/
mq.go
70 lines (58 loc) · 2.07 KB
/
mq.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
/*
Copyright 2019 The Crossplane Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package mq
import (
"context"
"github.com/pkg/errors"
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/types"
"sigs.k8s.io/controller-runtime/pkg/client"
xpv1 "github.com/crossplane/crossplane-runtime/apis/common/v1"
"github.com/crossplane/crossplane-runtime/pkg/resource"
)
const (
errGetPasswordSecretFailed = "cannot get password secret"
)
// Client defines MQ MQClient operations
type Client interface{}
// GetPassword fetches the referenced input password for an MQBroker CRD and determines whether it has changed or not
func GetPassword(ctx context.Context, kube client.Client, in *xpv1.SecretKeySelector, out *xpv1.SecretReference) (newPwd string, changed bool, err error) {
if in == nil {
return "", false, nil
}
nn := types.NamespacedName{
Name: in.Name,
Namespace: in.Namespace,
}
s := &corev1.Secret{}
if err := kube.Get(ctx, nn, s); err != nil {
return "", false, errors.Wrap(err, errGetPasswordSecretFailed)
}
newPwd = string(s.Data[in.Key])
if out != nil {
nn = types.NamespacedName{
Name: out.Name,
Namespace: out.Namespace,
}
s = &corev1.Secret{}
// the output secret may not exist yet, so we can skip returning an
// error if the error is NotFound
if err := kube.Get(ctx, nn, s); resource.IgnoreNotFound(err) != nil {
return "", false, err
}
// if newPwd was set to some value, compare value in output secret with
// newPwd
changed = newPwd != "" && newPwd != string(s.Data[xpv1.ResourceCredentialsSecretPasswordKey])
}
return newPwd, changed, nil
}