Fix stringData Secret issue

This commit migrate to the last version of pkg/ssa v0.14.1 that contains a fix for stringData secrets. The test case was changed accordingly to validate a stringData drift. A progress-bar flag option has also been added in order to be able to disable it. Signed-off-by: Soule BA <soule@weave.works>
2026-02-06 19:05:55 +00:00 · 2022-02-18 16:41:16 +01:00
parent 1ff8c2806c
commit 32ad462ebe
11 changed files with 302 additions and 135 deletions
--- a/cmd/flux/diff_kustomization.go
+++ b/cmd/flux/diff_kustomization.go
@@ -40,13 +40,15 @@ flux diff kustomization my-app --path ./path/to/local/manifests`,
 }

 type diffKsFlags struct {
-	path string
+	path        string
+	progressBar bool
 }

 var diffKsArgs diffKsFlags

 func init() {
 	diffKsCmd.Flags().StringVar(&diffKsArgs.path, "path", "", "Path to a local directory that matches the specified Kustomization.spec.path.)")
+	diffKsCmd.Flags().BoolVar(&diffKsArgs.progressBar, "progress-bar", true, "Boolean to set the progress bar. The default value is true.")
 	diffCmd.AddCommand(diffKsCmd)
 }

@@ -64,7 +66,14 @@ func diffKsCmdRun(cmd *cobra.Command, args []string) error {
 		return &RequestError{StatusCode: 2, Err: fmt.Errorf("invalid resource path %q", diffKsArgs.path)}
 	}

-	builder, err := build.NewBuilder(kubeconfigArgs, name, diffKsArgs.path, build.WithTimeout(rootArgs.timeout))
+	var builder *build.Builder
+	var err error
+	if diffKsArgs.progressBar {
+		builder, err = build.NewBuilder(kubeconfigArgs, name, diffKsArgs.path, build.WithTimeout(rootArgs.timeout), build.WithProgressBar())
+	} else {
+		builder, err = build.NewBuilder(kubeconfigArgs, name, diffKsArgs.path, build.WithTimeout(rootArgs.timeout))
+	}
+
 	if err != nil {
 		return &RequestError{StatusCode: 2, Err: err}
 	}
--- a/cmd/flux/diff_kustomization_test.go
+++ b/cmd/flux/diff_kustomization_test.go
@@ -45,51 +45,51 @@ func TestDiffKustomization(t *testing.T) {
 		},
 		{
 			name:       "diff nothing deployed",
-			args:       "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo",
+			args:       "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false",
 			objectFile: "",
 			assert:     assertGoldenFile("./testdata/diff-kustomization/nothing-is-deployed.golden"),
 		},
 		{
 			name:       "diff with a deployment object",
-			args:       "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo",
+			args:       "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false",
 			objectFile: "./testdata/diff-kustomization/deployment.yaml",
 			assert:     assertGoldenFile("./testdata/diff-kustomization/diff-with-deployment.golden"),
 		},
 		{
 			name:       "diff with a drifted service object",
-			args:       "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo",
+			args:       "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false",
 			objectFile: "./testdata/diff-kustomization/service.yaml",
 			assert:     assertGoldenFile("./testdata/diff-kustomization/diff-with-drifted-service.golden"),
 		},
 		{
 			name:       "diff with a drifted secret object",
-			args:       "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo",
+			args:       "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false",
 			objectFile: "./testdata/diff-kustomization/secret.yaml",
 			assert:     assertGoldenFile("./testdata/diff-kustomization/diff-with-drifted-secret.golden"),
 		},
 		{
 			name:       "diff with a drifted key in sops secret object",
-			args:       "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo",
+			args:       "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false",
 			objectFile: "./testdata/diff-kustomization/key-sops-secret.yaml",
 			assert:     assertGoldenFile("./testdata/diff-kustomization/diff-with-drifted-key-sops-secret.golden"),
 		},
 		{
 			name:       "diff with a drifted value in sops secret object",
-			args:       "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo",
+			args:       "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false",
 			objectFile: "./testdata/diff-kustomization/value-sops-secret.yaml",
 			assert:     assertGoldenFile("./testdata/diff-kustomization/diff-with-drifted-value-sops-secret.golden"),
 		},
 		{
 			name:       "diff with a sops dockerconfigjson secret object",
-			args:       "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo",
+			args:       "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false",
 			objectFile: "./testdata/diff-kustomization/dockerconfigjson-sops-secret.yaml",
 			assert:     assertGoldenFile("./testdata/diff-kustomization/diff-with-dockerconfigjson-sops-secret.golden"),
 		},
 		{
 			name:       "diff with a sops stringdata secret object",
-			args:       "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo",
+			args:       "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false",
 			objectFile: "./testdata/diff-kustomization/stringdata-sops-secret.yaml",
-			assert:     assertGoldenFile("./testdata/diff-kustomization/diff-with-stringdata-sops-secret.golden"),
+			assert:     assertGoldenFile("./testdata/diff-kustomization/diff-with-drifted-stringdata-sops-secret.golden"),
 		},
 	}

@@ -137,5 +137,9 @@ func createObjectFromFile(objectFile string, templateValues map[string]string, t
 		t.Fatalf("Error decoding yaml file '%s': %v", objectFile, err)
 	}

+	if err := ssa.SetNativeKindsDefaults(clientObjects); err != nil {
+		t.Fatalf("Error setting native kinds defaults for '%s': %v", objectFile, err)
+	}
+
 	return clientObjects
 }
--- a/cmd/flux/testdata/build-kustomization/podinfo-result.yaml
+++ b/cmd/flux/testdata/build-kustomization/podinfo-result.yaml
@@ -143,8 +143,8 @@ metadata:
  name: secret-basic-auth-stringdata
  namespace: default
 stringData:
-  password: KipTT1BTKio=
-  username: KipTT1BTKio=
+  password: '**SOPS**'
+  username: '**SOPS**'
 type: kubernetes.io/basic-auth
 ---
 apiVersion: v1
--- a/cmd/flux/testdata/diff-kustomization/diff-with-drifted-stringdata-sops-secret.golden
+++ b/cmd/flux/testdata/diff-kustomization/diff-with-drifted-stringdata-sops-secret.golden
@@ -2,5 +2,11 @@
 ► HorizontalPodAutoscaler/default/podinfo created
 ► Service/default/podinfo created
 ► Secret/default/docker-secret created
+► Secret/default/secret-basic-auth-stringdata drifted
+
+data
+  - one map entry removed:     + one map entry added:
+    username1: "*****"           username: "*****"
+
 ► Secret/default/podinfo-token-77t89m9b67 created
 ► Secret/default/db-user-pass-bkbd782d2c created
--- a/cmd/flux/testdata/diff-kustomization/stringdata-sops-secret.yaml
+++ b/cmd/flux/testdata/diff-kustomization/stringdata-sops-secret.yaml
@@ -8,5 +8,5 @@ metadata:
  namespace: default
 stringData:
  password: KipTT1BTKio=
-  username: KipTT1BTKio=
+  username1: KipTT1BTKio=
 type: kubernetes.io/basic-auth