1 package k8objectsutils
2
3 import (
4 "time"
5
6 goext "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
7 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
8
9 "edge-infra.dev/pkg/edge/constants"
10 )
11
12 func BuildExternalSecret(projectID, smSecretName, namespace, secretName, secretKey string) *goext.ExternalSecret {
13 es := buildExternalSecretNoData(projectID, namespace, secretName)
14 es.Spec.Data = []goext.ExternalSecretData{
15 {
16 SecretKey: secretKey,
17 RemoteRef: goext.ExternalSecretDataRemoteRef{
18 Key: smSecretName,
19 },
20 },
21 }
22 return es
23 }
24
25 func BuildExternalSecretWithMultiKeys(projectID, smSecretName, namespace, secretName string, keyMapping map[string]string) *goext.ExternalSecret {
26 es := buildExternalSecretNoData(projectID, namespace, secretName)
27 numKeys := len(keyMapping)
28 data := make([]goext.ExternalSecretData, numKeys)
29 i := 0
30 for remoteKey, secretKey := range keyMapping {
31 data[i] = goext.ExternalSecretData{
32 SecretKey: secretKey,
33 RemoteRef: goext.ExternalSecretDataRemoteRef{
34 Key: smSecretName,
35 Property: remoteKey,
36 },
37 }
38 i++
39 }
40 es.Spec.Data = data
41 return es
42 }
43
44 func buildExternalSecretNoData(projectID, namespace, secretName string) *goext.ExternalSecret {
45 return &goext.ExternalSecret{
46 TypeMeta: metav1.TypeMeta{
47 APIVersion: goext.SchemeGroupVersion.String(),
48 Kind: goext.ExtSecretKind,
49 },
50 ObjectMeta: metav1.ObjectMeta{
51 Name: secretName,
52 Namespace: namespace,
53 Labels: map[string]string{
54 constants.Tenant: projectID,
55 },
56 },
57 Spec: goext.ExternalSecretSpec{
58 SecretStoreRef: goext.SecretStoreRef{
59 Name: "gcp-provider",
60 Kind: "ClusterSecretStore",
61 },
62 Target: goext.ExternalSecretTarget{
63 Name: secretName,
64 CreationPolicy: goext.CreatePolicyOwner,
65 },
66 RefreshInterval: &metav1.Duration{
67 Duration: time.Minute,
68 },
69 },
70 }
71 }
72
View as plain text