Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow git remote repository file #50

Closed
jBouyoud opened this issue Oct 23, 2020 · 6 comments
Closed

Allow git remote repository file #50

jBouyoud opened this issue Oct 23, 2020 · 6 comments

Comments

@jBouyoud
Copy link
Contributor

Hello,

This is about a new feature :

Allow to gain secrets file from remote location (in this case from git repository)

This issue should be about how to implement it.
I'll see the following options:

Not here

This is not the purpose of this plugin. Let's create a specific one, or your specific driver....

Pros

  • No new code here

Cons

  • helm command growth more and more ;-)
  • this is not very huge logic

Add a new kind of driver to be able to retrieve file from a location

Introduce a new kind of driver. Interface could be something like is_supported $1 ; get_content $1

Pros

  • Extensible
  • Retrieve logic is well sperated, is it growth is could be easilly moved in another plugin

Cons

  • Introduce a second kind of driver (global complexity)

As a new driver

Build a new sops_git driver

Pros

  • Isolated

Cons

  • Need to change the actual driver interface, need to add a driver_is_supported_file , and replace all [ -f ... ]
  • Specific (get a remote file and then decrypt with sops, or with vault)

I'll be glad to create a PR on that subject, please let me know.

@jkroepke
Copy link
Owner

jkroepke commented Oct 25, 2020

Looking at the helm documentation, helm supports multiple method to get an value file

  • Filesystem
  • HTTP
  • 3rd Party Plugin

helm-secret should also support that to be consistent with helm.

I don't know howto get files through helm via 3rd party plugin outside helm, but http could be done nativly.

Getting remote files other the 3 method provided by helm are out of scope.

Most of the git repositories are accessable via http rest api, if you are using some UI for git projects.

I close this now, since I understand this issue is talking about get value files via git command.

@jkroepke
Copy link
Owner

jkroepke commented Oct 27, 2020

@jBouyoud combined with https://github.com/aslafy-z/helm-git this could your solution then.

@jBouyoud
Copy link
Contributor Author

I don't catch that in the doc.
I'll check that.
Thanks

@jkroepke
Copy link
Owner

jkroepke commented Oct 29, 2020

I don't catch that in the doc.

Yes, It's not documented. I add this functionality in helm-secrets, too.

See: #52

@jkroepke
Copy link
Owner

jkroepke commented Nov 1, 2020

See it here in action now:

FILE="git+https://github.com/jkroepke/helm-secrets@tests/assets/values/${HELM_SECRETS_DRIVER}/secrets.yaml?ref=master"

@jBouyoud
Copy link
Contributor Author

jBouyoud commented Nov 2, 2020

Very nice 💪 , thanks you

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants