Merge pull request #1734 from pkedy/local_secret_store_multivalued_1733

Mentioning multi-valued secret support for local file secret store
2021-08-25 14:34:34 -07:00 · 2021-08-25 14:34:34 -07:00 · cc2e1b96a8
parent e4048679b3 a66f923bc6
commit cc2e1b96a8
1 changed files with 49 additions and 4 deletions
--- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/file-secret-store.md
+++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/file-secret-store.md
@ -31,6 +31,8 @@ spec:
    value: [path to the JSON file]
  - name: nestedSeparator
    value: ":"
+  - name: multiValued
+    value: "false"
 ```

 ## Spec metadata fields
@ -38,11 +40,12 @@ spec:
 | Field              | Required | Details                                                                 | Example                  |
 |--------------------|:--------:|-------------------------------------------------------------------------|--------------------------|
 | secretsFile        | Y        | The path to the file where secrets are stored   | `"path/to/file.json"` |
-| nestedSeparator    | N        | Used by the store when flattening the JSON hierarchy to a map. Defaults to `":"` | `":"` |
+| nestedSeparator    | N        | Used by the store when flattening the JSON hierarchy to a map. Defaults to `":"` | `":"` 
+| multiValued        | N        | Allows one level of multi-valued key/value pairs before flattening JSON hierarchy. Defaults to `"false"` | `"true"` |

 ## Setup JSON file to hold the secrets

-Given the following json:
+Given the following JSON loaded from `secretsFile`:

 ```json
 {
@ -54,7 +57,7 @@ Given the following json:
 }
 ```

-The store will load the file and create a map with the following key value pairs:
+If `multiValued` is `"false"`, the store will load the file and create a map with the following key value pairs:

 | flattened key           | value                           |
 | ---                     | ---                             |
@ -62,7 +65,49 @@ The store will load the file and create a map with the following key value pairs
 |"connectionStrings:sql"  | "your sql connection string"    |
 |"connectionStrings:mysql"| "your mysql connection string"  |

-Use the flattened key (`connectionStrings:sql`) to access the secret.
+Use the flattened key (`connectionStrings:sql`) to access the secret. The following JSON map returned:
+
+```json
+{
+  "connectionStrings:sql": "your sql connection string"
+}
+```
+
+If `multiValued` is `"true"`, you would instead use the top level key. In this example, `connectionStrings` would return the following map:
+
+```json
+{
+  "sql": "your sql connection string",
+  "mysql": "your mysql connection string"
+}
+```
+
+Nested structures after the top level will be flattened. In this example, `connectionStrings` would return the following map:
+
+JSON from `secretsFile`:
+
+```json
+{
+    "redisPassword": "your redis password",
+    "connectionStrings": {
+        "mysql": {
+          "username": "your mysql username",
+          "password": "your mysql password"
+        }
+    }
+}
+```
+
+Response:
+
+```json
+{
+  "mysql:username": "your mysql username",
+  "mysql:password": "your mysql password"
+}
+```
+
+This is useful in order to mimic secret stores like Vault or Kubernetes that return multiple key/value pairs per secret key.

 ## Related links
 - [Secrets building block]({{< ref secrets >}})