Documentation to for dataFrom -> transform actions in 0.18.2 #4995
Description
Describe the bug
Unable to find documentation to convert dataFrom transform actions in 0.18.2 to the correct replacement for this.
Existing process would uppercase secret names as key names, and convert - to _, but this transform does not happen in 0.18.2
To Reproduce
- Create GCP SecretManagerSecret named dev-my-thing with tags
devandmyappin cluser running External Secrets Operator 0.17.0 - Create an ExternalSecret using ExternalSecretOperator 0.17.0 as follows
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: dev-my-app-multi-es
namespace: myns
spec:
refreshInterval: 300s
secretStoreRef:
name: external-secrets-store
kind: ClusterSecretStore
target:
name: dev-my-app-secret
dataFrom:
- find:
tags:
env: dev
component: myapp
rewrite:
- regexp:
source: ^dev-(.*)
target: "$1"
transform:
template: '{{ .value | upper | replace "-" "_" }}'
- Get secret and observe that keys in k8s secrets are all uppercase with - replaced by _, with
dev-removed - Upgrade to 0.18.2
- Observe that keys in k8s secrets still have
dev-removed but are now in lowercase with-present
Expected behavior
With the above config, I expect a SecretManagerSecret named dev-my-thing to result in a key named MY_THING in my kubernetes secret
Additional context
I've checked https://external-secrets.io/latest/guides/templating/ and https://external-secrets.io/latest/guides/datafrom-rewrite/ and I don't see transform examples there. I do see an example for replacing invalid characters, but this doesn't include an upper helper.
The templating examples at https://external-secrets.io/v0.18.2/guides/templating/ seem to require that I know the names of all of the keys that will be in the secret, but we use dataFrom to avoid having to enumerate all of the SecretManagerSecrets we wish to populate into the k8s secret.
There is nothing in the external-secrets pod logs that indicates why this transform is no longer taking place that I can see