Update from discussion comments

hpcc-systems · Nov 16, 2023 · 4d308d8 · 4d308d8
1 parent 61d637b
commit 4d308d8
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 39 deletions.
diff --git a/esp/esdllib/docs/getSecretKeyValue.md b/esp/esdllib/docs/getSecretKeyValue.md
@@ -1,13 +1,9 @@
 #### getSecretKeyValue
-    string getSecretKeyValue(key, secretName)
-    string getSecretKeyValue(key, secretName, vaultId)
-    string getSecretKeyValue(key, secretName, vaultId, version)
+    string getSecretKeyValue(secretId, key)
 
-Lookup an *espUser* categorized secret based on a combination of name, vault ID, and version, and extract the property value identified by `key`. Because this function enables exposure of all data in the named secret, only secrets defined in the *espUser* category can be accessed with this function.
+Lookup an *espUser* categorized secret based on a secret identifier, and extract the property value identified by `key`. Because this function enables exposure of all data in the named secret, only secrets defined in the *espUser* category can be accessed with this function.
 
 | Parameter | Required? | Description |
 | :- | :-: | :- |
 | key | Y | An identifier of a possible secret property value. |
-| secretName | Y | The name of a potential secret. |
-| vaultId | N | An identifier of the repository presumed to hold the named secret. |
-| version | N | The requested version of the named secret. |
+| secretId | Y | The identity of a secret, expressed as `[ vaultId "::" ] secretName [ "::" version ]`. A `secretName` is required always, and a `vaultId` is required before a version can be given. |
diff --git a/esp/esdlscriptlib/esdl_xpath_extensions_libxml.cpp b/esp/esdlscriptlib/esdl_xpath_extensions_libxml.cpp
@@ -1058,43 +1058,23 @@ static void getSecretKeyValueExtFunc(xmlXPathParserContextPtr ctxt, int nargs)
         xmlXPathSetError((ctxt), XPATH_INVALID_CTXT);
         return;
     }
-
-    SecretId id("");
-    StringBuffer key;
-    xmlChar* tmp;
-    switch (nargs)
+    if (nargs != 2)
     {
-    case 4: // version
-        tmp = xmlXPathPopString(ctxt);
-        if (xmlXPathCheckError(ctxt))
-            return;
-        id.version.set((const char*)tmp);
-        xmlFree(tmp);
-        // fall through
-    case 3: // vault ID
-        tmp = xmlXPathPopString(ctxt);
-        if (xmlXPathCheckError(ctxt))
-            return;
-        id.vault.set((const char*)tmp);
-        xmlFree(tmp);
-        // fall through
-    case 2: // key, secret name
-        tmp = xmlXPathPopString(ctxt);
-        if (xmlXPathCheckError(ctxt))
-            return;
-        id.name.set((const char*)tmp);
-        xmlFree(tmp);
-        tmp = xmlXPathPopString(ctxt);
-        if (xmlXPathCheckError(ctxt))
-            return;
-        key.append((const char*)tmp);
-        xmlFree(tmp);
-        break;
-    default:
         xmlXPathSetArityError(ctxt);
         return;
     }
 
+    xmlChar* tmp = xmlXPathPopString(ctxt);
+    if (xmlXPathCheckError(ctxt))
+        return;
+    StringBuffer key((const char*)tmp);
+    xmlFree(tmp);
+    tmp = xmlXPathPopString(ctxt);
+    if (xmlXPathCheckError(ctxt))
+        return;
+    SecretId id((const char*)tmp);
+    xmlFree(tmp);
+
     Owned<IPTree> secret(scriptContext->getSecret("espUser", id));
     if (!secret)
     {