-
Notifications
You must be signed in to change notification settings - Fork 12
Expand file tree
/
Copy pathSopsConfigMap.go
More file actions
83 lines (69 loc) · 2.12 KB
/
SopsConfigMap.go
File metadata and controls
83 lines (69 loc) · 2.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
// Copyright 2019 Agilicus Incorporated
// SPDX-License-Identifier: Apache-2.0
package main
import (
"log"
"path/filepath"
"go.mozilla.org/sops/decrypt"
"sigs.k8s.io/kustomize/v3/pkg/ifc"
"sigs.k8s.io/kustomize/v3/pkg/resmap"
"sigs.k8s.io/kustomize/v3/pkg/types"
"sigs.k8s.io/yaml"
)
type plugin struct {
ldr ifc.Loader
rf *resmap.Factory
types.GeneratorOptions `json:"generatorOptions,omitempty" yaml:"generatorOptions,omitempty"`
types.ConfigMapArgs
Name string `json:"name,omitempty" yaml:"name,omitempty"`
Namespace string `json:"namespace,omitempty" yaml:"namespace,omitempty"`
Source string `json:"source,omitempty" yaml:"source,omitempty"`
// List of keys to use in database lookups
Keys []string `json:"keys,omitempty" yaml:"keys,omitempty"`
}
// KustomizePlugin ...
//noinspection GoUnusedGlobalVariable
//nolint: golint
var KustomizePlugin plugin
func (p *plugin) Config(
ldr ifc.Loader, rf *resmap.Factory, c []byte) error {
p.ConfigMapArgs = types.ConfigMapArgs{}
p.GeneratorOptions = types.GeneratorOptions{}
p.rf = rf
p.ldr = ldr
return yaml.Unmarshal(c, p)
}
// (root string, args []string) (map[string]string, error) {
func (p *plugin) Generate() (resmap.ResMap, error) {
args := types.ConfigMapArgs{}
args.Name = p.Name
args.Namespace = p.Namespace
args.GeneratorArgs.Behavior = "merge"
if len(p.Source) == 0 {
p.Source = "secrets.enc.yaml"
}
secret := make(map[string]string)
secretFile := filepath.Join(p.ldr.Root(), p.Source)
v, err := decrypt.File(secretFile, "yaml")
if err != nil {
log.Fatalf("error: cannot decode file %s :: %v", secretFile, err)
}
err = yaml.Unmarshal([]byte(v), &secret)
if err != nil {
log.Fatalf("error: cannot unmarshal %s as yaml :: %v", secretFile, err)
}
if len(p.Keys) == 0 {
for k := range secret {
p.Keys = append(p.Keys, k)
}
}
for _, k := range p.Keys {
v, ok := secret[k]
if ok {
args.LiteralSources = append(args.LiteralSources, k+"="+v)
} else {
log.Fatalf("error: key <%s> not present in %s\n", k, secretFile)
}
}
return p.rf.FromConfigMapArgs(p.ldr, &p.GeneratorOptions, args)
}