From d5b18d74efd8e415b56eeb622264521c945a396d Mon Sep 17 00:00:00 2001
From: decentral1se <cellarspoon@riseup.net>
Date: Mon, 25 Sep 2023 15:51:15 +0200
Subject: [PATCH] fix: use secretId to match secret names in configs

---
 pkg/secret/secret.go      | 19 ++++++++----------
 pkg/secret/secret_test.go | 41 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 49 insertions(+), 11 deletions(-)
 create mode 100644 pkg/secret/secret_test.go

diff --git a/pkg/secret/secret.go b/pkg/secret/secret.go
index e528dcb3..aea8391a 100644
--- a/pkg/secret/secret.go
+++ b/pkg/secret/secret.go
@@ -87,22 +87,19 @@ func ReadSecretsConfig(appEnv map[string]string, composeFiles []string, recipeNa
 		return secretConfigs, nil
 	}
 
-	for _, secret := range config.Secrets {
-		firstIdx := strings.Index(secret.Name, "_")
-		lastIdx := strings.LastIndex(secret.Name, "_")
-		secretName := secret.Name[firstIdx+1 : lastIdx]
-
-		if secret.Name != "" && string(secret.Name[len(secret.Name)-1]) == "_" {
-			return secretConfigs, fmt.Errorf("missing version for secret? (%s)", secretName)
+	for secretId, secretConfig := range config.Secrets {
+		if string(secretConfig.Name[len(secretConfig.Name)-1]) == "_" {
+			return secretConfigs, fmt.Errorf("missing version for secret? (%s)", secretId)
 		}
 
-		if !(slices.Contains(enabledSecrets, secretName)) {
-			logrus.Debugf("%s not enabled in recipe config, not generating", secretName)
+		if !(slices.Contains(enabledSecrets, secretId)) {
+			logrus.Warnf("%s not enabled in recipe config, not generating", secretId)
 			continue
 		}
 
-		secretVersion := secret.Name[lastIdx+1:]
-		secretConfigs[secretName] = secretVersion
+		lastIdx := strings.LastIndex(secretConfig.Name, "_")
+		secretVersion := secretConfig.Name[lastIdx+1:]
+		secretConfigs[secretId] = secretVersion
 	}
 
 	return secretConfigs, nil
diff --git a/pkg/secret/secret_test.go b/pkg/secret/secret_test.go
new file mode 100644
index 00000000..443b3bab
--- /dev/null
+++ b/pkg/secret/secret_test.go
@@ -0,0 +1,41 @@
+package secret
+
+import (
+	"path"
+	"testing"
+
+	"coopcloud.tech/abra/pkg/config"
+	"coopcloud.tech/abra/pkg/recipe"
+	"coopcloud.tech/abra/pkg/upstream/stack"
+	loader "coopcloud.tech/abra/pkg/upstream/stack"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestReadSecretsConfig(t *testing.T) {
+	offline := true
+	recipe, err := recipe.Get("matrix-synapse", offline)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	sampleEnv, err := recipe.SampleEnv()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	composeFiles := []string{path.Join(config.RECIPES_DIR, recipe.Name, "compose.yml")}
+	secretsFromConfig, err := ReadSecretsConfig(sampleEnv, composeFiles, recipe.Name)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	opts := stack.Deploy{Composefiles: composeFiles}
+	config, err := loader.LoadComposefile(opts, sampleEnv)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	for secretId := range config.Secrets {
+		assert.Contains(t, secretsFromConfig, secretId)
+	}
+}