Merge pull request #309 from replicatedhq/divolgin/secrets

divolgin · web-flow · commit e8dba3cad919 · 2021-01-08T12:21:04.000-08:00
Create pull secrets if they don't have names
diff --git a/pkg/collect/collectd.go b/pkg/collect/collectd.go
@@ -139,12 +139,12 @@ func createDaemonSet(ctx context.Context, client *kubernetes.Clientset, rrdColle
 		},
 	}
 
-	if rrdCollector.ImagePullSecret != nil && rrdCollector.ImagePullSecret.Name != "" {
-		err := createSecret(ctx, client, namespace, rrdCollector.ImagePullSecret)
+	if rrdCollector.ImagePullSecret != nil && rrdCollector.ImagePullSecret.Data != nil {
+		secretName, err := createSecret(ctx, client, namespace, rrdCollector.ImagePullSecret)
 		if err != nil {
 			return "", errors.Wrap(err, "failed to create secret")
 		}
-		ds.Spec.Template.Spec.ImagePullSecrets = append(ds.Spec.Template.Spec.ImagePullSecrets, corev1.LocalObjectReference{Name: rrdCollector.ImagePullSecret.Name})
+		ds.Spec.Template.Spec.ImagePullSecrets = append(ds.Spec.Template.Spec.ImagePullSecrets, corev1.LocalObjectReference{Name: secretName})
 	}
 
 	createdDS, err := client.AppsV1().DaemonSets(namespace).Create(ctx, &ds, metav1.CreateOptions{})
diff --git a/pkg/collect/run.go b/pkg/collect/run.go
@@ -155,12 +155,12 @@ func runPod(ctx context.Context, client *kubernetes.Clientset, runCollector *tro
 		},
 	}
 
-	if runCollector.ImagePullSecret != nil && runCollector.ImagePullSecret.Name != "" {
-		err := createSecret(ctx, client, pod.Namespace, runCollector.ImagePullSecret)
+	if runCollector.ImagePullSecret != nil && runCollector.ImagePullSecret.Data != nil {
+		secretName, err := createSecret(ctx, client, pod.Namespace, runCollector.ImagePullSecret)
 		if err != nil {
 			return nil, errors.Wrap(err, "failed to create secret")
 		}
-		pod.Spec.ImagePullSecrets = append(pod.Spec.ImagePullSecrets, corev1.LocalObjectReference{Name: runCollector.ImagePullSecret.Name})
+		pod.Spec.ImagePullSecrets = append(pod.Spec.ImagePullSecrets, corev1.LocalObjectReference{Name: secretName})
 	}
 	created, err := client.CoreV1().Pods(namespace).Create(ctx, &pod, metav1.CreateOptions{})
 	if err != nil {
@@ -170,33 +170,33 @@ func runPod(ctx context.Context, client *kubernetes.Clientset, runCollector *tro
 	return created, nil
 }
 
-func createSecret(ctx context.Context, client *kubernetes.Clientset, namespace string, imagePullSecret *troubleshootv1beta2.ImagePullSecrets) error {
+func createSecret(ctx context.Context, client *kubernetes.Clientset, namespace string, imagePullSecret *troubleshootv1beta2.ImagePullSecrets) (string, error) {
 	if imagePullSecret.Data == nil {
-		return nil
+		return "", nil
 	}
 
 	var out bytes.Buffer
 	data := make(map[string][]byte)
 	if imagePullSecret.SecretType != "kubernetes.io/dockerconfigjson" {
-		return errors.Errorf("ImagePullSecret must be of type: kubernetes.io/dockerconfigjson")
+		return "", errors.Errorf("ImagePullSecret must be of type: kubernetes.io/dockerconfigjson")
 	}
 
 	// Check if required field in data exists
 	v, found := imagePullSecret.Data[".dockerconfigjson"]
 	if !found {
-		return errors.Errorf("Secret type kubernetes.io/dockerconfigjson requires argument \".dockerconfigjson\"")
+		return "", errors.Errorf("Secret type kubernetes.io/dockerconfigjson requires argument \".dockerconfigjson\"")
 	}
 	if len(imagePullSecret.Data) > 1 {
-		return errors.Errorf("Secret type kubernetes.io/dockerconfigjson accepts only one argument \".dockerconfigjson\"")
+		return "", errors.Errorf("Secret type kubernetes.io/dockerconfigjson accepts only one argument \".dockerconfigjson\"")
 	}
 	// K8s client accepts only Json formated files as data, provided data must be decoded and indented
 	parsedConfig, err := base64.StdEncoding.DecodeString(v)
 	if err != nil {
-		return errors.Wrap(err, "Unable to decode data.")
+		return "", errors.Wrap(err, "Unable to decode data.")
 	}
 	err = json.Indent(&out, parsedConfig, "", "\t")
 	if err != nil {
-		return errors.Wrap(err, "Unable to parse encoded data.")
+		return "", errors.Wrap(err, "Unable to parse encoded data.")
 	}
 	data[".dockerconfigjson"] = out.Bytes()
 
@@ -214,10 +214,10 @@ func createSecret(ctx context.Context, client *kubernetes.Clientset, namespace s
 		Type: corev1.SecretType(imagePullSecret.SecretType),
 	}
 
-	_, err = client.CoreV1().Secrets(namespace).Create(ctx, &secret, metav1.CreateOptions{})
+	created, err := client.CoreV1().Secrets(namespace).Create(ctx, &secret, metav1.CreateOptions{})
 	if err != nil {
-		return errors.Wrap(err, "failed to create secret")
+		return "", errors.Wrap(err, "failed to create secret")
 	}
 
-	return nil
+	return created.Name, nil
 }

Original file line number	Diff line number	Diff line change
`@@ -139,12 +139,12 @@ func createDaemonSet(ctx context.Context, client *kubernetes.Clientset, rrdColle`
`139`	`139`	`},`
`140`	`140`	`}`
`141`	`141`
`142`		`- if rrdCollector.ImagePullSecret != nil && rrdCollector.ImagePullSecret.Name != "" {`
`143`		`- err := createSecret(ctx, client, namespace, rrdCollector.ImagePullSecret)`
	`142`	`+ if rrdCollector.ImagePullSecret != nil && rrdCollector.ImagePullSecret.Data != nil {`
	`143`	`+ secretName, err := createSecret(ctx, client, namespace, rrdCollector.ImagePullSecret)`
`144`	`144`	`if err != nil {`
`145`	`145`	`return "", errors.Wrap(err, "failed to create secret")`
`146`	`146`	`}`
`147`		`- ds.Spec.Template.Spec.ImagePullSecrets = append(ds.Spec.Template.Spec.ImagePullSecrets, corev1.LocalObjectReference{Name: rrdCollector.ImagePullSecret.Name})`
	`147`	`+ ds.Spec.Template.Spec.ImagePullSecrets = append(ds.Spec.Template.Spec.ImagePullSecrets, corev1.LocalObjectReference{Name: secretName})`
`148`	`148`	`}`
`149`	`149`
`150`	`150`	`createdDS, err := client.AppsV1().DaemonSets(namespace).Create(ctx, &ds, metav1.CreateOptions{})`
Original file line number	Diff line number	Diff line change
`@@ -155,12 +155,12 @@ func runPod(ctx context.Context, client kubernetes.Clientset, runCollector tro`
`155`	`155`	`},`
`156`	`156`	`}`
`157`	`157`
`158`		`- if runCollector.ImagePullSecret != nil && runCollector.ImagePullSecret.Name != "" {`
`159`		`- err := createSecret(ctx, client, pod.Namespace, runCollector.ImagePullSecret)`
	`158`	`+ if runCollector.ImagePullSecret != nil && runCollector.ImagePullSecret.Data != nil {`
	`159`	`+ secretName, err := createSecret(ctx, client, pod.Namespace, runCollector.ImagePullSecret)`
`160`	`160`	`if err != nil {`
`161`	`161`	`return nil, errors.Wrap(err, "failed to create secret")`
`162`	`162`	`}`
`163`		`- pod.Spec.ImagePullSecrets = append(pod.Spec.ImagePullSecrets, corev1.LocalObjectReference{Name: runCollector.ImagePullSecret.Name})`
	`163`	`+ pod.Spec.ImagePullSecrets = append(pod.Spec.ImagePullSecrets, corev1.LocalObjectReference{Name: secretName})`
`164`	`164`	`}`
`165`	`165`	`created, err := client.CoreV1().Pods(namespace).Create(ctx, &pod, metav1.CreateOptions{})`
`166`	`166`	`if err != nil {`
`@@ -170,33 +170,33 @@ func runPod(ctx context.Context, client kubernetes.Clientset, runCollector tro`
`170`	`170`	`return created, nil`
`171`	`171`	`}`
`172`	`172`
`173`		`-func createSecret(ctx context.Context, client kubernetes.Clientset, namespace string, imagePullSecret troubleshootv1beta2.ImagePullSecrets) error {`
	`173`	`+func createSecret(ctx context.Context, client kubernetes.Clientset, namespace string, imagePullSecret troubleshootv1beta2.ImagePullSecrets) (string, error) {`
`174`	`174`	`if imagePullSecret.Data == nil {`
`175`		`- return nil`
	`175`	`+ return "", nil`
`176`	`176`	`}`
`177`	`177`
`178`	`178`	`var out bytes.Buffer`
`179`	`179`	`data := make(map[string][]byte)`
`180`	`180`	`if imagePullSecret.SecretType != "kubernetes.io/dockerconfigjson" {`
`181`		`- return errors.Errorf("ImagePullSecret must be of type: kubernetes.io/dockerconfigjson")`
	`181`	`+ return "", errors.Errorf("ImagePullSecret must be of type: kubernetes.io/dockerconfigjson")`
`182`	`182`	`}`
`183`	`183`
`184`	`184`	`// Check if required field in data exists`
`185`	`185`	`v, found := imagePullSecret.Data[".dockerconfigjson"]`
`186`	`186`	`if !found {`
`187`		`- return errors.Errorf("Secret type kubernetes.io/dockerconfigjson requires argument \".dockerconfigjson\"")`
	`187`	`+ return "", errors.Errorf("Secret type kubernetes.io/dockerconfigjson requires argument \".dockerconfigjson\"")`
`188`	`188`	`}`
`189`	`189`	`if len(imagePullSecret.Data) > 1 {`
`190`		`- return errors.Errorf("Secret type kubernetes.io/dockerconfigjson accepts only one argument \".dockerconfigjson\"")`
	`190`	`+ return "", errors.Errorf("Secret type kubernetes.io/dockerconfigjson accepts only one argument \".dockerconfigjson\"")`
`191`	`191`	`}`
`192`	`192`	`// K8s client accepts only Json formated files as data, provided data must be decoded and indented`
`193`	`193`	`parsedConfig, err := base64.StdEncoding.DecodeString(v)`
`194`	`194`	`if err != nil {`
`195`		`- return errors.Wrap(err, "Unable to decode data.")`
	`195`	`+ return "", errors.Wrap(err, "Unable to decode data.")`
`196`	`196`	`}`
`197`	`197`	`err = json.Indent(&out, parsedConfig, "", "\t")`
`198`	`198`	`if err != nil {`
`199`		`- return errors.Wrap(err, "Unable to parse encoded data.")`
	`199`	`+ return "", errors.Wrap(err, "Unable to parse encoded data.")`
`200`	`200`	`}`
`201`	`201`	`data[".dockerconfigjson"] = out.Bytes()`
`202`	`202`
`@@ -214,10 +214,10 @@ func createSecret(ctx context.Context, client *kubernetes.Clientset, namespace s`
`214`	`214`	`Type: corev1.SecretType(imagePullSecret.SecretType),`
`215`	`215`	`}`
`216`	`216`
`217`		`- _, err = client.CoreV1().Secrets(namespace).Create(ctx, &secret, metav1.CreateOptions{})`
	`217`	`+ created, err := client.CoreV1().Secrets(namespace).Create(ctx, &secret, metav1.CreateOptions{})`
`218`	`218`	`if err != nil {`
`219`		`- return errors.Wrap(err, "failed to create secret")`
	`219`	`+ return "", errors.Wrap(err, "failed to create secret")`
`220`	`220`	`}`
`221`	`221`
`222`		`- return nil`
	`222`	`+ return created.Name, nil`
`223`	`223`	`}`