secrets: address feedback from review

tronghn · tronghn · commit 2ef3098a909b · 2024-02-21T16:34:08.000+01:00
diff --git a/internal/graph/secrets.go b/internal/graph/secrets.go
@@ -7,7 +7,7 @@ import (
 	"github.com/nais/api/internal/graph/model"
 )
 
-func convertSecretDataToTuple(data map[string]string) []*model.Variable {
+func convertSecretDataToVariables(data map[string]string) []*model.Variable {
 	ret := make([]*model.Variable, 0, len(data))
 	for key, value := range data {
 		ret = append(ret, &model.Variable{
diff --git a/internal/graph/secrets.resolvers.go b/internal/graph/secrets.resolvers.go
diff --git a/internal/k8s/k8s.go b/internal/k8s/k8s.go
@@ -10,7 +10,6 @@ import (
 	"github.com/google/uuid"
 	"github.com/nais/api/internal/auth/authz"
 	"github.com/nais/api/internal/database"
-	"github.com/nais/api/internal/database/gensql"
 	"github.com/nais/api/internal/graph/model"
 	"github.com/nais/api/internal/search"
 	"github.com/nais/api/internal/slug"
@@ -117,16 +116,8 @@ func New(tenant string, cfg Config, db Database, log logrus.FieldLogger, opts ..
 				return nil, err
 			}
 
-			memberOfTeams := make([]*gensql.Team, 0)
-			// filter out other roles (such as global roles)
-			for _, team := range teams {
-				if team.RoleName == gensql.RoleNameTeammember || team.RoleName == gensql.RoleNameTeamowner {
-					memberOfTeams = append(memberOfTeams, team.Team)
-				}
-			}
-
 			groups := make([]string, 0)
-			for _, team := range memberOfTeams {
+			for _, team := range teams {
 				if team.GoogleGroupEmail != nil {
 					groups = append(groups, *team.GoogleGroupEmail)
 				}
diff --git a/internal/k8s/secrets.go b/internal/k8s/secrets.go
@@ -236,14 +236,19 @@ func (c *Client) DeleteSecret(ctx context.Context, name string, team slug.Slug,
 }
 
 func secretIsManagedByConsole(secret corev1.Secret) bool {
-	secretLabel, ok := secret.GetLabels()[secretLabelManagedByKey]
+	labels := secret.GetLabels()
+	if labels == nil {
+		labels = make(map[string]string)
+	}
+
+	secretLabel, ok := labels[secretLabelManagedByKey]
 	hasConsoleLabel := ok && secretLabel == secretLabelManagedByVal
 
 	isOpaque := secret.Type == corev1.SecretTypeOpaque || secret.Type == "kubernetes.io/Opaque"
 	hasOwnerReferences := len(secret.GetOwnerReferences()) > 0
 	hasFinalizers := len(secret.GetFinalizers()) > 0
 
-	typeLabel, ok := secret.GetLabels()["type"]
+	typeLabel, ok := labels["type"]
 	isJwker := ok && typeLabel == "jwker.nais.io"
 
 	return hasConsoleLabel && isOpaque && !hasOwnerReferences && !hasFinalizers && !isJwker
@@ -317,11 +322,11 @@ func makeSecretIdent(env, namespace, name string) scalar.Ident {
 	return scalar.SecretIdent("secret_" + env + "_" + namespace + "_" + name)
 }
 
-const envVarNameFmtErrMsg = "must consist of alphabetic characters, digits, '_', and must not start with a digit"
-
 var envVarNameRegexp = regexp.MustCompile("^[_a-zA-Z][_a-zA-Z0-9]*$")
 
 func validateSecretData(data []*model.VariableInput) error {
+	const envVarNameFmtErrMsg = "must consist of alphabetic characters, digits, '_', and must not start with a digit"
+
 	seen := make(map[string]bool)
 
 	for _, d := range data {

Original file line number	Diff line number	Diff line change
`@@ -7,7 +7,7 @@ import (`
`7`	`7`	`"github.com/nais/api/internal/graph/model"`
`8`	`8`	`)`
`9`	`9`
`10`		`-func convertSecretDataToTuple(data map[string]string) []*model.Variable {`
	`10`	`+func convertSecretDataToVariables(data map[string]string) []*model.Variable {`
`11`	`11`	`ret := make([]*model.Variable, 0, len(data))`
`12`	`12`	`for key, value := range data {`
`13`	`13`	`ret = append(ret, &model.Variable{`