[FEATURE] Added Secrets Manager for GCE #261
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
There was a problem hiding this comment.
Copilot reviewed 5 out of 10 changed files in this pull request and generated 2 comments.
Files not reviewed (5)
- datasource/secretsmanager/test-fixtures/template.pkr.hcl: Language not supported
- docs-partials/datasource/secretmanager/Config-not-required.mdx: Language not supported
- docs-partials/datasource/secretmanager/Config-required.mdx: Language not supported
- docs-partials/datasource/secretmanager/DatasourceOutput.mdx: Language not supported
- go.mod: Language not supported
| // The decoded values from this spec will then be applied to a FlatConfig. | ||
| func (*FlatConfig) HCL2Spec() map[string]hcldec.Spec { | ||
| s := map[string]hcldec.Spec{ | ||
| "project_id": &hcldec.AttrSpec{Name: "project_id", Type: cty.String, Required: false}, |
There was a problem hiding this comment.
The Config struct marks 'project_id' as required but the HCL2 spec sets it as not required. Consider setting Required to true in the spec to match the Config validation.
Suggested change
| "project_id": &hcldec.AttrSpec{Name: "project_id", Type: cty.String, Required: false}, | |
| "project_id": &hcldec.AttrSpec{Name: "project_id", Type: cty.String, Required: true}, |
| func (*FlatConfig) HCL2Spec() map[string]hcldec.Spec { | ||
| s := map[string]hcldec.Spec{ | ||
| "project_id": &hcldec.AttrSpec{Name: "project_id", Type: cty.String, Required: false}, | ||
| "name": &hcldec.AttrSpec{Name: "name", Type: cty.String, Required: false}, |
There was a problem hiding this comment.
Similarly, 'name' is required in the Config struct but not marked as such in the HCL2 spec. Aligning this by setting Required to true can improve configuration validation.
Suggested change
| "name": &hcldec.AttrSpec{Name: "name", Type: cty.String, Required: false}, | |
| "name": &hcldec.AttrSpec{Name: "name", Type: cty.String, Required: true}, |
tanmay-hc
force-pushed
the
gce-secret
branch
5 times, most recently
from
6440ead to
dbff7fc
Compare
kp2099
reviewed
Apr 15, 2025
kp2099
reviewed
Apr 17, 2025
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR adds support for fetching secrets from Google Cloud’s Secret Manager by introducing a new datasource.
- Registers the new "secretsmanager" datasource in main.go
- Implements secrets manager configuration, execution, and output logic in datasource/secretsmanager/data.go
- Adds both unit and acceptance tests to validate behavior for the new secrets manager feature
Reviewed Changes
Copilot reviewed 6 out of 11 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| main.go | Registers the new secretsmanager datasource |
| datasource/secretsmanager/data.go | Implements secrets manager datasource |
| datasource/secretsmanager/data_test.go | Adds unit tests for configuration errors |
| datasource/secretsmanager/data_acc_test.go | Adds acceptance tests for live GCP integration |
| datasource/secretsmanager/data.hcl2spec.go | Auto-generated HCL2 spec mapping for config |
Files not reviewed (5)
- datasource/secretsmanager/test-fixtures/template.pkr.hcl: Language not supported
- docs-partials/datasource/secretsmanager/Config-not-required.mdx: Language not supported
- docs-partials/datasource/secretsmanager/Config-required.mdx: Language not supported
- docs-partials/datasource/secretsmanager/DatasourceOutput.mdx: Language not supported
- go.mod: Language not supported
kp2099
reviewed
Apr 17, 2025
kp2099
approved these changes
Apr 21, 2025
anshulsharma-hashicorp
approved these changes
Apr 21, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds support for the secrets manager from google cloud.
This implementation is in continuation from the original PR #99
This change allows the user to fetch the secrets from their secret manager in GCP, with an option for specifying:
Closes #29