Remove CMSecret package from API.

2026-06-10 16:42:51 +00:00 · 2019-11-06 15:35:18 -08:00
parent 9e6e928725
commit c5ba2ced3b
6 changed files with 1 additions and 1 deletions
--- a/api/internal/k8sdeps/configmapandsecret/configmapfactory.go
+++ b/api/internal/k8sdeps/configmapandsecret/configmapfactory.go
@@ -0,0 +1,72 @@
+// Copyright 2019 The Kubernetes Authors.
+// SPDX-License-Identifier: Apache-2.0
+
+// Package configmapandsecret generates configmaps and secrets per generator rules.
+package configmapandsecret
+
+import (
+	"fmt"
+	"unicode/utf8"
+
+	"github.com/pkg/errors"
+	"k8s.io/api/core/v1"
+	"sigs.k8s.io/kustomize/api/types"
+)
+
+func makeFreshConfigMap(
+	args *types.ConfigMapArgs) *v1.ConfigMap {
+	cm := &v1.ConfigMap{}
+	cm.APIVersion = "v1"
+	cm.Kind = "ConfigMap"
+	cm.Name = args.Name
+	cm.Namespace = args.Namespace
+	cm.Data = map[string]string{}
+	return cm
+}
+
+// MakeConfigMap returns a new ConfigMap, or nil and an error.
+func (f *Factory) MakeConfigMap(
+	args *types.ConfigMapArgs) (*v1.ConfigMap, error) {
+	all, err := f.kvLdr.Load(args.KvPairSources)
+	if err != nil {
+		return nil, errors.Wrap(err, "loading KV pairs")
+	}
+	cm := makeFreshConfigMap(args)
+	for _, p := range all {
+		err = f.addKvToConfigMap(cm, p)
+		if err != nil {
+			return nil, errors.Wrap(err, "trouble mapping")
+		}
+	}
+	if f.options != nil {
+		cm.SetLabels(f.options.Labels)
+		cm.SetAnnotations(f.options.Annotations)
+	}
+	return cm, nil
+}
+
+// addKvToConfigMap adds the given key and data to the given config map.
+// Error if key invalid, or already exists.
+func (f *Factory) addKvToConfigMap(configMap *v1.ConfigMap, p types.Pair) error {
+	if err := f.kvLdr.Validator().ErrIfInvalidKey(p.Key); err != nil {
+		return err
+	}
+	// If the configmap data contains byte sequences that are all in the UTF-8
+	// range, we will write it to .Data
+	if utf8.Valid([]byte(p.Value)) {
+		if _, entryExists := configMap.Data[p.Key]; entryExists {
+			return fmt.Errorf(keyExistsErrorMsg, p.Key, configMap.Data)
+		}
+		configMap.Data[p.Key] = p.Value
+		return nil
+	}
+	// otherwise, it's BinaryData
+	if configMap.BinaryData == nil {
+		configMap.BinaryData = map[string][]byte{}
+	}
+	if _, entryExists := configMap.BinaryData[p.Key]; entryExists {
+		return fmt.Errorf(keyExistsErrorMsg, p.Key, configMap.BinaryData)
+	}
+	configMap.BinaryData[p.Key] = []byte(p.Value)
+	return nil
+}
--- a/api/internal/k8sdeps/configmapandsecret/configmapfactory_test.go
+++ b/api/internal/k8sdeps/configmapandsecret/configmapfactory_test.go
@@ -0,0 +1,158 @@
+// Copyright 2019 The Kubernetes Authors.
+// SPDX-License-Identifier: Apache-2.0
+
+package configmapandsecret
+
+import (
+	"path/filepath"
+	"reflect"
+	"testing"
+
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"sigs.k8s.io/kustomize/api/filesys"
+	"sigs.k8s.io/kustomize/api/kv"
+	"sigs.k8s.io/kustomize/api/loader"
+	"sigs.k8s.io/kustomize/api/testutils/valtest"
+	"sigs.k8s.io/kustomize/api/types"
+)
+
+func makeEnvConfigMap(name string) *corev1.ConfigMap {
+	return &corev1.ConfigMap{
+		TypeMeta: metav1.TypeMeta{
+			APIVersion: "v1",
+			Kind:       "ConfigMap",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name: name,
+		},
+		Data: map[string]string{
+			"DB_USERNAME": "admin",
+			"DB_PASSWORD": "somepw",
+		},
+	}
+}
+
+func makeFileConfigMap(name string) *corev1.ConfigMap {
+	return &corev1.ConfigMap{
+		TypeMeta: metav1.TypeMeta{
+			APIVersion: "v1",
+			Kind:       "ConfigMap",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name: name,
+		},
+		Data: map[string]string{
+			"app-init.ini": `FOO=bar
+BAR=baz
+`,
+		},
+		BinaryData: map[string][]byte{
+			"app.bin": {0xff, 0xfd},
+		},
+	}
+}
+
+func makeLiteralConfigMap(name string) *corev1.ConfigMap {
+	cm := &corev1.ConfigMap{
+		TypeMeta: metav1.TypeMeta{
+			APIVersion: "v1",
+			Kind:       "ConfigMap",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name: name,
+		},
+		Data: map[string]string{
+			"a": "x",
+			"b": "y",
+			"c": "Hello World",
+			"d": "true",
+		},
+	}
+	cm.SetLabels(map[string]string{"foo": "bar"})
+	return cm
+}
+
+func TestConstructConfigMap(t *testing.T) {
+	type testCase struct {
+		description string
+		input       types.ConfigMapArgs
+		options     *types.GeneratorOptions
+		expected    *corev1.ConfigMap
+	}
+
+	testCases := []testCase{
+		{
+			description: "construct config map from env",
+			input: types.ConfigMapArgs{
+				GeneratorArgs: types.GeneratorArgs{
+					Name: "envConfigMap",
+					KvPairSources: types.KvPairSources{
+						EnvSources: []string{
+							filepath.Join("configmap", "app.env"),
+						},
+					},
+				},
+			},
+			options:  nil,
+			expected: makeEnvConfigMap("envConfigMap"),
+		},
+		{
+			description: "construct config map from file",
+			input: types.ConfigMapArgs{
+				GeneratorArgs: types.GeneratorArgs{
+					Name: "fileConfigMap",
+					KvPairSources: types.KvPairSources{
+						FileSources: []string{
+							filepath.Join("configmap", "app-init.ini"),
+							filepath.Join("configmap", "app.bin"),
+						},
+					},
+				},
+			},
+			options:  nil,
+			expected: makeFileConfigMap("fileConfigMap"),
+		},
+		{
+			description: "construct config map from literal",
+			input: types.ConfigMapArgs{
+				GeneratorArgs: types.GeneratorArgs{
+					Name: "literalConfigMap",
+					KvPairSources: types.KvPairSources{
+						LiteralSources: []string{"a=x", "b=y", "c=\"Hello World\"", "d='true'"},
+					},
+				},
+			},
+			options: &types.GeneratorOptions{
+				Labels: map[string]string{
+					"foo": "bar",
+				},
+			},
+			expected: makeLiteralConfigMap("literalConfigMap"),
+		},
+	}
+
+	fSys := filesys.MakeFsInMemory()
+	fSys.WriteFile(
+		filesys.RootedPath("configmap", "app.env"),
+		[]byte("DB_USERNAME=admin\nDB_PASSWORD=somepw\n"))
+	fSys.WriteFile(
+		filesys.RootedPath("configmap", "app-init.ini"),
+		[]byte("FOO=bar\nBAR=baz\n"))
+	fSys.WriteFile(
+		filesys.RootedPath("configmap", "app.bin"),
+		[]byte{0xff, 0xfd})
+	kvLdr := kv.NewLoader(
+		loader.NewFileLoaderAtRoot(fSys),
+		valtest_test.MakeFakeValidator())
+	for _, tc := range testCases {
+		f := NewFactory(kvLdr, tc.options)
+		cm, err := f.MakeConfigMap(&tc.input)
+		if err != nil {
+			t.Fatalf("unexpected error: %v", err)
+		}
+		if !reflect.DeepEqual(*cm, *tc.expected) {
+			t.Fatalf("in testcase: %q updated:\n%#v\ndoesn't match expected:\n%#v\n", tc.description, *cm, tc.expected)
+		}
+	}
+}
--- a/api/internal/k8sdeps/configmapandsecret/factory.go
+++ b/api/internal/k8sdeps/configmapandsecret/factory.go
@@ -0,0 +1,23 @@
+// Copyright 2019 The Kubernetes Authors.
+// SPDX-License-Identifier: Apache-2.0
+
+package configmapandsecret
+
+import (
+	"sigs.k8s.io/kustomize/api/ifc"
+	"sigs.k8s.io/kustomize/api/types"
+)
+
+// Factory makes ConfigMaps and Secrets.
+type Factory struct {
+	kvLdr   ifc.KvLoader
+	options *types.GeneratorOptions
+}
+
+// NewFactory returns a new factory that makes ConfigMaps and Secrets.
+func NewFactory(
+	kvLdr ifc.KvLoader, o *types.GeneratorOptions) *Factory {
+	return &Factory{kvLdr: kvLdr, options: o}
+}
+
+const keyExistsErrorMsg = "cannot add key %s, another key by that name already exists: %v"
--- a/api/internal/k8sdeps/configmapandsecret/secretfactory.go
+++ b/api/internal/k8sdeps/configmapandsecret/secretfactory.go
@@ -0,0 +1,58 @@
+// Copyright 2019 The Kubernetes Authors.
+// SPDX-License-Identifier: Apache-2.0
+
+package configmapandsecret
+
+import (
+	"fmt"
+
+	corev1 "k8s.io/api/core/v1"
+	"sigs.k8s.io/kustomize/api/types"
+)
+
+func makeFreshSecret(
+	args *types.SecretArgs) *corev1.Secret {
+	s := &corev1.Secret{}
+	s.APIVersion = "v1"
+	s.Kind = "Secret"
+	s.Name = args.Name
+	s.Namespace = args.Namespace
+	s.Type = corev1.SecretType(args.Type)
+	if s.Type == "" {
+		s.Type = corev1.SecretTypeOpaque
+	}
+	s.Data = map[string][]byte{}
+	return s
+}
+
+// MakeSecret returns a new secret.
+func (f *Factory) MakeSecret(
+	args *types.SecretArgs) (*corev1.Secret, error) {
+	all, err := f.kvLdr.Load(args.KvPairSources)
+	if err != nil {
+		return nil, err
+	}
+	s := makeFreshSecret(args)
+	for _, p := range all {
+		err = f.addKvToSecret(s, p.Key, p.Value)
+		if err != nil {
+			return nil, err
+		}
+	}
+	if f.options != nil {
+		s.SetLabels(f.options.Labels)
+		s.SetAnnotations(f.options.Annotations)
+	}
+	return s, nil
+}
+
+func (f *Factory) addKvToSecret(secret *corev1.Secret, keyName, data string) error {
+	if err := f.kvLdr.Validator().ErrIfInvalidKey(keyName); err != nil {
+		return err
+	}
+	if _, entryExists := secret.Data[keyName]; entryExists {
+		return fmt.Errorf(keyExistsErrorMsg, keyName, secret.Data)
+	}
+	secret.Data[keyName] = []byte(data)
+	return nil
+}
--- a/api/internal/k8sdeps/configmapandsecret/secretfactory_test.go
+++ b/api/internal/k8sdeps/configmapandsecret/secretfactory_test.go
@@ -0,0 +1,143 @@
+// Copyright 2019 The Kubernetes Authors.
+// SPDX-License-Identifier: Apache-2.0
+
+package configmapandsecret
+
+import (
+	"reflect"
+	"testing"
+
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"sigs.k8s.io/kustomize/api/filesys"
+	"sigs.k8s.io/kustomize/api/kv"
+	"sigs.k8s.io/kustomize/api/loader"
+	"sigs.k8s.io/kustomize/api/testutils/valtest"
+	"sigs.k8s.io/kustomize/api/types"
+)
+
+func makeEnvSecret(name string) *corev1.Secret {
+	return &corev1.Secret{
+		TypeMeta: metav1.TypeMeta{
+			APIVersion: "v1",
+			Kind:       "Secret",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name: name,
+		},
+		Data: map[string][]byte{
+			"DB_PASSWORD": []byte("somepw"),
+			"DB_USERNAME": []byte("admin"),
+		},
+		Type: "Opaque",
+	}
+}
+
+func makeFileSecret(name string) *corev1.Secret {
+	return &corev1.Secret{
+		TypeMeta: metav1.TypeMeta{
+			APIVersion: "v1",
+			Kind:       "Secret",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name: name,
+		},
+		Data: map[string][]byte{
+			"app-init.ini": []byte(`FOO=bar
+BAR=baz
+`),
+		},
+		Type: "Opaque",
+	}
+}
+
+func makeLiteralSecret(name string) *corev1.Secret {
+	s := &corev1.Secret{
+		TypeMeta: metav1.TypeMeta{
+			APIVersion: "v1",
+			Kind:       "Secret",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name: name,
+		},
+		Data: map[string][]byte{
+			"a": []byte("x"),
+			"b": []byte("y"),
+		},
+		Type: "Opaque",
+	}
+	s.SetLabels(map[string]string{"foo": "bar"})
+	return s
+}
+
+func TestConstructSecret(t *testing.T) {
+	type testCase struct {
+		description string
+		input       types.SecretArgs
+		options     *types.GeneratorOptions
+		expected    *corev1.Secret
+	}
+
+	testCases := []testCase{
+		{
+			description: "construct secret from env",
+			input: types.SecretArgs{
+				GeneratorArgs: types.GeneratorArgs{
+					Name: "envSecret",
+					KvPairSources: types.KvPairSources{
+						EnvSources: []string{"secret/app.env"},
+					},
+				},
+			},
+			options:  nil,
+			expected: makeEnvSecret("envSecret"),
+		},
+		{
+			description: "construct secret from file",
+			input: types.SecretArgs{
+				GeneratorArgs: types.GeneratorArgs{
+					Name: "fileSecret",
+					KvPairSources: types.KvPairSources{
+						FileSources: []string{"secret/app-init.ini"},
+					},
+				},
+			},
+			options:  nil,
+			expected: makeFileSecret("fileSecret"),
+		},
+		{
+			description: "construct secret from literal",
+			input: types.SecretArgs{
+				GeneratorArgs: types.GeneratorArgs{
+					Name: "literalSecret",
+					KvPairSources: types.KvPairSources{
+						LiteralSources: []string{"a=x", "b=y"},
+					},
+				},
+			},
+			options: &types.GeneratorOptions{
+				Labels: map[string]string{
+					"foo": "bar",
+				},
+			},
+			expected: makeLiteralSecret("literalSecret"),
+		},
+	}
+
+	fSys := filesys.MakeFsInMemory()
+	fSys.WriteFile("/secret/app.env", []byte("DB_USERNAME=admin\nDB_PASSWORD=somepw\n"))
+	fSys.WriteFile("/secret/app-init.ini", []byte("FOO=bar\nBAR=baz\n"))
+	kvLdr := kv.NewLoader(
+		loader.NewFileLoaderAtRoot(fSys),
+		valtest_test.MakeFakeValidator())
+	for _, tc := range testCases {
+		f := NewFactory(kvLdr, tc.options)
+		cm, err := f.MakeSecret(&tc.input)
+		if err != nil {
+			t.Fatalf("unexpected error: %v", err)
+		}
+		if !reflect.DeepEqual(*cm, *tc.expected) {
+			t.Fatalf("in testcase: %q updated:\n%#v\ndoesn't match expected:\n%#v\n", tc.description, *cm, tc.expected)
+		}
+	}
+}