From ca000a7509b308d142a926dcdaf5e5fa7b56d4d3 Mon Sep 17 00:00:00 2001 From: PrimalPimmy Date: Tue, 2 Jul 2024 16:46:51 +0530 Subject: [PATCH] Kubeconfig storing Signed-off-by: PrimalPimmy --- .../reconcilers/spire-bootstrap/reconciler.go | 54 ++++++++++--------- 1 file changed, 30 insertions(+), 24 deletions(-) diff --git a/controllers/pkg/reconcilers/spire-bootstrap/reconciler.go b/controllers/pkg/reconcilers/spire-bootstrap/reconciler.go index 4d04f3e9..1cab7162 100644 --- a/controllers/pkg/reconcilers/spire-bootstrap/reconciler.go +++ b/controllers/pkg/reconcilers/spire-bootstrap/reconciler.go @@ -22,6 +22,7 @@ import ( "encoding/json" "fmt" "io/ioutil" + "strings" reconcilerinterface "github.com/nephio-project/nephio/controllers/pkg/reconcilers/reconciler-interface" "github.com/spiffe/go-spiffe/v2/workloadapi" @@ -117,13 +118,6 @@ func (r *reconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Resu return ctrl.Result{}, errors.Wrap(err, msg) } - // for _, secret := range secrets.Items { - // if strings.Contains(secret.GetName(), cl.Name) { - // // secret := secret - // // clusterClient, ok := cluster.Cluster{Client: r.Client}.GetClusterClient(&secret) - // } - // } - // found := false // for _, secret := range secrets.Items { // if strings.Contains(secret.GetName(), cl.Name) { @@ -201,12 +195,22 @@ func (r *reconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Resu client.SetToken(clientToken) - secret, err := getSecret(client, "secret/my-super-secret") + for _, secret := range secrets.Items { + if strings.Contains(secret.GetName(), cl.Name) { + secret := secret + storeKubeconfig(secret, client, "secret/my-super-secret", cl.Name) + // clusterClient, ok := cluster.Cluster{Client: r.Client}.GetClusterClient(&secret) + } + } + + // secret, err := getSecret(client, "secret/my-super-secret") + + kubeconfig, err := fetchKubeconfig(client, "secret/my-super-secret", cl.Name) if err != nil { log.Error(err, "Error retrieving secret:") } - fmt.Printf("Secret retrieved: %v\n", secret) + fmt.Printf("Secret retrieved: %v\n", kubeconfig) return reconcile.Result{}, nil } @@ -294,24 +298,26 @@ func getSecret(client *vault.Client, secretPath string) (map[string]interface{}, return secret.Data, nil } -// func storeKubeconfig(kubeconfigData corev1.Secret, client *vault.Client, secretPath, clusterName, kubeconfigPath string) error { -// // Read the Kubeconfig file +func storeKubeconfig(kubeconfigData corev1.Secret, client *vault.Client, secretPath, clusterName string) error { + // Read the Kubeconfig file -// // Prepare the data to store -// data := map[string]interface{}{ -// "data": map[string]interface{}{ -// clusterName: string(), -// }, -// } + fmt.Println("Base64 encoded secret data:", kubeconfigData.Data) -// // Store the data in Vault -// _, err = client.Logical().Write(secretPath, data) -// if err != nil { -// return fmt.Errorf("unable to write secret to Vault: %w", err) -// } + // Prepare the data to store + data := map[string]interface{}{ + "data": map[string]interface{}{ + clusterName: kubeconfigData.Data, + }, + } -// return nil -// } + // Store the data in Vault + _, err := client.Logical().Write(secretPath, data) + if err != nil { + return fmt.Errorf("unable to write secret to Vault: %w", err) + } + + return nil +} func fetchKubeconfig(client *vault.Client, secretPath, clusterName string) (string, error) { // Read the secret