kubes_google 0.3.5 → 0.3.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/kubes_google.gemspec +1 -0
- data/lib/kubes_google/secrets/fetcher/sdk.rb +12 -16
- data/lib/kubes_google/secrets/fetcher.rb +4 -0
- data/lib/kubes_google/service_account.rb +1 -0
- data/lib/kubes_google/services.rb +6 -0
- data/lib/kubes_google/version.rb +1 -1
- data/lib/kubes_google.rb +1 -0
- metadata +17 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '088f3403efb08082a1aafe32aa0790dd3f3066c2fa49097963d952150171ec03'
|
|
4
|
+
data.tar.gz: 6865c3cbf32056aea2615ae9022c1763ec8449dea2fc5242f3ddb01750bb2cd2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a760e087e9cd8eb9636fd1540aa020e2ed74da3038aeec039e562e83123dd70a9bfec6fc594b31fb1e1911d1664553398cd051548949b4c55f9eff7bcf844956
|
|
7
|
+
data.tar.gz: fc8d14d3cdbc386ebc53d815e8e854affa8bfe1eef97c6e578aa6a519704901131e4f9e5be8734a18b512cebd00df36c12ab665f7ff63bc769613911803dd922
|
data/CHANGELOG.md
CHANGED
|
@@ -3,6 +3,11 @@
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
This project *loosely tries* to adhere to [Semantic Versioning](http://semver.org/), even before v1.0.
|
|
5
5
|
|
|
6
|
+
## [0.3.6] - 2022-02-04
|
|
7
|
+
- [#7](https://github.com/boltops-tools/kubes_google/pull/7) Secret auto retry with gcloud strategy
|
|
8
|
+
- [#8](https://github.com/boltops-tools/kubes_google/pull/8) add condition none
|
|
9
|
+
- get google project number via api
|
|
10
|
+
|
|
6
11
|
## [0.3.5] - 2020-11-12
|
|
7
12
|
- add KubesGoogle.cloudbuild? check
|
|
8
13
|
- fetcher sdk friendly suggestion to use gcloud when vpn errors
|
data/kubes_google.gemspec
CHANGED
|
@@ -24,6 +24,7 @@ Gem::Specification.new do |spec|
|
|
|
24
24
|
|
|
25
25
|
spec.add_dependency "activesupport"
|
|
26
26
|
spec.add_dependency "google-cloud-container"
|
|
27
|
+
spec.add_dependency "google-cloud-resource_manager"
|
|
27
28
|
spec.add_dependency "google-cloud-secret_manager"
|
|
28
29
|
spec.add_dependency "memoist"
|
|
29
30
|
spec.add_dependency "zeitwerk"
|
|
@@ -16,32 +16,28 @@ class KubesGoogle::Secrets::Fetcher
|
|
|
16
16
|
logger.info "WARN: secret #{name} not found".color(:yellow)
|
|
17
17
|
logger.info e.message
|
|
18
18
|
"NOT FOUND #{name}" # simple string so Kubernetes YAML is valid
|
|
19
|
-
end
|
|
20
|
-
|
|
21
|
-
# TODO: Get the project from the list project api instead. Unsure where the docs are for this.
|
|
22
|
-
# If someone knows, let me know.
|
|
23
|
-
# Right now grabbing the first secret to then be able to get the google project number
|
|
24
|
-
@@project_number = nil
|
|
25
|
-
def project_number
|
|
26
|
-
return @@project_number if @@project_number
|
|
27
|
-
|
|
28
|
-
parent = "projects/#{@project_id}"
|
|
29
|
-
resp = secret_manager_service.list_secrets(parent: parent) # note: page_size doesnt seem to get respected
|
|
30
|
-
name = resp.first.name # IE: projects/686010496118/secrets/demo-dev-db_host
|
|
31
|
-
@@project_number = name.split('/')[1]
|
|
32
19
|
rescue Google::Cloud::UnavailableError => e
|
|
33
20
|
logger.error "ERROR: #{e.message}"
|
|
34
21
|
if e.message.include?("failed to connect")
|
|
35
22
|
logger.info <<~EOL
|
|
36
|
-
SSL Handshake failed. This error seems to happen with some VPN setups.
|
|
37
|
-
|
|
23
|
+
WARNING: SSL Handshake failed. This error seems to happen with some VPN setups.
|
|
24
|
+
You can turn off this warning by setting the gcloud fetcher instead.
|
|
25
|
+
To set up see:
|
|
38
26
|
|
|
39
27
|
https://kubes.guru/docs/helpers/google/secrets/#fetcher-strategy
|
|
40
28
|
EOL
|
|
41
|
-
|
|
29
|
+
raise KubesGoogle::VpnSslError
|
|
42
30
|
else
|
|
43
31
|
raise
|
|
44
32
|
end
|
|
45
33
|
end
|
|
34
|
+
|
|
35
|
+
private
|
|
36
|
+
@@project_number = nil
|
|
37
|
+
def project_number
|
|
38
|
+
return @@project_number if @@project_number
|
|
39
|
+
project = resource_manager.project(@project_id)
|
|
40
|
+
@@project_number = project.project_number
|
|
41
|
+
end
|
|
46
42
|
end
|
|
47
43
|
end
|
|
@@ -8,6 +8,10 @@ class KubesGoogle::Secrets
|
|
|
8
8
|
|
|
9
9
|
def fetch(short_name)
|
|
10
10
|
fetcher.fetch(short_name)
|
|
11
|
+
rescue KubesGoogle::VpnSslError
|
|
12
|
+
logger.info "Retry fetching secret with the gcloud strategy"
|
|
13
|
+
fetcher = Gcloud.new(@options)
|
|
14
|
+
fetcher.fetch(short_name)
|
|
11
15
|
end
|
|
12
16
|
|
|
13
17
|
def fetcher
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
require "google-cloud-resource_manager"
|
|
1
2
|
require "google-cloud-secret_manager"
|
|
2
3
|
require "google/cloud/container"
|
|
3
4
|
|
|
@@ -14,6 +15,11 @@ module KubesGoogle
|
|
|
14
15
|
Google::Cloud::SecretManager.secret_manager_service
|
|
15
16
|
end
|
|
16
17
|
memoize :secret_manager_service
|
|
18
|
+
|
|
19
|
+
def resource_manager
|
|
20
|
+
Google::Cloud.new.resource_manager
|
|
21
|
+
end
|
|
22
|
+
memoize :resource_manager
|
|
17
23
|
end
|
|
18
24
|
end
|
|
19
25
|
|
data/lib/kubes_google/version.rb
CHANGED
data/lib/kubes_google.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: kubes_google
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tung Nguyen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-02-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -38,6 +38,20 @@ dependencies:
|
|
|
38
38
|
- - ">="
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
40
|
version: '0'
|
|
41
|
+
- !ruby/object:Gem::Dependency
|
|
42
|
+
name: google-cloud-resource_manager
|
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
|
44
|
+
requirements:
|
|
45
|
+
- - ">="
|
|
46
|
+
- !ruby/object:Gem::Version
|
|
47
|
+
version: '0'
|
|
48
|
+
type: :runtime
|
|
49
|
+
prerelease: false
|
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
51
|
+
requirements:
|
|
52
|
+
- - ">="
|
|
53
|
+
- !ruby/object:Gem::Version
|
|
54
|
+
version: '0'
|
|
41
55
|
- !ruby/object:Gem::Dependency
|
|
42
56
|
name: google-cloud-secret_manager
|
|
43
57
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -146,7 +160,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
146
160
|
- !ruby/object:Gem::Version
|
|
147
161
|
version: '0'
|
|
148
162
|
requirements: []
|
|
149
|
-
rubygems_version: 3.
|
|
163
|
+
rubygems_version: 3.2.32
|
|
150
164
|
signing_key:
|
|
151
165
|
specification_version: 4
|
|
152
166
|
summary: Kubes Google Helpers Library
|