...

Source file src/sigs.k8s.io/kustomize/api/internal/generators/secret.go

Documentation: sigs.k8s.io/kustomize/api/internal/generators 

     1  // Copyright 2020 The Kubernetes Authors.
     2  // SPDX-License-Identifier: Apache-2.0
     3  
     4  package generators
     5  
     6  import (
     7  	"sigs.k8s.io/kustomize/api/ifc"
     8  	"sigs.k8s.io/kustomize/api/types"
     9  	"sigs.k8s.io/kustomize/kyaml/yaml"
    10  )
    11  
    12  // MakeSecret makes a kubernetes Secret.
    13  //
    14  // Secret: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#secret-v1-core
    15  //
    16  // ConfigMaps and Secrets are similar.
    17  //
    18  // Like a ConfigMap, a Secret has a `data` field, but unlike a ConfigMap it has
    19  // no `binaryData` field.
    20  //
    21  // All of a Secret's data is assumed to be opaque in nature, and assumed to be
    22  // base64 encoded from its original representation, regardless of whether the
    23  // original data was UTF-8 text or binary.
    24  //
    25  // This encoding provides no secrecy. It's just a neutral, common means to
    26  // represent opaque text and binary data.  Beneath the base64 encoding
    27  // is presumably further encoding under control of the Secret's consumer.
    28  //
    29  // A Secret has string field `type` which holds an identifier, used by the
    30  // client, to choose the algorithm to interpret the `data` field.  Kubernetes
    31  // cannot make use of this data; it's up to a controller or some pod's service
    32  // to interpret the value, using `type` as a clue as to how to do this.
    33  func MakeSecret(
    34  	ldr ifc.KvLoader, args *types.SecretArgs) (rn *yaml.RNode, err error) {
    35  	rn, err = makeBaseNode("Secret", args.Name, args.Namespace)
    36  	if err != nil {
    37  		return nil, err
    38  	}
    39  	t := "Opaque"
    40  	if args.Type != "" {
    41  		t = args.Type
    42  	}
    43  	if _, err := rn.Pipe(
    44  		yaml.FieldSetter{
    45  			Name:  "type",
    46  			Value: yaml.NewStringRNode(t)}); err != nil {
    47  		return nil, err
    48  	}
    49  	m, err := makeValidatedDataMap(ldr, args.Name, args.KvPairSources)
    50  	if err != nil {
    51  		return nil, err
    52  	}
    53  	if err = rn.LoadMapIntoSecretData(m); err != nil {
    54  		return nil, err
    55  	}
    56  	copyLabelsAndAnnotations(rn, args.Options)
    57  	setImmutable(rn, args.Options)
    58  	return rn, nil
    59  }
    60  

View as plain text