feat: ssh credentials

Author: robertgraeff

cmd/deploy_flux.go

@@ -22,18 +22,19 @@ var deployFluxCmd = &cobra.Command{
 	Use:   "deploy-flux source target",
 	Short: "Transfer an OCM component from a source to a target location",
 	Long:  `Transfers the specified OCM component version from the source location to the target location.`,
-	Args:  cobra.ExactArgs(4),
+	Args:  cobra.ExactArgs(5),
 	ArgAliases: []string{
 		"component-location",
 		"deployment-templates",
 		"deployment-repository",
 		"deployment-repository-branch",
+		"deployment-repository-path",
 	},
 	RunE: func(cmd *cobra.Command, args []string) error {
 		log := logging.GetLogger()
 		log.Debugf("Executing deploy-flux with component-location: %s, deployment-templates: %s, "+
-			"deployment-repository: %s, deployment-repository-branch: %s",
-			args[0], args[1], args[2], args[3])
+			"deployment-repository: %s, deployment-repository-branch: %s, deployment-repository-path: %s",
+			args[0], args[1], args[2], args[3], args[4])
 
 		platformKubeconfig := cmd.Flag(flagKubeconfig).Value.String()
 		platformCluster := clusters.New("platform").WithConfigPath(platformKubeconfig)
@@ -44,7 +45,7 @@ var deployFluxCmd = &cobra.Command{
 			return fmt.Errorf("error initializing client for platform cluster: %w", err)
 		}
 
-		d := flux_deployer.NewFluxDeployer(args[0], args[1], args[2], args[3],
+		d := flux_deployer.NewFluxDeployer(args[0], args[1], args[2], args[3], args[4],
 			cmd.Flag(flagOCMConfig).Value.String(),
 			cmd.Flag(flagGitCredentials).Value.String(),
 			cmd.Flag(flagFluxCDNamespace).Value.String(),

internal/flux_deployer/deployer.go

@@ -29,6 +29,7 @@ type FluxDeployer struct {
 	deploymentTemplates        string
 	deploymentRepository       string
 	deploymentRepositoryBranch string
+	deploymentRepositoryPath   string
 	ocmConfig                  string
 	gitCredentials             string
 	fluxcdNamespace            string
@@ -37,14 +38,15 @@ type FluxDeployer struct {
 	log                        *logrus.Logger
 }
 
-func NewFluxDeployer(componentLocation, deploymentTemplates, deploymentRepository, deploymentRepositoryBranch,
+func NewFluxDeployer(componentLocation, deploymentTemplates, deploymentRepository, deploymentRepositoryBranch, deploymentRepositoryPath,
 	ocmConfig, gitCredentials, fluxcdNamespace, platformKubeconfig string, platformCluster *clusters.Cluster, log *logrus.Logger) *FluxDeployer {
 
 	return &FluxDeployer{
 		componentLocation:          componentLocation,
 		deploymentTemplates:        deploymentTemplates,
 		deploymentRepository:       deploymentRepository,
 		deploymentRepositoryBranch: deploymentRepositoryBranch,
+		deploymentRepositoryPath:   deploymentRepositoryPath,
 		ocmConfig:                  ocmConfig,
 		gitCredentials:             gitCredentials,
 		fluxcdNamespace:            fluxcdNamespace,
@@ -139,16 +141,13 @@ func (d *FluxDeployer) establishFluxSync(ctx context.Context, downloadDir string
 	}
 
 	// Template
-	// TODO: further parameters:
-	// - spec.secretRef.name in the GitRepository: spec.secretRef.name
-	// - spec.path in the Kustomization
 	values := map[string]any{
 		"Values": map[string]any{
 			"namespace": d.fluxcdNamespace,
 			"git": map[string]any{
 				"repoUrl":    d.deploymentRepository,
 				"mainBranch": d.deploymentRepositoryBranch,
-				"path":       "provider",
+				"path":       d.deploymentRepositoryPath,
 				"secretName": secretName,
 			},
 		},

internal/flux_deployer/git_credentials.go

@@ -2,6 +2,7 @@ package flux_deployer
 
 import (
 	"context"
+	"encoding/base64"
 	"fmt"
 	"os"
 
@@ -52,7 +53,12 @@ func CreateGitCredentialsSecret(ctx context.Context, gitCredentials string, secr
 			gitCredentialsData[token] = config.Authentication.BearerToken.Token
 		}
 		if config.Authentication.SSHPrivateKey != nil {
-			gitCredentialsData[identity] = config.Authentication.SSHPrivateKey.PrivateKey
+			privateKey, err := base64.StdEncoding.DecodeString(config.Authentication.SSHPrivateKey.PrivateKey)
+			if err != nil {
+				return fmt.Errorf("error base64 decoding SSH private key: %w", err)
+			}
+
+			gitCredentialsData[identity] = string(privateKey)
 
 			if config.Authentication.SSHPrivateKey.KnownHosts != "" {
 				knownHostsPath := config.Authentication.SSHPrivateKey.KnownHosts