https://pact.io logo
Join Slack
Powered by
Hi! Does anyone know what the Secrets API contract...
# pactflow
j
Hi! Does anyone know what the Secrets API contracts look like? There's no documentation in HAL for this endpoint, and I want to see what the contracts look like in order to programatically update tokens and store them in secrets. I know specifying teams is something that can be done because the Terraform resource uses the API under the hood.
👋 1
t
I'm not a pactflow person, and I don't know the answer to your question for sure - but I've been looking at the pact broker API (which also isn't fully documented). The best approach at the moment is to look at the clients. Looking at that terraform code, I found this client: https://github.com/pactflow/terraform-provider-pact/blob/master/resource_secret.go#L89 Where I think this is the payload: https://github.com/pactflow/terraform-provider-pact/blob/master/broker/secret.go#L3 and this is the HTTP call: https://github.com/pactflow/terraform-provider-pact/blob/master/client/client.go#L336 (a POST to 
/secrets
) and this is the response: https://github.com/pactflow/terraform-provider-pact/blob/master/broker/secret.go#L12 You can also see all of the contract that the terraform provider defines here This isn't as good as documentation, of course, as you don't know what else it might support / whether it promises to support these fields etc.
1
That last link is probably the most important one, so I'll link it again: https://github.com/pactflow/terraform-provider-pact/blob/master/client/client_pact_test.go#L332
j
Legend, thanks! Will check that out now.
t
You're welcome!
j
Yeah, it was pretty simple. In case someone else stumbles upon this, the 
POST
request looks like this:
Copy code
{
    "name" : "mySecret",
    "description" : "Secret created via API",
    "value" : "Super secret",
    "teamUuid" : <team_uuid>
}
🙌 2
y
nice work Tim! i just sleuth the network calls in chrome inspector after doing the ui action. looking forward to being able to share the public api ( and in OpenAPI form! )
💯 1
j
Just a heads up in regards to idempotence: that post request from above creates a secret and returns a uuid. Subsequent identical POST requests will result in 409, because the name of the secret must be unique within a team when creating it. In order to update its value, the url must contain uuid of the secret (so, it'll look something like 
/secrets/Lifqj_IK0GZXMB5BQFshNw
instead of just 
/secrets
).
👍 1
t
Thanks!
Open in Slack
PreviousNext
Powered by