add support for Kubernetes TLS keys for flux create secret tls

Add support for using `tls.key`, `tls.crt` and `ca.crt` keys while generating a Secret, using the `--tls-key-file`, `--tls-crt-file` and `--ca-crt-file` flags respectively. Mark the flags `--key-file`, `--cert-file` and `--ca-file` as deprecated. Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
2026-02-13 21:16:57 +00:00 · 2023-08-09 17:10:45 +05:30
parent a2ac94b625
commit bf36a29ca2
7 changed files with 213 additions and 39 deletions
--- a/pkg/manifestgen/sourcesecret/options.go
+++ b/pkg/manifestgen/sourcesecret/options.go
@@ -33,13 +33,19 @@ const (
 const (
 	UsernameSecretKey   = "username"
 	PasswordSecretKey   = "password"
-	CAFileSecretKey     = "caFile"
-	CertFileSecretKey   = "certFile"
-	KeyFileSecretKey    = "keyFile"
+	CACrtSecretKey      = "ca.crt"
+	TlsCrtSecretKey     = "tls.crt"
+	TlsKeySecretKey     = "tls.key"
 	PrivateKeySecretKey = "identity"
 	PublicKeySecretKey  = "identity.pub"
 	KnownHostsSecretKey = "known_hosts"
 	BearerTokenKey      = "bearerToken"
+
+	// Depreacted: These keys are used in the generated secrets if the
+	// command was invoked with the deprecated TLS flags.
+	CAFileSecretKey   = "caFile"
+	CertFileSecretKey = "certFile"
+	KeyFileSecretKey  = "keyFile"
 )

 type Options struct {
@@ -54,12 +60,18 @@ type Options struct {
 	Keypair             *ssh.KeyPair
 	Username            string
 	Password            string
-	CAFile              []byte
-	CertFile            []byte
-	KeyFile             []byte
+	CACrt               []byte
+	TlsCrt              []byte
+	TlsKey              []byte
 	TargetPath          string
 	ManifestFile        string
 	BearerToken         string
+
+	// Depreacted: These fields are used to store TLS data that
+	// specified by the deprecated TLS flags.
+	CAFile   []byte
+	CertFile []byte
+	KeyFile  []byte
 }

 func MakeDefaultOptions() Options {