feat: enable secret types

Daniel Ward · Daniel Ward · commit 5ff248f7f974 · 2020-10-28T09:53:01.000-04:00
diff --git a/api/v1/syncedsecret_types.go b/api/v1/syncedsecret_types.go
@@ -17,6 +17,7 @@ package v1
 
 import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	corev1 "k8s.io/api/core/v1"
 )
 
 // EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
@@ -104,6 +105,8 @@ type SyncedSecret struct {
 
 	Spec   SyncedSecretSpec   `json:"spec,omitempty"`
 	Status SyncedSecretStatus `json:"status,omitempty"`
+
+	Type corev1.SecretType `json:"type,omitempty"`
 }
 
 // +kubebuilder:object:root=true
diff --git a/pkg/k8ssecret/secret.go b/pkg/k8ssecret/secret.go
@@ -153,13 +153,19 @@ func GenerateK8SSecret(
 		}
 	}
 
+
+	secretType := corev1.SecretTypeOpaque
+	if cs.Type != "" {
+		secretType = cs.Type
+	}
+
 	secret := &corev1.Secret{
 		TypeMeta: metav1.TypeMeta{
 			APIVersion: "v1",
 			Kind:       "Secret",
 		},
 		ObjectMeta: secretMeta,
-		Type:       "Opaque",
+		Type:       secretType,
 		Data:       data,
 	}
 
diff --git a/pkg/k8ssecret/secret_test.go b/pkg/k8ssecret/secret_test.go
@@ -160,6 +160,58 @@ func TestGenerateSecret(t *testing.T) {
 					"field2": []byte("value2"),
 				},
 			},
+		},{
+			name: "it should support fields with a hardcoded value for Secret Type",
+			have: have{
+				SyncedSecret: secretsv1.SyncedSecret{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:      "secret-name",
+						Namespace: "secret-namespace",
+					},
+					Spec: secretsv1.SyncedSecretSpec{
+						SecretMetadata: metav1.ObjectMeta{
+							Name:      "secret-name",
+							Namespace: "secret-namespace",
+							Annotations: map[string]string{
+								"randomkey": "random/string",
+							},
+						},
+						Data: []*secretsv1.SecretField{
+							{
+								Name:  _s("foo"),
+								Value: _s("bar"),
+							},
+							{
+								Name:  _s("field2"),
+								Value: _s("value2"),
+							},
+						},
+						IAMRole: _s("iam_role"),
+					},
+					Type: "kubernetes.io/dockerconfigjson",
+				},
+				err:               nil,
+				cachedSecrets:     secretsmanager.Secrets{"cachedSecret1": {}, "cachedSecret2": {}},
+				secretValueGetter: mockgetSecretValue,
+			},
+			want: &corev1.Secret{
+				TypeMeta: metav1.TypeMeta{
+					Kind:       "Secret",
+					APIVersion: "v1",
+				},
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      "secret-name",
+					Namespace: "secret-namespace",
+					Annotations: map[string]string{
+						"randomkey": "random/string",
+					},
+				},
+				Type: "kubernetes.io/dockerconfigjson",
+				Data: map[string][]byte{
+					"foo":    []byte("bar"),
+					"field2": []byte("value2"),
+				},
+			},
 		},
 		{
 			name: "it should support references to a single field in an AWS Secret",

Original file line number	Diff line number	Diff line change
`@@ -17,6 +17,7 @@ package v1`
`17`	`17`
`18`	`18`	`import (`
`19`	`19`	`metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"`
	`20`	`+ corev1 "k8s.io/api/core/v1"`
`20`	`21`	`)`
`21`	`22`
`22`	`23`	`// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!`
`@@ -104,6 +105,8 @@ type SyncedSecret struct {`
`104`	`105`
`105`	`106`	Spec SyncedSecretSpec `json:"spec,omitempty"`
`106`	`107`	Status SyncedSecretStatus `json:"status,omitempty"`
	`108`	`+`
	`109`	+ Type corev1.SecretType `json:"type,omitempty"`
`107`	`110`	`}`
`108`	`111`
`109`	`112`	`// +kubebuilder:object:root=true`
Original file line number	Diff line number	Diff line change
`@@ -153,13 +153,19 @@ func GenerateK8SSecret(`
`153`	`153`	`}`
`154`	`154`	`}`
`155`	`155`
	`156`	`+`
	`157`	`+ secretType := corev1.SecretTypeOpaque`
	`158`	`+ if cs.Type != "" {`
	`159`	`+ secretType = cs.Type`
	`160`	`+ }`
	`161`	`+`
`156`	`162`	`secret := &corev1.Secret{`
`157`	`163`	`TypeMeta: metav1.TypeMeta{`
`158`	`164`	`APIVersion: "v1",`
`159`	`165`	`Kind: "Secret",`
`160`	`166`	`},`
`161`	`167`	`ObjectMeta: secretMeta,`
`162`		`- Type: "Opaque",`
	`168`	`+ Type: secretType,`
`163`	`169`	`Data: data,`
`164`	`170`	`}`
`165`	`171`