Add extra type info where SecretType is used

This commit is contained in:
aram price 2020-12-17 15:43:20 -08:00
parent 50964c6677
commit 587cced768
4 changed files with 11 additions and 9 deletions

View File

@ -27,11 +27,11 @@ type SecretHelper interface {
} }
const ( const (
// SupervisorCSRFSigningKeySecretType is corev1.Secret.Type for the Supervisor's CSRF signing key Secret. // SupervisorCSRFSigningKeySecretType for the Secret storing the CSRF signing key.
SupervisorCSRFSigningKeySecretType = "secrets.pinniped.dev/supervisor-csrf-signing-key" SupervisorCSRFSigningKeySecretType corev1.SecretType = "secrets.pinniped.dev/supervisor-csrf-signing-key"
// symmetricSecretType is corev1.Secret.Type of all corev1.Secret's generated by this helper. // symmetricSecretType for all corev1.Secret's generated by this helper.
symmetricSecretType = "secrets.pinniped.dev/symmetric" symmetricSecretType corev1.SecretType = "secrets.pinniped.dev/symmetric"
// symmetricSecretDataKey is the corev1.Secret.Data key for the symmetric key value generated by this helper. // symmetricSecretDataKey is the corev1.Secret.Data key for the symmetric key value generated by this helper.
symmetricSecretDataKey = "key" symmetricSecretDataKey = "key"

View File

@ -41,7 +41,7 @@ const (
// Note! The value for this key will contain only public key material! // Note! The value for this key will contain only public key material!
jwksKey = "jwks" jwksKey = "jwks"
jwksSecretTypeValue = "secrets.pinniped.dev/federation-domain-jwks" jwksSecretTypeValue corev1.SecretType = "secrets.pinniped.dev/federation-domain-jwks"
) )
const ( const (

View File

@ -18,6 +18,7 @@ import (
"github.com/coreos/go-oidc" "github.com/coreos/go-oidc"
"github.com/go-logr/logr" "github.com/go-logr/logr"
"golang.org/x/oauth2" "golang.org/x/oauth2"
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/equality" "k8s.io/apimachinery/pkg/api/equality"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/labels"
@ -39,9 +40,10 @@ const (
controllerName = "upstream-observer" controllerName = "upstream-observer"
// Constants related to the client credentials Secret. // Constants related to the client credentials Secret.
oidcClientSecretType = "secrets.pinniped.dev/oidc-client" oidcClientSecretType corev1.SecretType = "secrets.pinniped.dev/oidc-client"
clientIDDataKey = "clientID"
clientSecretDataKey = "clientSecret" clientIDDataKey = "clientID"
clientSecretDataKey = "clientSecret"
// Constants related to the OIDC provider discovery cache. These do not affect the cache of JWKS. // Constants related to the OIDC provider discovery cache. These do not affect the cache of JWKS.
validatorCacheTTL = 15 * time.Minute validatorCacheTTL = 15 * time.Minute

View File

@ -130,7 +130,7 @@ func ensureValidJWKS(t *testing.T, secret *corev1.Secret) {
t.Helper() t.Helper()
// Ensure the secret has the right type. // Ensure the secret has the right type.
require.Equal(t, "secrets.pinniped.dev/federation-domain-jwks", secret.Type) require.Equal(t, corev1.SecretType("secrets.pinniped.dev/federation-domain-jwks"), secret.Type)
// Ensure the secret has an active key. // Ensure the secret has an active key.
jwkData, ok := secret.Data["activeJWK"] jwkData, ok := secret.Data["activeJWK"]