Mask dockerconfigjson secret types and support StringData secrets

If implemented, flux diff kustomization will managed correctly sops managed dockerconfigjson secrets. Sops encrypted secret with stringData maps are supported too. Signed-off-by: Soule BA <soule@weave.works>
2026-02-13 13:06:56 +00:00 · 2022-02-06 00:28:37 +01:00
parent cf3f729f98
commit 2e9fd33ce5
19 changed files with 281 additions and 24 deletions
--- a/cmd/flux/diff_kustomization_test.go
+++ b/cmd/flux/diff_kustomization_test.go
@@ -79,6 +79,18 @@ func TestDiffKustomization(t *testing.T) {
 			objectFile: "./testdata/diff-kustomization/value-sops-secret.yaml",
 			assert:     assertGoldenFile("./testdata/diff-kustomization/diff-with-drifted-value-sops-secret.golden"),
 		},
+		{
+			name:       "diff with a sops dockerconfigjson secret object",
+			args:       "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo",
+			objectFile: "./testdata/diff-kustomization/dockerconfigjson-sops-secret.yaml",
+			assert:     assertGoldenFile("./testdata/diff-kustomization/diff-with-dockerconfigjson-sops-secret.golden"),
+		},
+		{
+			name:       "diff with a sops stringdata secret object",
+			args:       "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo",
+			objectFile: "./testdata/diff-kustomization/stringdata-sops-secret.yaml",
+			assert:     assertGoldenFile("./testdata/diff-kustomization/diff-with-stringdata-sops-secret.golden"),
+		},
 	}

 	tmpl := map[string]string{