diff options
| author | xuzhang3 <Zhangxu894765> | 2022-10-21 14:15:58 +0800 |
|---|---|---|
| committer | xuzhang3 <Zhangxu894765> | 2022-10-21 14:15:58 +0800 |
| commit | fbfc9e9248246bb6b4d0835f4cf84a807043968a (patch) | |
| tree | 828bc4e5f1fb0ee7218c87d81d690f137a6d7af3 | |
| parent | af8a17a0331a65eefb318c29e41cd78eaf6e0dbc (diff) | |
custom KV search depth
| -rw-r--r-- | azuredevops/internal/service/taskagent/resource_variable_group.go | 22 |
1 files changed, 15 insertions, 7 deletions
diff --git a/azuredevops/internal/service/taskagent/resource_variable_group.go b/azuredevops/internal/service/taskagent/resource_variable_group.go index d523cb1d..77317e14 100644 --- a/azuredevops/internal/service/taskagent/resource_variable_group.go +++ b/azuredevops/internal/service/taskagent/resource_variable_group.go @@ -153,6 +153,11 @@ func ResourceVariableGroup() *schema.Resource { Required: true, ValidateFunc: validation.IsUUID, }, + "search_depth": { + Type: schema.TypeInt, + Optional: true, + Default: 20, + }, }, }, }, @@ -369,6 +374,7 @@ func expandVariableGroupParameters(clients *client.AggregatedClient, d *schema.R kvConfigures := keyVault[0].(map[string]interface{}) kvName := kvConfigures[vgName].(string) serviceEndpointID := kvConfigures[vgServiceEndpointID].(string) + depth := kvConfigures["search_depth"].(int) serviceEndpointUUID, err := uuid.Parse(serviceEndpointID) if err != nil { @@ -381,7 +387,7 @@ func expandVariableGroupParameters(clients *client.AggregatedClient, d *schema.R } variableGroup.Type = converter.String(azureKeyVaultType) - kvVariables, invalidVariables, err := searchAzureKVSecrets(clients, *projectID, kvName, serviceEndpointID, variables) + kvVariables, invalidVariables, err := searchAzureKVSecrets(clients, *projectID, kvName, serviceEndpointID, variables, depth) if err != nil { return nil, nil, err } @@ -523,6 +529,12 @@ func flattenKeyVault(d *schema.ResourceData, variableGroup *v5taskagent.Variable vgServiceEndpointID: providerData.ServiceEndpointId.String(), }} + keyVaultRaw := d.Get("key_vault").([]interface{}) + if len(keyVault) == 1 { + kvConfigures := keyVaultRaw[0].(map[string]interface{}) + keyVault[0]["search_depth"] = kvConfigures["search_depth"].(int) + } + return keyVault, nil } @@ -596,11 +608,7 @@ func flattenAllowAccess(d *schema.ResourceData, definitionResource *[]build.Defi d.Set(vgAllowAccess, allowAccess) } -func searchAzureKVSecrets(clients *client.AggregatedClient, projectID, kvName, serviceEndpointID string, variables []interface{}) (kvSecrets map[string]interface{}, invalidSecrets []string, error error) { - // in case for too many secrets in the KV(For example: 10000+ secrets), limit the iteration to 20 times, secrets more - // than this will not be fetched - // TODO custom ENV configuration for iteration times - +func searchAzureKVSecrets(clients *client.AggregatedClient, projectID, kvName, serviceEndpointID string, variables []interface{}, depth int) (kvSecrets map[string]interface{}, invalidSecrets []string, error error) { var token, loop, azkvSecretsRaw = "", 0, &KeyVaultSecretResult{} kvSecrets = make(map[string]interface{}) invalidSecrets = make([]string, 0) @@ -645,7 +653,7 @@ func searchAzureKVSecrets(clients *client.AggregatedClient, projectID, kvName, s } // stop search - if token == "" || loop == 20 || len(secretNames) == 0 { + if token == "" || loop == depth || len(secretNames) == 0 { for k := range secretNames { invalidSecrets = append(invalidSecrets, k) } |