Skip to content

fix: allow unsetting storage secrets #415

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Oct 7, 2024
Merged

fix: allow unsetting storage secrets #415

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
6e024b7
fix: allow unsetting storage secrets
Panaetius Sep 19, 2024
4d2e1ed
Merge branch 'main' into fix/376-unset-cloud-credentials
Panaetius Oct 7, 2024
469238d
fix typing
Panaetius Oct 7, 2024
e8e4a72
Merge branch 'main' into fix/376-unset-cloud-credentials
Panaetius Oct 7, 2024
9818304
address comments
Panaetius Oct 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion components/renku_data_services/storage/api.spec.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -515,7 +515,9 @@ components:
minLength: 1
maxLength: 99
value:
$ref: "#/components/schemas/SecretValue"
oneOf:
- $ref: "#/components/schemas/SecretValue"
- type: 'null'
required:
- name
- value
Expand Down
18 changes: 11 additions & 7 deletions components/renku_data_services/storage/apispec.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# generated by datamodel-codegen:
# filename: api.spec.yaml
# timestamp: 2024-08-13T13:29:46+00:00
# timestamp: 2024-09-19T13:28:18+00:00

from __future__ import annotations

Expand All @@ -11,6 +11,15 @@
from renku_data_services.storage.apispec_base import BaseAPISpec


class SecretValue(RootModel[str]):
root: str = Field(
...,
description="Secret value that can be any text",
max_length=5000,
min_length=1,
)


class Example(BaseAPISpec):
value: Optional[str] = Field(
None, description="a potential value for the option (think enum)"
Expand Down Expand Up @@ -242,12 +251,7 @@ class CloudStorageSecretPost(BaseAPISpec):
max_length=99,
min_length=1,
)
value: str = Field(
...,
description="Secret value that can be any text",
max_length=5000,
min_length=1,
)
value: Optional[SecretValue] = None


class CloudStorageSecretPostList(RootModel[List[CloudStorageSecretPost]]):
Expand Down
10 changes: 10 additions & 0 deletions components/renku_data_services/storage/db.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -188,6 +188,16 @@ async def upsert_storage_secrets(
stored_secrets = []

for name, value in secret_names_values.items():
if value is None:
# delete the secret
storage_secret_orm = existing_secrets.get(name)
if storage_secret_orm is None:
continue
await session.delete(storage_secret_orm)
await session.delete(storage_secret_orm.secret)
del existing_secrets[name]
continue

encrypted_value, encrypted_key = await encrypt_user_secret(
user_repo=self.user_repo,
requested_by=user,
Expand Down
2 changes: 1 addition & 1 deletion components/renku_data_services/storage/models.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -252,4 +252,4 @@ class CloudStorageSecretUpsert(BaseModel):
"""Insert/update storage secret data."""

name: str = Field()
value: str = Field()
value: str | None = Field()