Mirrors/flux2
1
0
Fork 0
mirror of synced 2026-02-06 19:05:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

handle secret types properly while masking sops data

Browse Source 
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
This commit is contained in:
Sanskar Jaiswal
2022-04-18 16:16:08 +05:30
parent e25bb74c05
commit 5c9cbe676d
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
internal/build/build.go
View File

@@ -21,6 +21,7 @@ import (
"context" "context"
"encoding/base64" "encoding/base64"
"encoding/json" "encoding/json"
"errors"
"fmt" "fmt"
"os" "os"
"sync" "sync"
@@ -343,7 +344,11 @@ func maskSopsData(res *resource.Resource) error {
res.PipeE(yaml.FieldClearer{Name: "sops"}) res.PipeE(yaml.FieldClearer{Name: "sops"})
secretType, err := res.GetFieldValue(typeField) secretType, err := res.GetFieldValue(typeField)
if err != nil { // If the intented type is Opaque, then it can be omitted from the manifest, since it's the default
// Ref: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets
if errors.As(err, &yaml.NoFieldError{}) {
secretType = "Opaque"
} else if err != nil {
return fmt.Errorf("failed to mask secret %s sops data: %w", res.GetName(), err) return fmt.Errorf("failed to mask secret %s sops data: %w", res.GetName(), err)
} }