Merge pull request #2068 from carolynvs/fix-context-hierarchy-during-…

…load

Fix context passed when resolving secrets in config file

pkg/config/config.go

@@ -310,7 +310,7 @@ func (c *Config) GetBuildDriver() string {
 // Load loads the configuration file, rendering any templating used in the config file
 // such as ${secret.NAME} or ${env.NAME}.
 // Pass nil for resolveSecret to skip resolving secrets.
-func (c *Config) Load(ctx context.Context, resolveSecret func(secretKey string) (string, error)) error {
+func (c *Config) Load(ctx context.Context, resolveSecret func(ctx context.Context, secretKey string) (string, error)) error {
 	ctx, log := tracing.StartSpan(ctx)
 	defer log.EndSpan()
 
@@ -345,7 +345,7 @@ func (c *Config) loadFirstPass(ctx context.Context) error {
 	return c.loadData(ctx, templateData)
 }
 
-func (c *Config) loadFinalPass(ctx context.Context, resolveSecret func(secretKey string) (string, error)) error {
+func (c *Config) loadFinalPass(ctx context.Context, resolveSecret func(ctx context.Context, secretKey string) (string, error)) error {
 	ctx, log := tracing.StartSpan(ctx)
 	defer log.EndSpan()
 
@@ -366,9 +366,9 @@ func (c *Config) loadFinalPass(ctx context.Context, resolveSecret func(secretKey
 
 			secretKey := variable[len(secretPrefix):]
 
-			_, childLog := log.StartSpanWithName("resolveSecret", attribute.String("porter.config.secret.key", secretKey))
+			ctx, childLog := log.StartSpanWithName("resolveSecret", attribute.String("porter.config.secret.key", secretKey))
 			defer childLog.EndSpan()
-			secretValue, err := resolveSecret(secretKey)
+			secretValue, err := resolveSecret(ctx, secretKey)
 			if err != nil {
 				return childLog.Error(errors.Wrapf(err, "could not render config file because ${secret.%s} could not be resolved", secretKey))
 			}

pkg/config/loader_test.go

@@ -39,7 +39,7 @@ func TestData_Marshal(t *testing.T) {
 	c.TestContext.AddTestFile("testdata/config.toml", "/home/myuser/.porter/config.toml")
 
 	c.DataLoader = LoadFromEnvironment()
-	resolveTestSecrets := func(secretKey string) (string, error) {
+	resolveTestSecrets := func(ctx context.Context, secretKey string) (string, error) {
 		return "topsecret-connectionstring", nil
 	}
 	err := c.Load(context.Background(), resolveTestSecrets)

pkg/porter/porter.go

@@ -84,8 +84,8 @@ func NewFor(c *config.Config, store storage.Store, secretStorage secrets.Store)
 // It is the responsibility of the caller to also call Close when done with Porter.
 func (p *Porter) Connect(ctx context.Context) error {
 	// Load the config file and replace any referenced secrets
-	return p.Config.Load(ctx, func(secret string) (string, error) {
-		value, err := p.Secrets.Resolve(ctx, "secret", secret)
+	return p.Config.Load(ctx, func(innerCtx context.Context, secret string) (string, error) {
+		value, err := p.Secrets.Resolve(innerCtx, "secret", secret)
 		if err != nil {
 			if strings.Contains(err.Error(), "invalid value source: secret") {
 				return "", errors.New("No secret store account is configured")