kubes_google 0.3.5 → 0.3.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/kubes_google.gemspec +1 -0
- data/lib/kubes_google/secrets/fetcher/sdk.rb +12 -16
- data/lib/kubes_google/secrets/fetcher.rb +4 -0
- data/lib/kubes_google/service_account.rb +1 -0
- data/lib/kubes_google/services.rb +6 -0
- data/lib/kubes_google/version.rb +1 -1
- data/lib/kubes_google.rb +1 -0
- metadata +17 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '088f3403efb08082a1aafe32aa0790dd3f3066c2fa49097963d952150171ec03'
|
|
4
|
+
data.tar.gz: 6865c3cbf32056aea2615ae9022c1763ec8449dea2fc5242f3ddb01750bb2cd2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a760e087e9cd8eb9636fd1540aa020e2ed74da3038aeec039e562e83123dd70a9bfec6fc594b31fb1e1911d1664553398cd051548949b4c55f9eff7bcf844956
|
|
7
|
+
data.tar.gz: fc8d14d3cdbc386ebc53d815e8e854affa8bfe1eef97c6e578aa6a519704901131e4f9e5be8734a18b512cebd00df36c12ab665f7ff63bc769613911803dd922
|
data/CHANGELOG.md
CHANGED
|
@@ -3,6 +3,11 @@
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
This project *loosely tries* to adhere to [Semantic Versioning](http://semver.org/), even before v1.0.
|
|
5
5
|
|
|
6
|
+
## [0.3.6] - 2022-02-04
|
|
7
|
+
- [#7](https://github.com/boltops-tools/kubes_google/pull/7) Secret auto retry with gcloud strategy
|
|
8
|
+
- [#8](https://github.com/boltops-tools/kubes_google/pull/8) add condition none
|
|
9
|
+
- get google project number via api
|
|
10
|
+
|
|
6
11
|
## [0.3.5] - 2020-11-12
|
|
7
12
|
- add KubesGoogle.cloudbuild? check
|
|
8
13
|
- fetcher sdk friendly suggestion to use gcloud when vpn errors
|
data/kubes_google.gemspec
CHANGED
|
@@ -24,6 +24,7 @@ Gem::Specification.new do |spec|
|
|
|
24
24
|
|
|
25
25
|
spec.add_dependency "activesupport"
|
|
26
26
|
spec.add_dependency "google-cloud-container"
|
|
27
|
+
spec.add_dependency "google-cloud-resource_manager"
|
|
27
28
|
spec.add_dependency "google-cloud-secret_manager"
|
|
28
29
|
spec.add_dependency "memoist"
|
|
29
30
|
spec.add_dependency "zeitwerk"
|
|
@@ -16,32 +16,28 @@ class KubesGoogle::Secrets::Fetcher
|
|
|
16
16
|
logger.info "WARN: secret #{name} not found".color(:yellow)
|
|
17
17
|
logger.info e.message
|
|
18
18
|
"NOT FOUND #{name}" # simple string so Kubernetes YAML is valid
|
|
19
|
-
end
|
|
20
|
-
|
|
21
|
-
# TODO: Get the project from the list project api instead. Unsure where the docs are for this.
|
|
22
|
-
# If someone knows, let me know.
|
|
23
|
-
# Right now grabbing the first secret to then be able to get the google project number
|
|
24
|
-
@@project_number = nil
|
|
25
|
-
def project_number
|
|
26
|
-
return @@project_number if @@project_number
|
|
27
|
-
|
|
28
|
-
parent = "projects/#{@project_id}"
|
|
29
|
-
resp = secret_manager_service.list_secrets(parent: parent) # note: page_size doesnt seem to get respected
|
|
30
|
-
name = resp.first.name # IE: projects/686010496118/secrets/demo-dev-db_host
|
|
31
|
-
@@project_number = name.split('/')[1]
|
|
32
19
|
rescue Google::Cloud::UnavailableError => e
|
|
33
20
|
logger.error "ERROR: #{e.message}"
|
|
34
21
|
if e.message.include?("failed to connect")
|
|
35
22
|
logger.info <<~EOL
|
|
36
|
-
SSL Handshake failed. This error seems to happen with some VPN setups.
|
|
37
|
-
|
|
23
|
+
WARNING: SSL Handshake failed. This error seems to happen with some VPN setups.
|
|
24
|
+
You can turn off this warning by setting the gcloud fetcher instead.
|
|
25
|
+
To set up see:
|
|
38
26
|
|
|
39
27
|
https://kubes.guru/docs/helpers/google/secrets/#fetcher-strategy
|
|
40
28
|
EOL
|
|
41
|
-
|
|
29
|
+
raise KubesGoogle::VpnSslError
|
|
42
30
|
else
|
|
43
31
|
raise
|
|
44
32
|
end
|
|
45
33
|
end
|
|
34
|
+
|
|
35
|
+
private
|
|
36
|
+
@@project_number = nil
|
|
37
|
+
def project_number
|
|
38
|
+
return @@project_number if @@project_number
|
|
39
|
+
project = resource_manager.project(@project_id)
|
|
40
|
+
@@project_number = project.project_number
|
|
41
|
+
end
|
|
46
42
|
end
|
|
47
43
|
end
|
|
@@ -8,6 +8,10 @@ class KubesGoogle::Secrets
|
|
|
8
8
|
|
|
9
9
|
def fetch(short_name)
|
|
10
10
|
fetcher.fetch(short_name)
|
|
11
|
+
rescue KubesGoogle::VpnSslError
|
|
12
|
+
logger.info "Retry fetching secret with the gcloud strategy"
|
|
13
|
+
fetcher = Gcloud.new(@options)
|
|
14
|
+
fetcher.fetch(short_name)
|
|
11
15
|
end
|
|
12
16
|
|
|
13
17
|
def fetcher
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
require "google-cloud-resource_manager"
|
|
1
2
|
require "google-cloud-secret_manager"
|
|
2
3
|
require "google/cloud/container"
|
|
3
4
|
|
|
@@ -14,6 +15,11 @@ module KubesGoogle
|
|
|
14
15
|
Google::Cloud::SecretManager.secret_manager_service
|
|
15
16
|
end
|
|
16
17
|
memoize :secret_manager_service
|
|
18
|
+
|
|
19
|
+
def resource_manager
|
|
20
|
+
Google::Cloud.new.resource_manager
|
|
21
|
+
end
|
|
22
|
+
memoize :resource_manager
|
|
17
23
|
end
|
|
18
24
|
end
|
|
19
25
|
|
data/lib/kubes_google/version.rb
CHANGED
data/lib/kubes_google.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: kubes_google
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tung Nguyen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-02-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -38,6 +38,20 @@ dependencies:
|
|
|
38
38
|
- - ">="
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
40
|
version: '0'
|
|
41
|
+
- !ruby/object:Gem::Dependency
|
|
42
|
+
name: google-cloud-resource_manager
|
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
|
44
|
+
requirements:
|
|
45
|
+
- - ">="
|
|
46
|
+
- !ruby/object:Gem::Version
|
|
47
|
+
version: '0'
|
|
48
|
+
type: :runtime
|
|
49
|
+
prerelease: false
|
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
51
|
+
requirements:
|
|
52
|
+
- - ">="
|
|
53
|
+
- !ruby/object:Gem::Version
|
|
54
|
+
version: '0'
|
|
41
55
|
- !ruby/object:Gem::Dependency
|
|
42
56
|
name: google-cloud-secret_manager
|
|
43
57
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -146,7 +160,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
146
160
|
- !ruby/object:Gem::Version
|
|
147
161
|
version: '0'
|
|
148
162
|
requirements: []
|
|
149
|
-
rubygems_version: 3.
|
|
163
|
+
rubygems_version: 3.2.32
|
|
150
164
|
signing_key:
|
|
151
165
|
specification_version: 4
|
|
152
166
|
summary: Kubes Google Helpers Library
|