fix: preserve JSON secret values in store CSV import

Author: spbsoluble

cmd/storesBulkOperations.go

@@ -1154,7 +1154,9 @@ func getJsonForRequest(headerRow []string, row []string) *gabs.Container {
 	reqJson := gabs.New()
 	for hIdx, header := range headerRow {
 		log.Debug().Msgf("Processing header '%s'", header)
-		if strings.ToUpper(row[hIdx]) == "TRUE" {
+		if shouldTreatCSVValueAsSecretString(header) && row[hIdx] != "" {
+			reqJson.Set(row[hIdx], strings.Split(header, ".")...)
+		} else if strings.ToUpper(row[hIdx]) == "TRUE" {
 			reqJson.Set(true, strings.Split(header, ".")...)
 		} else if strings.ToUpper(row[hIdx]) == "FALSE" {
 			reqJson.Set(false, strings.Split(header, ".")...)
@@ -1176,6 +1178,15 @@ func getJsonForRequest(headerRow []string, row []string) *gabs.Container {
 	return reqJson
 }
 
+func shouldTreatCSVValueAsSecretString(header string) bool {
+	switch header {
+	case "Properties.ServerUsername", "Properties.ServerPassword", "Password":
+		return true
+	default:
+		return strings.HasSuffix(header, ".SecretValue")
+	}
+}
+
 func writeCsvFile(outpath string, rows [][]string) error {
 	log.Debug().Msgf("Writing CSV file '%s'", outpath)
 	csvFile, err := os.Create(outpath)

cmd/stores_test.go

@@ -356,6 +356,19 @@ func Test_FormatProperties_FormatsManagedPamSecretPropertiesForPost(t *testing.T
 	assert.Equal(t, " ", params["StaticSecretFieldName"])
 }
 
+func Test_GetJsonForRequest_TreatsJsonSecretValuesAsStrings(t *testing.T) {
+	header := []string{"Properties.ServerPassword", "Properties.ServerUsername.SecretValue"}
+	row := []string{
+		`{"kind":"Config","apiVersion":"v1"}`,
+		`{"username":"kubeconfig"}`,
+	}
+
+	reqJson := getJsonForRequest(header, row)
+
+	assert.Equal(t, row[0], reqJson.S("Properties", "ServerPassword").Data())
+	assert.Equal(t, row[1], reqJson.S("Properties", "ServerUsername", "SecretValue").Data())
+}
+
 func testExportStore(t *testing.T, storeTypeName string) (string, []string) {
 	var (
 		output string