Groovy web console

subscribe to the feed Subscribe
to this
site

bulkscanloadsecrets

Published 2 months ago by Nitin Prabhu
Actions  ➤ Edit in console Back to console Show/hide line numbers View recent scripts
Map mergeMaps(Map[] sources) {
  if (sources.length == 0) return [:]
  if (sources.length == 1) return sources[0]

  sources.inject([:]) { result, source ->
    source.each { k, v ->
      result[k] = result[k] instanceof Map ? merge(result[k], v) : v
    }
    result
  }
}

def apiTestSecrets = [
  'bulk-scan-${env}': [
    // Base64-encoded PKCS 12 key store, containing client's private key and certificate known to the API
    secret('test-valid-key-store', 'TEST_VALID_KEY_STORE'),
    secret('test-valid-key-store-password', 'TEST_VALID_KEY_STORE_PASSWORD'),

    // Base64-encoded PKCS 12 key store containing private key and certificate known to the API, but expired
    secret('test-expired-key-store', 'TEST_EXPIRED_KEY_STORE'),
    secret('test-expired-key-store-password', 'TEST_EXPIRED_KEY_STORE_PASSWORD'),

    // Base64-encoded PKCS12 key store containing private key and certificate known to the API, but not yet valid
    secret('test-not-yet-valid-key-store', 'TEST_NOT_YET_VALID_KEY_STORE'),
    secret('test-not-yet-valid-key-store-password', 'TEST_NOT_YET_VALID_KEY_STORE_PASSWORD'),

    secret('test-subscription-key', 'TEST_SUBSCRIPTION_KEY'),

    // Test private key used by third party supplier to sign zip files
    secret('test-private-key-der', 'TEST_PRIVATE_KEY_DER')
  ]
]

def commonSecrets = [
  'bulk-scan-${env}': [
    secret('storage-account-primary-key', 'TEST_STORAGE_ACCOUNT_KEY')
  ],
  's2s-${env}': [
    secret('microservicekey-bulk-scan-processor-tests', 'TEST_S2S_SECRET')
  ]
]

static LinkedHashMap<String, Object> secret(String secretName, String envVar) {
  [ $class: 'AzureKeyVaultSecret',
    secretType: 'Secret',
    name: secretName,
    version: '',
    envVariable: envVar
  ]
}

def newmap = mergeMaps(commonSecrets, apiTestSecrets)