Skip to content

Commit a2872fc

Browse files
larslevielarslevie
committed
Add support for passing generator options
through to Kustomize because the `generatorOptions` args don't apply to the secret generated by this plugin. For example, the following in `kustomization.yaml` won't have any effect on a `Secret` produced by `SecretsFromVault`: ``` generatorOptions: disableNameSuffixHash: true ```
1 parent e68c685 commit a2872fc

File tree

1 file changed

+12
-11
lines changed

1 file changed

+12
-11
lines changed

SecretsFromVault.go

Lines changed: 12 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -15,31 +15,32 @@ import (
1515
)
1616

1717
type vaultSecret struct {
18-
Path string
19-
Key string
20-
SecretKey string
18+
Path string `json:"path,omitempty" yaml:"path,omitempty"`
19+
Key string `json:"key,omitempty" yaml:"key,omitempty"`
20+
SecretKey string `json:"secretKey,omitempty" yaml:"secretKey,omitempty"`
21+
}
22+
23+
type secretSpec struct {
24+
Secrets []vaultSecret `json:"secrets,omitempty" yaml:"secrets,omitempty"`
25+
Options *types.GeneratorOptions `json:"options,omitempty" yaml:"options,omitempty"`
2126
}
2227

2328
type plugin struct {
2429
rf *resmap.Factory
2530
ldr ifc.Loader
31+
Spec secretSpec `json:"spec,omitempty" yaml:"spec,omitempty"`
2632
types.ObjectMeta `json:"metadata,omitempty" yaml:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
27-
Secrets []vaultSecret `json:"secrets,omitempty" yaml:"secrets,omitempty"`
2833
VaultClient *api.Client
2934
}
3035

3136
//nolint: golint
3237
//noinspection GoUnusedGlobalVariable
3338
var KustomizePlugin plugin
3439

35-
var database = map[string]string{
36-
"secret/data/prd/am1/kube0/newman-api": "SaturnV",
37-
}
38-
3940
func (p *plugin) Config(ldr ifc.Loader, rf *resmap.Factory, c []byte) error {
4041
vaultAddr, ok := os.LookupEnv("VAULT_ADDR")
4142
if !ok {
42-
return errors.New("Missing `VAULT_ADDR` env var: required")
43+
return errors.New("missing `VAULT_ADDR` env var: required")
4344
}
4445

4546
vaultToken, err := getVaultToken()
@@ -70,7 +71,7 @@ func (p *plugin) Generate() (resmap.ResMap, error) {
7071
args.Name = p.Name
7172
args.Namespace = p.Namespace
7273

73-
for _, secret := range p.Secrets {
74+
for _, secret := range p.Spec.Secrets {
7475
value, err := p.getSecretFromVault(secret.Path, secret.Key)
7576
if err != nil {
7677
return nil, err
@@ -87,7 +88,7 @@ func (p *plugin) Generate() (resmap.ResMap, error) {
8788
args.LiteralSources = append(args.LiteralSources, entry)
8889
}
8990

90-
return p.rf.FromSecretArgs(p.ldr, nil, args)
91+
return p.rf.FromSecretArgs(p.ldr, p.Spec.Options, args)
9192
}
9293

9394
func getVaultToken() (string, error) {

0 commit comments

Comments
 (0)