Merge pull request #350 from allymparker/source-git-secret-ref

Add secret-ref flag to create source git
4 years ago · 55b8544d32
parent 4eaf72fa3e 2d67ea5f7f
commit 55b8544d32
6 changed files with 114 additions and 77 deletions
--- a/cmd/gotk/create_source_bucket.go
+++ b/cmd/gotk/create_source_bucket.go
@ -69,6 +69,7 @@ var (
 	sourceBucketSecretKey string
 	sourceBucketRegion    string
 	sourceBucketInsecure  bool
 	sourceBucketSecretRef string
 )
 func init() {
@ -79,6 +80,7 @@ func init() {
 	createSourceBucketCmd.Flags().StringVar(&sourceBucketSecretKey, "secret-key", "", "the bucket secret key")
 	createSourceBucketCmd.Flags().StringVar(&sourceBucketRegion, "region", "", "the bucket region")
 	createSourceBucketCmd.Flags().BoolVar(&sourceBucketInsecure, "insecure", false, "for when connecting to a non-TLS S3 HTTP endpoint")
 	createSourceBucketCmd.Flags().StringVar(&sourceBucketSecretRef, "secret-ref", "", "the name of an existing secret containing credentials")
 	createSourceCmd.AddCommand(createSourceBucketCmd)
 }
@ -88,7 +90,6 @@ func createSourceBucketCmdRun(cmd *cobra.Command, args []string) error {
 		return fmt.Errorf("Bucket source name is required")
 	}
 	name := args[0]
 	secretName := fmt.Sprintf("bucket-%s", name)
 	if sourceBucketName == "" {
 		return fmt.Errorf("bucket-name is required")
@ -126,6 +127,11 @@ func createSourceBucketCmdRun(cmd *cobra.Command, args []string) error {
 			},
 		},
 	}
 	if sourceHelmSecretRef != "" {
 		bucket.Spec.SecretRef = &corev1.LocalObjectReference{
 			Name: sourceBucketSecretRef,
 		}
 	}
 	if export {
 		return exportBucket(*bucket)
@ -141,6 +147,9 @@ func createSourceBucketCmdRun(cmd *cobra.Command, args []string) error {
 	logger.Generatef("generating Bucket source")
 	if sourceBucketSecretRef == "" {
 		secretName := fmt.Sprintf("bucket-%s", name)
 		secret := corev1.Secret{
 			ObjectMeta: metav1.ObjectMeta{
 				Name:      secretName,
@ -164,6 +173,7 @@ func createSourceBucketCmdRun(cmd *cobra.Command, args []string) error {
 			}
 			logger.Successf("authentication configured")
 		}
 	}
 	logger.Actionf("applying Bucket source")
 	namespacedName, err := upsertBucket(ctx, kubeClient, bucket)
--- a/cmd/gotk/create_source_git.go
+++ b/cmd/gotk/create_source_git.go
@ -93,9 +93,11 @@ var (
 	sourceGitSemver   string
 	sourceGitUsername string
 	sourceGitPassword string
 	sourceGitKeyAlgorithm flags.PublicKeyAlgorithm = "rsa"
 	sourceGitRSABits      flags.RSAKeyBits         = 2048
 	sourceGitECDSACurve                            = flags.ECDSACurve{Curve: elliptic.P384()}
 	sourceGitSecretRef    string
 )
 func init() {
@ -108,6 +110,7 @@ func init() {
 	createSourceGitCmd.Flags().Var(&sourceGitKeyAlgorithm, "ssh-key-algorithm", sourceGitKeyAlgorithm.Description())
 	createSourceGitCmd.Flags().Var(&sourceGitRSABits, "ssh-rsa-bits", sourceGitRSABits.Description())
 	createSourceGitCmd.Flags().Var(&sourceGitECDSACurve, "ssh-ecdsa-curve", sourceGitECDSACurve.Description())
 	createSourceGitCmd.Flags().StringVarP(&sourceGitSecretRef, "secret-ref", "", "", "the name of an existing secret containing SSH or basic credentials")
 	createSourceCmd.AddCommand(createSourceGitCmd)
 }
@ -162,6 +165,11 @@ func createSourceGitCmdRun(cmd *cobra.Command, args []string) error {
 	}
 	if export {
 		if sourceGitSecretRef != "" {
 			gitRepository.Spec.SecretRef = &corev1.LocalObjectReference{
 				Name: sourceGitSecretRef,
 			}
 		}
 		return exportGit(gitRepository)
 	}
@ -175,7 +183,9 @@ func createSourceGitCmdRun(cmd *cobra.Command, args []string) error {
 	withAuth := false
 	// TODO(hidde): move all auth prep to separate func?
-	if u.Scheme == "ssh" {
+	if sourceGitSecretRef != "" {
 		withAuth = true
 	} else if u.Scheme == "ssh" {
 		logger.Actionf("generating deploy key pair")
 		pair, err := generateKeyPair(ctx)
 		if err != nil {
@ -240,8 +250,12 @@ func createSourceGitCmdRun(cmd *cobra.Command, args []string) error {
 	logger.Generatef("generating GitRepository source")
 	if withAuth {
 		secretName := name
 		if sourceGitSecretRef != "" {
 			secretName = sourceGitSecretRef
 		}
 		gitRepository.Spec.SecretRef = &corev1.LocalObjectReference{
-			Name: name,
+			Name: secretName,
 		}
 	}
--- a/cmd/gotk/create_source_helm.go
+++ b/cmd/gotk/create_source_helm.go
@ -69,6 +69,7 @@ var (
 	sourceHelmCertFile  string
 	sourceHelmKeyFile   string
 	sourceHelmCAFile    string
 	sourceHelmSecretRef string
 )
 func init() {
@ -78,6 +79,7 @@ func init() {
 	createSourceHelmCmd.Flags().StringVar(&sourceHelmCertFile, "cert-file", "", "TLS authentication cert file path")
 	createSourceHelmCmd.Flags().StringVar(&sourceHelmKeyFile, "key-file", "", "TLS authentication key file path")
 	createSourceHelmCmd.Flags().StringVar(&sourceHelmCAFile, "ca-file", "", "TLS authentication CA file path")
 	createSourceHelmCmd.Flags().StringVarP(&sourceHelmSecretRef, "secret-ref", "", "", "the name of an existing secret containing TLS or basic auth credentials")
 	createSourceCmd.AddCommand(createSourceHelmCmd)
 }
@ -87,7 +89,6 @@ func createSourceHelmCmdRun(cmd *cobra.Command, args []string) error {
 		return fmt.Errorf("HelmRepository source name is required")
 	}
 	name := args[0]
 	secretName := fmt.Sprintf("helm-%s", name)
 	if sourceHelmURL == "" {
 		return fmt.Errorf("url is required")
@ -122,6 +123,12 @@ func createSourceHelmCmdRun(cmd *cobra.Command, args []string) error {
 		},
 	}
 	if sourceHelmSecretRef != "" {
 		helmRepository.Spec.SecretRef = &corev1.LocalObjectReference{
 			Name: sourceHelmSecretRef,
 		}
 	}
 	if export {
 		return exportHelmRepository(*helmRepository)
 	}
@ -135,6 +142,8 @@ func createSourceHelmCmdRun(cmd *cobra.Command, args []string) error {
 	}
 	logger.Generatef("generating HelmRepository source")
 	if sourceHelmSecretRef == "" {
 		secretName := fmt.Sprintf("helm-%s", name)
 		secret := corev1.Secret{
 			ObjectMeta: metav1.ObjectMeta{
@ -181,6 +190,7 @@ func createSourceHelmCmdRun(cmd *cobra.Command, args []string) error {
 			}
 			logger.Successf("authentication configured")
 		}
 	}
 	logger.Actionf("applying HelmRepository source")
 	namespacedName, err := upsertHelmRepository(ctx, kubeClient, helmRepository)
--- a/docs/cmd/gotk_create_source_bucket.md
+++ b/docs/cmd/gotk_create_source_bucket.md
@ -45,6 +45,7 @@ gotk create source bucket [name] [flags]
      --provider sourceBucketProvider   the S3 compatible storage provider name, available options are: (generic, aws) (default generic)
      --region string                   the bucket region
      --secret-key string               the bucket secret key
      --secret-ref string               the name of an existing secret containing credentials
 ```
 ### Options inherited from parent commands
--- a/docs/cmd/gotk_create_source_git.md
+++ b/docs/cmd/gotk_create_source_git.md
@ -58,6 +58,7 @@ gotk create source git [name] [flags]
      --branch string                          git branch (default "master")
  -h, --help                                   help for git
  -p, --password string                        basic authentication password
      --secret-ref string                      the name of an existing secret containing SSH or basic credentials
      --ssh-ecdsa-curve ecdsaCurve             SSH ECDSA public key curve (p256, p384, p521) (default p384)
      --ssh-key-algorithm publicKeyAlgorithm   SSH public key algorithm (rsa, ecdsa, ed25519) (default rsa)
      --ssh-rsa-bits rsaKeyBits                SSH RSA public key bit size (multiplies of 8) (default 2048)
--- a/docs/cmd/gotk_create_source_helm.md
+++ b/docs/cmd/gotk_create_source_helm.md
@ -43,6 +43,7 @@ gotk create source helm [name] [flags]
  -h, --help                help for helm
      --key-file string     TLS authentication key file path
  -p, --password string     basic authentication password
      --secret-ref string   the name of an existing secret containing TLS or basic auth credentials
      --url string          Helm repository address
  -u, --username string     basic authentication username
 ```