def add_secrets(self, secrets_dict, overwrite=False): """Add a new secret to the user's Kubernetes secret. :param secrets: Dictionary containing new secrets, where keys are secret names and corresponding values are dictionaries containing base64 encoded value and a type (which determines how the secret should be mounted). :returns: Updated user secret list. """ try: k8s_user_secrets = self._get_k8s_user_secrets_store() for secret_name in secrets_dict: if k8s_user_secrets.data.get(secret_name) and not overwrite: raise REANASecretAlreadyExists( "Operation cancelled. Secret {} already exists. " "If you want change it use overwrite".format( secret_name)) secrets_types = self._load_json_annotation_from_k8s_object( k8s_user_secrets, "secrets_types") secrets_types[secret_name] = secrets_dict[secret_name]["type"] self._dump_json_annotation_to_k8s_object( k8s_user_secrets, "secrets_types", secrets_types) k8s_user_secrets.data[secret_name] = secrets_dict[secret_name][ "value"] self._update_store(k8s_user_secrets) return k8s_user_secrets.data.keys() except ApiException: log.error( "Something went wrong while adding secrets to " "Kubernetes secret for user {0}.".format( str(self.user_secret_store_id)), exc_info=True, )
def add_secrets(secrets, overwrite, access_token): """Add new secrets. :param secrets: dictionary containing all the secrets to be sent. The dictionary with secret names for keys and for each key there is a dictionary with two fields: - 'value': a base64 encoded file or literal string - 'type': 'file' or 'env' :param overwrite: whether secrets should be overwritten when they already exist. :param access_token: access token of the current user. """ try: (response, http_response) = current_rs_api_client.api.add_secrets( secrets=secrets, access_token=access_token, overwrite=overwrite).result() if http_response.status_code == 201: return response else: raise Exception( "Expected status code 201 but replied with " "{status_code}".format( status_code=http_response.status_code)) except HTTPError as e: logging.debug( 'Secrets could not be added: ' '\nStatus: {}\nReason: {}\n' 'Message: {}'.format(e.response.status_code, e.response.reason, e.response.json()['message'])) if e.status_code == 409: raise REANASecretAlreadyExists() else: raise Exception(e.response.json()['message']) except Exception as e: raise e