/
patchsecrets.go
49 lines (40 loc) · 1.44 KB
/
patchsecrets.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
package secrets
import (
"context"
"fmt"
"github.com/rancher/shepherd/clients/rancher"
"github.com/rancher/shepherd/pkg/api/scheme"
coreV1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
)
type PatchOP string
const (
AddPatchOP PatchOP = "add"
ReplacePatchOP PatchOP = "replace"
RemovePatchOP PatchOP = "remove"
)
// PatchSecret is a helper function that uses the dynamic client to patch a secret in a namespace for a specific cluster.
// Different secret operations are supported: add, replace, remove.
func PatchSecret(client *rancher.Client, clusterID, secretName, namespace string, patchType types.PatchType, patchOp PatchOP, patchPath, patchData string, patchOpts metav1.PatchOptions) (*coreV1.Secret, error) {
patchJSONOperation := fmt.Sprintf(`
[
{ "op": "%v", "path": "%v", "value": "%v" }
]
`, patchOp, patchPath, patchData)
dynamicClient, err := client.GetDownStreamClusterClient(clusterID)
if err != nil {
return nil, err
}
secretResource := dynamicClient.Resource(SecretGroupVersionResource).Namespace(namespace)
unstructuredResp, err := secretResource.Patch(context.TODO(), secretName, patchType, []byte(patchJSONOperation), patchOpts)
if err != nil {
return nil, err
}
newSecret := &coreV1.Secret{}
err = scheme.Scheme.Convert(unstructuredResp, newSecret, unstructuredResp.GroupVersionKind())
if err != nil {
return nil, err
}
return newSecret, nil
}