/
secret.go
78 lines (61 loc) · 1.87 KB
/
secret.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
package transformers
import (
"encoding/base64"
"fmt"
"sort"
"github.com/ContainerSolutions/helm-convert/pkg/types"
ktypes "sigs.k8s.io/kustomize/pkg/types"
)
type secretTransformer struct{}
var _ Transformer = &secretTransformer{}
// NewSecretTransformer constructs a secretTransformer.
func NewSecretTransformer() Transformer {
return &secretTransformer{}
}
// Transform retrieve secrets from manifests and store them as secretGenerator in the kustomization.yaml
func (t *secretTransformer) Transform(config *ktypes.Kustomization, resources *types.Resources) error {
for id, res := range resources.ResMap {
kind, err := res.GetFieldValue("kind")
if err != nil {
continue
}
if kind != "Secret" {
continue
}
name, err := res.GetFieldValue("metadata.name")
if err != nil {
continue
}
secretType, err := res.GetFieldValue("type")
if err != nil {
secretType = "Opaque"
}
obj := resources.ResMap[id].Map()
var data map[string]interface{}
if _, found := obj["data"]; found && obj["data"] != nil {
data = obj["data"].(map[string]interface{})
}
secretArg := ktypes.SecretArgs{
GeneratorArgs: ktypes.GeneratorArgs{
Name: name,
},
Type: secretType,
}
dataDecoded := make(map[string]string, len(data))
for key, value := range data {
decoded, err := base64.StdEncoding.DecodeString(value.(string))
if err != nil {
return fmt.Errorf("couldn't base64 decode the secret key '%s' with value '%v'", key, value)
}
dataDecoded[key] = string(decoded)
}
secretArg.GeneratorArgs.DataSources = TransformDataSource(name, dataDecoded, resources.SourceFiles)
config.SecretGenerator = append(config.SecretGenerator, secretArg)
delete(resources.ResMap, res.Id())
}
// sort by name
sort.Slice(config.SecretGenerator, func(i, j int) bool {
return config.SecretGenerator[i].Name < config.SecretGenerator[j].Name
})
return nil
}