refactor(jans-pycloudlib): remove legacy compression support for external secrets#14432
refactor(jans-pycloudlib): remove legacy compression support for external secrets#14432iromli wants to merge 5 commits into
Conversation
…rnal secrets Signed-off-by: iromli <isman.firmansyah@gmail.com>
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
📝 WalkthroughWalkthroughThe pull request removes the Google Secret Manager passphrase from schema, Docker defaults, documentation, and examples. It also drops legacy compression and decryption handling from AWS and Google secret helpers and returns assembled JSON directly. ChangesSecret configuration cleanup
Secret payload refactor
Estimated code review effort🎯 4 (Complex) | ⏱️ ~45 minutes 🚥 Pre-merge checks | ✅ 3 | ❌ 2❌ Failed checks (2 warnings)
✅ Passed checks (3 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Signed-off-by: iromli <isman.firmansyah@gmail.com>
Signed-off-by: iromli <isman.firmansyah@gmail.com>
There was a problem hiding this comment.
Actionable comments posted: 1
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
docker-jans-cloudtools/README.md (1)
23-23: 🎯 Functional Correctness | 🟡 Minor | ⚡ Quick winFix corrupted default value for
CN_CONFIG_CONSUL_PORT.Line 23 shows
85appVersion: "1.13.0"where the port default should be8500. The corrupted string appears to be a merge or template artifact.📝 Proposed fix
- - `CN_CONFIG_CONSUL_PORT`: port of Consul (default to `85appVersion: "1.13.0"`). + - `CN_CONFIG_CONSUL_PORT`: port of Consul (default to `8500`).🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@docker-jans-cloudtools/README.md` at line 23, Fix the corrupted default for CN_CONFIG_CONSUL_PORT in the README so it shows the intended Consul port value instead of the merged artifact text. Update the documentation entry for CN_CONFIG_CONSUL_PORT in the README content to use the correct default of 8500, and remove the stray appVersion text so the config description is clean and consistent.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@docker-jans-cloudtools/README.md`:
- Around line 49-57: Remove the duplicate Google Secret Manager environment
variable documentation in the README and keep the more accurate
`CN_GOOGLE_SECRET_VERSION_ID` and `CN_GOOGLE_SECRET_NAME_PREFIX` entries that
match `google_secret.py`; update the env var list so each variable appears only
once, with the Janssen-specific wording and `jans-secret` note preserved, and
delete the earlier duplicate descriptions to avoid conflicting guidance.
---
Outside diff comments:
In `@docker-jans-cloudtools/README.md`:
- Line 23: Fix the corrupted default for CN_CONFIG_CONSUL_PORT in the README so
it shows the intended Consul port value instead of the merged artifact text.
Update the documentation entry for CN_CONFIG_CONSUL_PORT in the README content
to use the correct default of 8500, and remove the stray appVersion text so the
config description is clean and consistent.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: 317e152f-215d-4034-bf6f-aa1acb0cb76d
📒 Files selected for processing (22)
charts/janssen/values.schema.jsondocker-jans-auth-server/Dockerfiledocker-jans-auth-server/README.mddocker-jans-casa/Dockerfiledocker-jans-casa/README.mddocker-jans-cloudtools/Dockerfiledocker-jans-cloudtools/README.mddocker-jans-config-api/Dockerfiledocker-jans-config-api/README.mddocker-jans-configurator/Dockerfiledocker-jans-configurator/README.mddocker-jans-fido2/Dockerfiledocker-jans-fido2/README.mddocker-jans-link/Dockerfiledocker-jans-link/README.mddocker-jans-persistence-loader/Dockerfiledocker-jans-persistence-loader/README.mddocker-jans-scim/Dockerfiledocker-jans-scim/README.mddocs/janssen-server/kubernetes-ops/external-secrets-configmaps.mdjans-pycloudlib/jans/pycloudlib/secret/aws_secret.pyjans-pycloudlib/jans/pycloudlib/secret/google_secret.py
💤 Files with no reviewable changes (19)
- docker-jans-link/Dockerfile
- docker-jans-configurator/README.md
- docker-jans-link/README.md
- docker-jans-scim/README.md
- docker-jans-auth-server/README.md
- docker-jans-configurator/Dockerfile
- docker-jans-fido2/README.md
- docker-jans-config-api/Dockerfile
- charts/janssen/values.schema.json
- docker-jans-cloudtools/Dockerfile
- docker-jans-fido2/Dockerfile
- docker-jans-persistence-loader/README.md
- docker-jans-config-api/README.md
- docker-jans-scim/Dockerfile
- docker-jans-casa/README.md
- docker-jans-auth-server/Dockerfile
- docker-jans-casa/Dockerfile
- docker-jans-persistence-loader/Dockerfile
- docs/janssen-server/kubernetes-ops/external-secrets-configmaps.md
Signed-off-by: iromli <isman.firmansyah@gmail.com>
Signed-off-by: iromli <isman.firmansyah@gmail.com>
|



Prepare
Description
Remove deprecated secrets/configmaps compression for Google and AWS secrets manager. The last supported version is v1.0.11.
Target issue
closes #14391
Implementation Details
Test and Document the changes
Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with
docs:to indicate documentation changes or if the below checklist is not selected.Summary by CodeRabbit
CN_GOOGLE_SECRET_MANAGER_PASSPHRASEfrom container defaults and environment-variable documentation across supported images, Helm values, and the Kubernetes External Secrets example.CN_GOOGLE_SECRET_VERSION_ID/CN_GOOGLE_SECRET_NAME_PREFIXsettings.