diff --git a/sealedsecrets/provider.go b/sealedsecrets/provider.go index 0072d40..e4d05c4 100644 --- a/sealedsecrets/provider.go +++ b/sealedsecrets/provider.go @@ -227,7 +227,7 @@ func providerConfigure(ctx context.Context, d *schema.ResourceData) (interface{} cfg.Burst = 100 // Overriding with static configuration - cfg.UserAgent = fmt.Sprintf("HashiCorp/1.0 Terraform") + cfg.UserAgent = "HashiCorp/1.0 Terraform" if v, ok := k8sGetOk(d, "host"); ok { cfg.Host = v.(string) diff --git a/sealedsecrets/resource_secret.go b/sealedsecrets/resource_secret.go index 37af2b0..48a4759 100644 --- a/sealedsecrets/resource_secret.go +++ b/sealedsecrets/resource_secret.go @@ -66,6 +66,7 @@ func resourceSecret() *schema.Resource { func resourceSecretCreate(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics { log.Printf("resourceSecretCreate") + // 1. Generate manifest sealedSecretManifest, err := createSealedSecret(d, m.(*kubectl.KubeProvider)) if err != nil { diff --git a/utils/kubectl/kubectl.go b/utils/kubectl/kubectl.go index c62723b..f119bda 100644 --- a/utils/kubectl/kubectl.go +++ b/utils/kubectl/kubectl.go @@ -4,21 +4,22 @@ import ( "context" "encoding/json" "fmt" - "regexp" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "io/ioutil" - "k8s.io/cli-runtime/pkg/printers" - "os" - "time" "log" + "os" + "regexp" "strings" + "time" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "k8s.io/cli-runtime/pkg/printers" "k8s.io/cli-runtime/pkg/genericclioptions" k8sresource "k8s.io/cli-runtime/pkg/resource" + diskcached "k8s.io/client-go/discovery/cached/disk" apiregistration "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1" "k8s.io/kubectl/pkg/cmd/apply" k8sdelete "k8s.io/kubectl/pkg/cmd/delete" - diskcached "k8s.io/client-go/discovery/cached/disk" "github.com/icza/dyno" @@ -29,16 +30,17 @@ import ( k8sschema "k8s.io/apimachinery/pkg/runtime/schema" yamlWriter "sigs.k8s.io/yaml" + "path/filepath" + + "github.com/mitchellh/go-homedir" + "k8s.io/apimachinery/pkg/api/meta" "k8s.io/client-go/discovery" "k8s.io/client-go/dynamic" - aggregator "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset" - "k8s.io/client-go/rest" - "k8s.io/client-go/kubernetes" - "k8s.io/client-go/tools/clientcmd" - "k8s.io/apimachinery/pkg/api/meta" - "path/filepath" - "k8s.io/client-go/restmapper" - "github.com/mitchellh/go-homedir" + "k8s.io/client-go/kubernetes" + "k8s.io/client-go/rest" + "k8s.io/client-go/restmapper" + "k8s.io/client-go/tools/clientcmd" + aggregator "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset" ) type KubeProvider struct { @@ -176,7 +178,7 @@ func ResourceKubectlManifestApply(ctx context.Context, yaml string, waitForRolou log.Printf("[DEBUG] %v fetched successfully, set id to: %v", manifest, selfLink) - return selfLink, nil + return selfLink, nil } func ResourceKubectlManifestRead(ctx context.Context, yaml string, meta interface{}) (bool, error) { diff --git a/utils/kubeseal/kubeseal.go b/utils/kubeseal/kubeseal.go index e278bd5..26a075e 100644 --- a/utils/kubeseal/kubeseal.go +++ b/utils/kubeseal/kubeseal.go @@ -89,12 +89,12 @@ func ParseKey(r io.Reader) (*rsa.PublicKey, error) { // ParseCertsPem returns error if len(certs) == 0, but best to be sure... if len(certs) == 0 { - return nil, errors.New("Failed to read any certificates") + return nil, errors.New("failed to read any certificates") } cert, ok := certs[0].PublicKey.(*rsa.PublicKey) if !ok { - return nil, fmt.Errorf("Expected RSA public key but found %v", certs[0].PublicKey) + return nil, fmt.Errorf("expected RSA public key but found %v", certs[0].PublicKey) } return cert, nil @@ -110,11 +110,11 @@ func Seal(in io.Reader, pubKey *rsa.PublicKey, scope ssv1alpha1.SealingScope, al } if len(secret.Data) == 0 && len(secret.StringData) == 0 && !allowEmptyData { - return "", fmt.Errorf("Secret.data is empty in input Secret, assuming this is an error and aborting. To work with empty data, --allow-empty-data can be used.") + return "", fmt.Errorf("secret.data is empty in input Secret, assuming this is an error and aborting. To work with empty data, --allow-empty-data can be used") } if secret.GetName() == "" { - return "", fmt.Errorf("Missing metadata.name in input Secret") + return "", fmt.Errorf("missing metadata.name in input Secret") } if scope != ssv1alpha1.DefaultScope { diff --git a/utils/utils.go b/utils/utils.go index 87495ac..7e69658 100644 --- a/utils/utils.go +++ b/utils/utils.go @@ -1,15 +1,15 @@ package utils import ( - "io" + "bytes" "crypto/sha256" "fmt" - "bytes" - "text/template" + "io" + "text/template" ) var ( - secretManifestTemplate = ` + secretManifestTemplate = ` apiVersion: v1 data: {{- range $key, $value := .Secrets }} @@ -24,10 +24,10 @@ type: {{ .Type }}` ) type SecretManifest struct { - Name string - Namespace string - Type string - Secrets map[string]interface {} + Name string + Namespace string + Type string + Secrets map[string]interface{} } func SHA256(src string) string { @@ -36,23 +36,23 @@ func SHA256(src string) string { return fmt.Sprintf("%x", h.Sum(nil)) } -func GenerateSecretManifest(name string, namespace string, _type string, secrets map[string]interface {}) (io.Reader, error) { - secretManifestYAML := new(bytes.Buffer) +func GenerateSecretManifest(name string, namespace string, _type string, secrets map[string]interface{}) (io.Reader, error) { + secretManifestYAML := new(bytes.Buffer) - secretManifest := SecretManifest{ - Name: name, - Namespace: namespace, - Type: _type, - Secrets: secrets, - } + secretManifest := SecretManifest{ + Name: name, + Namespace: namespace, + Type: _type, + Secrets: secrets, + } - t := template.Must(template.New("secretManifestTemplate").Parse(secretManifestTemplate)) - err := t.Execute(secretManifestYAML, secretManifest) + t := template.Must(template.New("secretManifestTemplate").Parse(secretManifestTemplate)) + err := t.Execute(secretManifestYAML, secretManifest) if err != nil { return nil, err } - return secretManifestYAML, nil + return secretManifestYAML, nil } func ExpandStringSlice(s []interface{}) []string { @@ -67,4 +67,3 @@ func ExpandStringSlice(s []interface{}) []string { } return result } -