Mirrors
/
flux2
mirror of https://github.com/fluxcd/flux2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

handle secret types properly while masking sops data

Browse Source 
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
pull/2646/head
Sanskar Jaiswal 3 years ago
parent e25bb74c05
commit 5c9cbe676d
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File

7
internal/build/build.go
Unescape Escape View File

@ -21,6 +21,7 @@ import (
"context" "context"
"encoding/base64" "encoding/base64"
"encoding/json" "encoding/json"
"errors"
"fmt" "fmt"
"os" "os"
"sync" "sync"
@ -343,7 +344,11 @@ func maskSopsData(res *resource.Resource) error {
res.PipeE(yaml.FieldClearer{Name: "sops"}) res.PipeE(yaml.FieldClearer{Name: "sops"})
secretType, err := res.GetFieldValue(typeField) secretType, err := res.GetFieldValue(typeField)
if err != nil { // If the intented type is Opaque, then it can be omitted from the manifest, since it's the default
// Ref: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets
if errors.As(err, &yaml.NoFieldError{}) {
secretType = "Opaque"
} else if err != nil {
return fmt.Errorf("failed to mask secret %s sops data: %w", res.GetName(), err) return fmt.Errorf("failed to mask secret %s sops data: %w", res.GetName(), err)
} }

Write Preview
Loading…
Cancel
Save