sergenyalcin