package edgeinjector import ( "context" "fmt" "k8s.io/apimachinery/pkg/runtime" "edge-infra.dev/pkg/edge/datasync/couchdb" "edge-infra.dev/pkg/lib/fog" corev1 "k8s.io/api/core/v1" "sigs.k8s.io/controller-runtime/pkg/client" ) var ( allowedRoles = []string{couchdb.ReadOnlyUser, couchdb.CreateViewUser} ) type CouchUserField string const ( Username = CouchUserField("COUCHDB_USER") Password = CouchUserField("COUCHDB_PASSWORD") URI = CouchUserField("COUCHDB_URI") ) type CouchUserWebhook struct { client.Client } func (c *CouchUserWebhook) Default(ctx context.Context, obj runtime.Object) error { log := fog.FromContext(ctx).WithValues("name", "CouchDBUserWebhook") pod, ok := obj.(*corev1.Pod) if !ok { err := fmt.Errorf("expected a Pod but got a %T", obj) log.Error(err, "not a pod") return err } log = log.WithValues("pod", client.ObjectKeyFromObject(pod)) if SecretLabelValue(pod, CouchDBSecret) != "" { log.Info("pod couch secret label found") return nil } ctx = fog.IntoContext(ctx, log) InjectSecret(ctx, pod, CouchDBSecret, map[string]string{ string(Username): couchdb.SecretUsername, string(Password): couchdb.SecretPassword, string(URI): couchdb.SecretURI, }) log.Info("successfully injected couchdb user secret environment variables") return nil }