kubernetes-sigs/kustomize
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kustomize.git synced 2026-06-11 17:12:51 +00:00
Code Issues Packages Projects Releases 1 Wiki Activity

Merge pull request #187 from monopole/secFactory

Browse Source 
Introduce secret factory.
This commit is contained in:
k8s-ci-robot
2018-07-20 11:17:53 -07:00
committed by GitHub
parent 5906aaba19 7f22f187f8
commit 08be3f061e
6 changed files with 88 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/app/application.go
View File

@@ -146,7 +146,8 @@ func (a *Application) loadCustomizedResMap() (resmap.ResMap, error) {
if err != nil { if err != nil {
errs.Append(errors.Wrap(err, "NewResMapFromConfigMapArgs")) errs.Append(errors.Wrap(err, "NewResMapFromConfigMapArgs"))
} }
secrets, err := resmap.NewResMapFromSecretArgs(a.loader.Root(), a.kustomization.SecretGenerator) secrets, err := resmap.NewResMapFromSecretArgs(
a.loader.Root(), a.fSys, a.kustomization.SecretGenerator)
if err != nil { if err != nil {
errs.Append(errors.Wrap(err, "NewResMapFromSecretArgs")) errs.Append(errors.Wrap(err, "NewResMapFromSecretArgs"))
} }

4
pkg/app/application_test.go
View File

@@ -180,7 +180,9 @@ func TestResources1(t *testing.T) {
}), }),
} }
l := makeLoader1(t) l := makeLoader1(t)
app, err := NewApplication(l, fs.MakeFakeFS()) fakeFs := fs.MakeFakeFS()
fakeFs.Mkdir("/")
app, err := NewApplication(l, fakeFs)
if err != nil { if err != nil {
t.Fatalf("Unexpected construction error %v", err) t.Fatalf("Unexpected construction error %v", err)
} }

4
pkg/configmapandsecret/configmapfactory.go
View File

@@ -180,11 +180,11 @@ func (f *ConfigMapFactory) handleConfigMapFromLiteralSources(
func keyValuesFromFileSources(ldr loader.Loader, sources []string) ([]kvPair, error) { func keyValuesFromFileSources(ldr loader.Loader, sources []string) ([]kvPair, error) {
var kvs []kvPair var kvs []kvPair
for _, s := range sources { for _, s := range sources {
k, path, err := ParseFileSource(s) k, fPath, err := ParseFileSource(s)
if err != nil { if err != nil {
return nil, err return nil, err
} }
content, err := ldr.Load(path) content, err := ldr.Load(fPath)
if err != nil { if err != nil {
return nil, err return nil, err
} }

59
pkg/configmapandsecret/secretfactory.go Normal file
View File

@@ -0,0 +1,59 @@
package configmapandsecret
import (
"context"
"github.com/kubernetes-sigs/kustomize/pkg/fs"
"github.com/kubernetes-sigs/kustomize/pkg/types"
"github.com/pkg/errors"
corev1 "k8s.io/api/core/v1"
"os/exec"
"path/filepath"
"time"
)
// SecretFactory makes Secrets.
type SecretFactory struct {
args types.SecretArgs
fSys fs.FileSystem
}
// NewSecretFactory returns a new SecretFactory.
func NewSecretFactory(args types.SecretArgs, fSys fs.FileSystem) *SecretFactory {
return &SecretFactory{args: args, fSys: fSys}
}
// MakeSecret returns a new secret.
func (f *SecretFactory) MakeSecret(wd string) (*corev1.Secret, error) {
s := &corev1.Secret{}
s.APIVersion = "v1"
s.Kind = "Secret"
s.Name = f.args.Name
s.Type = corev1.SecretType(f.args.Type)
if s.Type == "" {
s.Type = corev1.SecretTypeOpaque
}
s.Data = map[string][]byte{}
for k, v := range f.args.Commands {
out, err := f.createSecretKey(wd, v)
if err != nil {
return nil, errors.Wrap(err, "createSecretKey")
}
s.Data[k] = out
}
return s, nil
}
// Run a command, return its output as the secret.
func (f *SecretFactory) createSecretKey(wd string, command string) ([]byte, error) {
if !f.fSys.IsDir(wd) {
wd = filepath.Dir(wd)
if !f.fSys.IsDir(wd) {
return nil, errors.New("not a directory: " + wd)
}
}
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
cmd := exec.CommandContext(ctx, "sh", "-c", command)
cmd.Dir = wd
return cmd.Output()
}

78
pkg/resmap/secret.go
View File

@@ -17,73 +17,31 @@ limitations under the License.
package resmap package resmap
import ( import (
"context" "github.com/kubernetes-sigs/kustomize/pkg/configmapandsecret"
"os/exec" "github.com/kubernetes-sigs/kustomize/pkg/fs"
"path/filepath"
"time"
"os"
"github.com/kubernetes-sigs/kustomize/pkg/resource" "github.com/kubernetes-sigs/kustomize/pkg/resource"
"github.com/kubernetes-sigs/kustomize/pkg/types" "github.com/kubernetes-sigs/kustomize/pkg/types"
"github.com/pkg/errors" "github.com/pkg/errors"
corev1 "k8s.io/api/core/v1"
) )
func newResourceFromSecretGenerator(p string, sArgs types.SecretArgs) (*resource.Resource, error) { // NewResMapFromSecretArgs takes a SecretArgs slice and executes its command in directory
s, err := makeSecret(p, sArgs) // wd then writes the output to a Resource slice and return it.
if err != nil { func NewResMapFromSecretArgs(
return nil, errors.Wrap(err, "makeSecret") wd string, fSys fs.FileSystem,
} secretList []types.SecretArgs) (ResMap, error) {
if sArgs.Behavior == "" {
sArgs.Behavior = "create"
}
return resource.NewResourceWithBehavior(
s, resource.NewGenerationBehavior(sArgs.Behavior))
}
func makeSecret(p string, sArgs types.SecretArgs) (*corev1.Secret, error) {
s := &corev1.Secret{}
s.APIVersion = "v1"
s.Kind = "Secret"
s.Name = sArgs.Name
s.Type = corev1.SecretType(sArgs.Type)
if s.Type == "" {
s.Type = corev1.SecretTypeOpaque
}
s.Data = map[string][]byte{}
for k, v := range sArgs.Commands {
out, err := createSecretKey(p, v)
if err != nil {
return nil, errors.Wrap(err, "createSecretKey")
}
s.Data[k] = out
}
return s, nil
}
// Run a command, return its output as the secret.
func createSecretKey(wd string, command string) ([]byte, error) {
fi, err := os.Stat(wd)
if err != nil || !fi.IsDir() {
wd = filepath.Dir(wd)
}
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
cmd := exec.CommandContext(ctx, "sh", "-c", command)
cmd.Dir = wd
return cmd.Output()
}
// NewResMapFromSecretArgs takes a SecretArgs slice and executes its command in directory p
// then writes the output to a Resource slice and return it.
func NewResMapFromSecretArgs(p string, secretList []types.SecretArgs) (ResMap, error) {
var allResources []*resource.Resource var allResources []*resource.Resource
for _, secret := range secretList { for _, args := range secretList {
res, err := newResourceFromSecretGenerator(p, secret) s, err := configmapandsecret.NewSecretFactory(args, fSys).MakeSecret(wd)
if err != nil { if err != nil {
return nil, errors.Wrap(err, "newResourceFromSecretGenerator") return nil, errors.Wrap(err, "makeSecret")
}
if args.Behavior == "" {
args.Behavior = "create"
}
res, err := resource.NewResourceWithBehavior(
s, resource.NewGenerationBehavior(args.Behavior))
if err != nil {
return nil, errors.Wrap(err, "NewResourceWithBehavior")
} }
allResources = append(allResources, res) allResources = append(allResources, res)
} }

5
pkg/resmap/secret_test.go
View File

@@ -21,6 +21,7 @@ import (
"reflect" "reflect"
"testing" "testing"
"github.com/kubernetes-sigs/kustomize/pkg/fs"
"github.com/kubernetes-sigs/kustomize/pkg/resource" "github.com/kubernetes-sigs/kustomize/pkg/resource"
"github.com/kubernetes-sigs/kustomize/pkg/types" "github.com/kubernetes-sigs/kustomize/pkg/types"
corev1 "k8s.io/api/core/v1" corev1 "k8s.io/api/core/v1"
@@ -40,7 +41,9 @@ func TestNewResMapFromSecretArgs(t *testing.T) {
Type: "Opaque", Type: "Opaque",
}, },
} }
actual, err := NewResMapFromSecretArgs(".", secrets) fakeFs := fs.MakeFakeFS()
fakeFs.Mkdir(".")
actual, err := NewResMapFromSecretArgs(".", fakeFs, secrets)
if err != nil { if err != nil {
t.Fatalf("unexpected error: %v", err) t.Fatalf("unexpected error: %v", err)