fix: remove secret data in k8_secret table

Arta Asadi · Arta Asadi · commit ab220b2afd17 · 2025-05-05T10:12:45.000+02:00
diff --git a/cloudql/kubernetes/table_kubernetes_secret.go b/cloudql/kubernetes/table_kubernetes_secret.go
@@ -29,16 +29,10 @@ func tableKubernetesSecret(ctx context.Context) *plugin.Table {
 				Transform:   transform.FromField("Description.Secret.Type"),
 			},
 			{
-				Name:        "data",
-				Type:        proto.ColumnType_JSON,
-				Description: "Type of the secret data.",
-				Transform:   transform.FromField("Description.Secret.Data"),
-			},
-			{
-				Name:        "string_data",
-				Type:        proto.ColumnType_JSON,
-				Description: "Type of the secret data.",
-				Transform:   transform.FromField("Description.Secret.StringData"),
+				Name:        "data_number",
+				Type:        proto.ColumnType_INT,
+				Description: "Number of the secret data.",
+				Transform:   transform.FromField("Description.DataNumber"),
 			},
 
 			//// Steampipe Standard Columns
diff --git a/discovery/describers/kubernetes.go b/discovery/describers/kubernetes.go
@@ -1059,13 +1059,17 @@ func KubernetesSecret(ctx context.Context, client model.Client, extra string, st
 	}
 
 	for _, secret := range secrets.Items {
+		secret.StringData = nil
+		dataNumber := len(secret.Data)
+		secret.Data = nil
 		var resource models.Resource
 		resource = models.Resource{
 			ID:   fmt.Sprintf("secret/%s/%s", secret.Namespace, secret.Name),
 			Name: fmt.Sprintf("%s/%s", secret.Namespace, secret.Name),
 			Description: model.KubernetesSecretDescription{
 				MetaObject: helpers.ConvertObjectMeta(&secret.ObjectMeta),
 				Secret:     helpers.ConvertSecret(&secret),
+				DataNumber: dataNumber,
 			},
 		}
 
diff --git a/discovery/pkg/es/resources_clients.go b/discovery/pkg/es/resources_clients.go
@@ -6653,9 +6653,8 @@ func (p KubernetesSecretPaginator) NextPage(ctx context.Context) ([]KubernetesSe
 }
 
 var listKubernetesSecretFilters = map[string]string{
-	"data":        "Description.Secret.Data",
+	"data_number": "Description.DataNumber",
 	"immutable":   "Description.Secret.Immutable",
-	"string_data": "Description.Secret.StringData",
 	"title":       "Description.Secret.Name",
 	"type":        "Description.Secret.Type",
 }
@@ -6721,9 +6720,8 @@ func ListKubernetesSecret(ctx context.Context, d *plugin.QueryData, _ *plugin.Hy
 }
 
 var getKubernetesSecretFilters = map[string]string{
-	"data":        "Description.Secret.Data",
+	"data_number": "Description.DataNumber",
 	"immutable":   "Description.Secret.Immutable",
-	"string_data": "Description.Secret.StringData",
 	"title":       "Description.Secret.Name",
 	"type":        "Description.Secret.Type",
 }
diff --git a/discovery/provider/model.go b/discovery/provider/model.go
@@ -179,6 +179,7 @@ type KubernetesRoleBindingDescription struct {
 type KubernetesSecretDescription struct {
 	MetaObject helpers.ObjectMeta
 	Secret     helpers.Secret
+	DataNumber int
 }
 type KubernetesServiceDescription struct {
 	MetaObject helpers.ObjectMeta
diff --git a/global/maps/table_index_map.gen.go b/global/maps/table_index_map.gen.go
@@ -5,115 +5,115 @@ import (
 )
 
 var ResourceTypesToTables = map[string]string{
-	"Kubernetes/Resource":                 "k8_resource",
-	"Kubernetes/Node":                     "k8_node",
-	"Kubernetes/PersistentVolume":         "k8_persistent_volume",
-	"Kubernetes/PersistentVolumeClaim":    "k8_persistent_volume_claim",
-	"Kubernetes/Pod":                      "k8_pod",
-	"Kubernetes/Secret":                   "k8_secret",
-	"Kubernetes/Service":                  "k8_service",
-	"Kubernetes/ConfigMap":                "k8_config_map",
-	"Kubernetes/ServiceAccount":           "k8_service_account",
-	"Kubernetes/StatefulSet":              "k8_stateful_set",
-	"Kubernetes/Deployment":               "k8_deployment",
-	"Kubernetes/ReplicaSet":               "k8_replicaset",
-	"Kubernetes/DaemonSet":                "k8_daemonset",
-	"Kubernetes/Endpoint":                 "k8_endpoints",
-	"Kubernetes/EndpointSlice":            "k8_endpoint_slice",
-	"Kubernetes/Event":                    "k8_event",
-	"Kubernetes/Job":                      "k8_job",
-	"Kubernetes/CronJob":                  "k8_cronjob",
-	"Kubernetes/Ingress":                  "k8_ingress",
-	"Kubernetes/NetworkPolicy":            "k8_network_policy",
-	"Kubernetes/Role":                     "k8_role",
-	"Kubernetes/RoleBinding":              "k8_role_binding",
-	"Kubernetes/Cluster":                  "k8_cluster",
-	"Kubernetes/ClusterRole":              "k8_cluster_role",
-	"Kubernetes/ClusterRoleBinding":       "k8_cluster_role_binding",
-	"Kubernetes/PodDisruptionBudget":      "k8_pod_disruption_budget",
-	"Kubernetes/PodTemplate":              "k8_pod_template",
-	"Kubernetes/HorizontalPodAutoscaler":  "k8_horizontal_pod_autoscaler",
-	"Kubernetes/CustomResourceDefinition": "k8_custom_resource_definition",
-	"Kubernetes/CustomResource":           "k8_custom_resource",
-	"Kubernetes/StorageClass":             "k8_storage_class",
-	"Kubernetes/LimitRange":               "k8_limit_range",
-	"Kubernetes/Namespace":                "k8_namespace",
-	"Kubernetes/ReplicationController":    "k8_replication_controller",
-	"Kubernetes/RessourceQuota":           "k8_resource_quota",
+  "Kubernetes/Resource": "kubernetes_resource",
+  "Kubernetes/Node": "kubernetes_node",
+  "Kubernetes/PersistentVolume": "kubernetes_persistent_volume",
+  "Kubernetes/PersistentVolumeClaim": "kubernetes_persistent_volume_claim",
+  "Kubernetes/Pod": "kubernetes_pod",
+  "Kubernetes/Secret": "kubernetes_secret",
+  "Kubernetes/Service": "kubernetes_service",
+  "Kubernetes/ConfigMap": "kubernetes_config_map",
+  "Kubernetes/ServiceAccount": "kubernetes_service_account",
+  "Kubernetes/StatefulSet": "kubernetes_stateful_set",
+  "Kubernetes/Deployment": "kubernetes_deployment",
+  "Kubernetes/ReplicaSet": "kubernetes_replicaset",
+  "Kubernetes/DaemonSet": "kubernetes_daemonset",
+  "Kubernetes/Endpoint": "kubernetes_endpoints",
+  "Kubernetes/EndpointSlice": "kubernetes_endpoint_slice",
+  "Kubernetes/Event": "kubernetes_event",
+  "Kubernetes/Job": "kubernetes_job",
+  "Kubernetes/CronJob": "kubernetes_cronjob",
+  "Kubernetes/Ingress": "kubernetes_ingress",
+  "Kubernetes/NetworkPolicy": "kubernetes_network_policy",
+  "Kubernetes/Role": "kubernetes_role",
+  "Kubernetes/RoleBinding": "kubernetes_role_binding",
+  "Kubernetes/Cluster": "kubernetes_cluster",
+  "Kubernetes/ClusterRole": "kubernetes_cluster_role",
+  "Kubernetes/ClusterRoleBinding": "kubernetes_cluster_role_binding",
+  "Kubernetes/PodDisruptionBudget": "kubernetes_pod_disruption_budget",
+  "Kubernetes/PodTemplate": "kubernetes_pod_template",
+  "Kubernetes/HorizontalPodAutoscaler": "kubernetes_horizontal_pod_autoscaler",
+  "Kubernetes/CustomResourceDefinition": "kubernetes_custom_resource_definition",
+  "Kubernetes/CustomResource": "kubernetes_custom_resource",
+  "Kubernetes/StorageClass": "kubernetes_storage_class",
+  "Kubernetes/LimitRange": "kubernetes_limit_range",
+  "Kubernetes/Namespace": "kubernetes_namespace",
+  "Kubernetes/ReplicationController": "kubernetes_replication_controller",
+  "Kubernetes/RessourceQuota": "kubernetes_resource_quota",
 }
 
 var ResourceTypeToDescription = map[string]interface{}{
-	"Kubernetes/Resource":                 opengovernance.KubernetesResource{},
-	"Kubernetes/Node":                     opengovernance.KubernetesNode{},
-	"Kubernetes/PersistentVolume":         opengovernance.KubernetesPersistentVolume{},
-	"Kubernetes/PersistentVolumeClaim":    opengovernance.KubernetesPersistentVolumeClaim{},
-	"Kubernetes/Pod":                      opengovernance.KubernetesPod{},
-	"Kubernetes/Secret":                   opengovernance.KubernetesSecret{},
-	"Kubernetes/Service":                  opengovernance.KubernetesService{},
-	"Kubernetes/ConfigMap":                opengovernance.KubernetesConfigMap{},
-	"Kubernetes/ServiceAccount":           opengovernance.KubernetesServiceAccount{},
-	"Kubernetes/StatefulSet":              opengovernance.KubernetesStatefulSet{},
-	"Kubernetes/Deployment":               opengovernance.KubernetesDeployment{},
-	"Kubernetes/ReplicaSet":               opengovernance.KubernetesReplicaSet{},
-	"Kubernetes/DaemonSet":                opengovernance.KubernetesDaemonSet{},
-	"Kubernetes/Endpoint":                 opengovernance.KubernetesEndpoint{},
-	"Kubernetes/EndpointSlice":            opengovernance.KubernetesEndpointSlice{},
-	"Kubernetes/Event":                    opengovernance.KubernetesEvent{},
-	"Kubernetes/Job":                      opengovernance.KubernetesJob{},
-	"Kubernetes/CronJob":                  opengovernance.KubernetesCronJob{},
-	"Kubernetes/Ingress":                  opengovernance.KubernetesIngress{},
-	"Kubernetes/NetworkPolicy":            opengovernance.KubernetesNetworkPolicy{},
-	"Kubernetes/Role":                     opengovernance.KubernetesRole{},
-	"Kubernetes/RoleBinding":              opengovernance.KubernetesRoleBinding{},
-	"Kubernetes/Cluster":                  opengovernance.KubernetesCluster{},
-	"Kubernetes/ClusterRole":              opengovernance.KubernetesClusterRole{},
-	"Kubernetes/ClusterRoleBinding":       opengovernance.KubernetesClusterRoleBinding{},
-	"Kubernetes/PodDisruptionBudget":      opengovernance.KubernetesPodDisruptionBudget{},
-	"Kubernetes/PodTemplate":              opengovernance.KubernetesPodTemplate{},
-	"Kubernetes/HorizontalPodAutoscaler":  opengovernance.KubernetesHorizontalPodAutoscaler{},
-	"Kubernetes/CustomResourceDefinition": opengovernance.KubernetesCustomResourceDefinition{},
-	"Kubernetes/CustomResource":           opengovernance.KubernetesCustomResource{},
-	"Kubernetes/StorageClass":             opengovernance.KubernetesStorageClass{},
-	"Kubernetes/LimitRange":               opengovernance.KubernetesLimitRange{},
-	"Kubernetes/Namespace":                opengovernance.KubernetesNamespace{},
-	"Kubernetes/ReplicationController":    opengovernance.KubernetesReplicationController{},
-	"Kubernetes/RessourceQuota":           opengovernance.KubernetesResourceQuota{},
+  "Kubernetes/Resource": opengovernance.KubernetesResource{},
+  "Kubernetes/Node": opengovernance.KubernetesNode{},
+  "Kubernetes/PersistentVolume": opengovernance.KubernetesPersistentVolume{},
+  "Kubernetes/PersistentVolumeClaim": opengovernance.KubernetesPersistentVolumeClaim{},
+  "Kubernetes/Pod": opengovernance.KubernetesPod{},
+  "Kubernetes/Secret": opengovernance.KubernetesSecret{},
+  "Kubernetes/Service": opengovernance.KubernetesService{},
+  "Kubernetes/ConfigMap": opengovernance.KubernetesConfigMap{},
+  "Kubernetes/ServiceAccount": opengovernance.KubernetesServiceAccount{},
+  "Kubernetes/StatefulSet": opengovernance.KubernetesStatefulSet{},
+  "Kubernetes/Deployment": opengovernance.KubernetesDeployment{},
+  "Kubernetes/ReplicaSet": opengovernance.KubernetesReplicaSet{},
+  "Kubernetes/DaemonSet": opengovernance.KubernetesDaemonSet{},
+  "Kubernetes/Endpoint": opengovernance.KubernetesEndpoint{},
+  "Kubernetes/EndpointSlice": opengovernance.KubernetesEndpointSlice{},
+  "Kubernetes/Event": opengovernance.KubernetesEvent{},
+  "Kubernetes/Job": opengovernance.KubernetesJob{},
+  "Kubernetes/CronJob": opengovernance.KubernetesCronJob{},
+  "Kubernetes/Ingress": opengovernance.KubernetesIngress{},
+  "Kubernetes/NetworkPolicy": opengovernance.KubernetesNetworkPolicy{},
+  "Kubernetes/Role": opengovernance.KubernetesRole{},
+  "Kubernetes/RoleBinding": opengovernance.KubernetesRoleBinding{},
+  "Kubernetes/Cluster": opengovernance.KubernetesCluster{},
+  "Kubernetes/ClusterRole": opengovernance.KubernetesClusterRole{},
+  "Kubernetes/ClusterRoleBinding": opengovernance.KubernetesClusterRoleBinding{},
+  "Kubernetes/PodDisruptionBudget": opengovernance.KubernetesPodDisruptionBudget{},
+  "Kubernetes/PodTemplate": opengovernance.KubernetesPodTemplate{},
+  "Kubernetes/HorizontalPodAutoscaler": opengovernance.KubernetesHorizontalPodAutoscaler{},
+  "Kubernetes/CustomResourceDefinition": opengovernance.KubernetesCustomResourceDefinition{},
+  "Kubernetes/CustomResource": opengovernance.KubernetesCustomResource{},
+  "Kubernetes/StorageClass": opengovernance.KubernetesStorageClass{},
+  "Kubernetes/LimitRange": opengovernance.KubernetesLimitRange{},
+  "Kubernetes/Namespace": opengovernance.KubernetesNamespace{},
+  "Kubernetes/ReplicationController": opengovernance.KubernetesReplicationController{},
+  "Kubernetes/RessourceQuota": opengovernance.KubernetesResourceQuota{},
 }
 
 var TablesToResourceTypes = map[string]string{
-	"k8_resource":                   "Kubernetes/Resource",
-	"k8_node":                       "Kubernetes/Node",
-	"k8_persistent_volume":          "Kubernetes/PersistentVolume",
-	"k8_persistent_volume_claim":    "Kubernetes/PersistentVolumeClaim",
-	"k8_pod":                        "Kubernetes/Pod",
-	"k8_secret":                     "Kubernetes/Secret",
-	"k8_service":                    "Kubernetes/Service",
-	"k8_config_map":                 "Kubernetes/ConfigMap",
-	"k8_service_account":            "Kubernetes/ServiceAccount",
-	"k8_stateful_set":               "Kubernetes/StatefulSet",
-	"k8_deployment":                 "Kubernetes/Deployment",
-	"k8_replicaset":                 "Kubernetes/ReplicaSet",
-	"k8_daemonset":                  "Kubernetes/DaemonSet",
-	"k8_endpoints":                  "Kubernetes/Endpoint",
-	"k8_endpoint_slice":             "Kubernetes/EndpointSlice",
-	"k8_event":                      "Kubernetes/Event",
-	"k8_job":                        "Kubernetes/Job",
-	"k8_cronjob":                    "Kubernetes/CronJob",
-	"k8_ingress":                    "Kubernetes/Ingress",
-	"k8_network_policy":             "Kubernetes/NetworkPolicy",
-	"k8_role":                       "Kubernetes/Role",
-	"k8_role_binding":               "Kubernetes/RoleBinding",
-	"k8_cluster":                    "Kubernetes/Cluster",
-	"k8_cluster_role":               "Kubernetes/ClusterRole",
-	"k8_cluster_role_binding":       "Kubernetes/ClusterRoleBinding",
-	"k8_pod_disruption_budget":      "Kubernetes/PodDisruptionBudget",
-	"k8_pod_template":               "Kubernetes/PodTemplate",
-	"k8_horizontal_pod_autoscaler":  "Kubernetes/HorizontalPodAutoscaler",
-	"k8_custom_resource_definition": "Kubernetes/CustomResourceDefinition",
-	"k8_custom_resource":            "Kubernetes/CustomResource",
-	"k8_storage_class":              "Kubernetes/StorageClass",
-	"k8_limit_range":                "Kubernetes/LimitRange",
-	"k8_namespace":                  "Kubernetes/Namespace",
-	"k8_replication_controller":     "Kubernetes/ReplicationController",
-	"k8_resource_quota":             "Kubernetes/RessourceQuota",
+  "kubernetes_resource": "Kubernetes/Resource",
+  "kubernetes_node": "Kubernetes/Node",
+  "kubernetes_persistent_volume": "Kubernetes/PersistentVolume",
+  "kubernetes_persistent_volume_claim": "Kubernetes/PersistentVolumeClaim",
+  "kubernetes_pod": "Kubernetes/Pod",
+  "kubernetes_secret": "Kubernetes/Secret",
+  "kubernetes_service": "Kubernetes/Service",
+  "kubernetes_config_map": "Kubernetes/ConfigMap",
+  "kubernetes_service_account": "Kubernetes/ServiceAccount",
+  "kubernetes_stateful_set": "Kubernetes/StatefulSet",
+  "kubernetes_deployment": "Kubernetes/Deployment",
+  "kubernetes_replicaset": "Kubernetes/ReplicaSet",
+  "kubernetes_daemonset": "Kubernetes/DaemonSet",
+  "kubernetes_endpoints": "Kubernetes/Endpoint",
+  "kubernetes_endpoint_slice": "Kubernetes/EndpointSlice",
+  "kubernetes_event": "Kubernetes/Event",
+  "kubernetes_job": "Kubernetes/Job",
+  "kubernetes_cronjob": "Kubernetes/CronJob",
+  "kubernetes_ingress": "Kubernetes/Ingress",
+  "kubernetes_network_policy": "Kubernetes/NetworkPolicy",
+  "kubernetes_role": "Kubernetes/Role",
+  "kubernetes_role_binding": "Kubernetes/RoleBinding",
+  "kubernetes_cluster": "Kubernetes/Cluster",
+  "kubernetes_cluster_role": "Kubernetes/ClusterRole",
+  "kubernetes_cluster_role_binding": "Kubernetes/ClusterRoleBinding",
+  "kubernetes_pod_disruption_budget": "Kubernetes/PodDisruptionBudget",
+  "kubernetes_pod_template": "Kubernetes/PodTemplate",
+  "kubernetes_horizontal_pod_autoscaler": "Kubernetes/HorizontalPodAutoscaler",
+  "kubernetes_custom_resource_definition": "Kubernetes/CustomResourceDefinition",
+  "kubernetes_custom_resource": "Kubernetes/CustomResource",
+  "kubernetes_storage_class": "Kubernetes/StorageClass",
+  "kubernetes_limit_range": "Kubernetes/LimitRange",
+  "kubernetes_namespace": "Kubernetes/Namespace",
+  "kubernetes_replication_controller": "Kubernetes/ReplicationController",
+  "kubernetes_resource_quota": "Kubernetes/RessourceQuota",
 }

Original file line number	Diff line number	Diff line change
`@@ -6653,9 +6653,8 @@ func (p KubernetesSecretPaginator) NextPage(ctx context.Context) ([]KubernetesSe`
`6653`	`6653`	`}`
`6654`	`6654`
`6655`	`6655`	`var listKubernetesSecretFilters = map[string]string{`
`6656`		`- "data": "Description.Secret.Data",`
	`6656`	`+ "data_number": "Description.DataNumber",`
`6657`	`6657`	`"immutable": "Description.Secret.Immutable",`
`6658`		`- "string_data": "Description.Secret.StringData",`
`6659`	`6658`	`"title": "Description.Secret.Name",`
`6660`	`6659`	`"type": "Description.Secret.Type",`
`6661`	`6660`	`}`
`@@ -6721,9 +6720,8 @@ func ListKubernetesSecret(ctx context.Context, d plugin.QueryData, _ plugin.Hy`
`6721`	`6720`	`}`
`6722`	`6721`
`6723`	`6722`	`var getKubernetesSecretFilters = map[string]string{`
`6724`		`- "data": "Description.Secret.Data",`
	`6723`	`+ "data_number": "Description.DataNumber",`
`6725`	`6724`	`"immutable": "Description.Secret.Immutable",`
`6726`		`- "string_data": "Description.Secret.StringData",`
`6727`	`6725`	`"title": "Description.Secret.Name",`
`6728`	`6726`	`"type": "Description.Secret.Type",`
`6729`	`6727`	`}`
Original file line number	Diff line number	Diff line change
`@@ -179,6 +179,7 @@ type KubernetesRoleBindingDescription struct {`
`179`	`179`	`type KubernetesSecretDescription struct {`
`180`	`180`	`MetaObject helpers.ObjectMeta`
`181`	`181`	`Secret helpers.Secret`
	`182`	`+ DataNumber int`
`182`	`183`	`}`
`183`	`184`	`type KubernetesServiceDescription struct {`
`184`	`185`	`MetaObject helpers.ObjectMeta`