Mirrors/flux2
1
0
Fork 0
mirror of synced 2026-02-13 21:16:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

add support for Kubernetes TLS keys for flux create secret tls

Browse Source 
Add support for using `tls.key`, `tls.crt` and `ca.crt` keys while
generating a Secret, using the `--tls-key-file`, `--tls-crt-file` and
`--ca-crt-file` flags respectively.
Mark the flags `--key-file`, `--cert-file` and `--ca-file` as
deprecated.

Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
This commit is contained in:
Sanskar Jaiswal
2023-08-09 17:10:45 +05:30
parent a2ac94b625
commit bf36a29ca2
7 changed files with 213 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
pkg/manifestgen/sourcesecret/sourcesecret.go
View File

@@ -89,7 +89,7 @@ func Generate(options Options) (*manifestgen.Manifest, error) {
}
}
secret := buildSecret(keypair, hostKey, options.CAFile, options.CertFile, options.KeyFile, dockerCfgJson, options)
secret := buildSecret(keypair, hostKey, dockerCfgJson, options)
b, err := yaml.Marshal(secret)
if err != nil {
return nil, err
@@ -130,7 +130,7 @@ func LoadKeyPair(privateKey []byte, password string) (*ssh.KeyPair, error) {
}, nil
}
func buildSecret(keypair *ssh.KeyPair, hostKey, caFile, certFile, keyFile, dockerCfg []byte, options Options) (secret corev1.Secret) {
func buildSecret(keypair *ssh.KeyPair, hostKey, dockerCfg []byte, options Options) (secret corev1.Secret) {
secret.TypeMeta = metav1.TypeMeta{
APIVersion: "v1",
Kind: "Secret",
@@ -156,13 +156,18 @@ func buildSecret(keypair *ssh.KeyPair, hostKey, caFile, certFile, keyFile, docke
secret.StringData[BearerTokenKey] = options.BearerToken
}
if len(caFile) != 0 {
secret.StringData[CAFileSecretKey] = string(caFile)
if len(options.CACrt) != 0 {
secret.StringData[CACrtSecretKey] = string(options.CACrt)
} else if len(options.CAFile) != 0 {
secret.StringData[CAFileSecretKey] = string(options.CAFile)
}
if len(certFile) != 0 && len(keyFile) != 0 {
secret.StringData[CertFileSecretKey] = string(certFile)
secret.StringData[KeyFileSecretKey] = string(keyFile)
if len(options.TlsCrt) != 0 && len(options.TlsKey) != 0 {
secret.StringData[TlsCrtSecretKey] = string(options.TlsCrt)
secret.StringData[TlsKeySecretKey] = string(options.TlsKey)
} else if len(options.CertFile) != 0 && len(options.KeyFile) != 0 {
secret.StringData[CertFileSecretKey] = string(options.CertFile)
secret.StringData[KeyFileSecretKey] = string(options.KeyFile)
}
if keypair != nil && len(hostKey) != 0 {