class KubesGoogle::Secrets::Fetcher::Sdk
Public Instance Methods
fetch(short_name, version="latest")
click to toggle source
# File lib/kubes_google/secrets/fetcher/sdk.rb, line 5 def fetch(short_name, version="latest") value = fetch_value(short_name, version) value = Base64.strict_encode64(value).strip if base64? value end
fetch_value(short_name, version="latest")
click to toggle source
# File lib/kubes_google/secrets/fetcher/sdk.rb, line 11 def fetch_value(short_name, version="latest") name = "projects/#{project_number}/secrets/#{short_name}/versions/#{version}" version = secret_manager_service.access_secret_version(name: name) version.payload.data rescue Google::Cloud::NotFoundError => e logger.info "WARN: secret #{name} not found".color(:yellow) logger.info e.message "NOT FOUND #{name}" # simple string so Kubernetes YAML is valid end
project_number()
click to toggle source
# File lib/kubes_google/secrets/fetcher/sdk.rb, line 25 def project_number return @@project_number if @@project_number parent = "projects/#{@project_id}" resp = secret_manager_service.list_secrets(parent: parent) # note: page_size doesnt seem to get respected name = resp.first.name # IE: projects/686010496118/secrets/demo-dev-db_host @@project_number = name.split('/')[1] rescue Google::Cloud::UnavailableError => e logger.error "ERROR: #{e.message}" if e.message.include?("failed to connect") logger.info <<~EOL SSL Handshake failed. This error seems to happen with some VPN setups. Please try the gcloud fetcher instead. To set up see: https://kubes.guru/docs/helpers/google/secrets/#fetcher-strategy EOL exit 1 else raise end end