github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/kubernetes/resource_kubernetes_secret.go

github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/kubernetes/resource_kubernetes_secret.go (about)

     1  package kubernetes
     2  
     3  import (
     4  	"log"
     5  
     6  	"fmt"
     7  	"github.com/hashicorp/terraform/helper/schema"
     8  	pkgApi "k8s.io/kubernetes/pkg/api"
     9  	"k8s.io/kubernetes/pkg/api/errors"
    10  	api "k8s.io/kubernetes/pkg/api/v1"
    11  	kubernetes "k8s.io/kubernetes/pkg/client/clientset_generated/release_1_5"
    12  )
    13  
    14  func resourceKubernetesSecret() *schema.Resource {
    15  	return &schema.Resource{
    16  		Create: resourceKubernetesSecretCreate,
    17  		Read:   resourceKubernetesSecretRead,
    18  		Exists: resourceKubernetesSecretExists,
    19  		Update: resourceKubernetesSecretUpdate,
    20  		Delete: resourceKubernetesSecretDelete,
    21  		Importer: &schema.ResourceImporter{
    22  			State: schema.ImportStatePassthrough,
    23  		},
    24  
    25  		Schema: map[string]*schema.Schema{
    26  			"metadata": namespacedMetadataSchema("secret", true),
    27  			"data": {
    28  				Type:        schema.TypeMap,
    29  				Description: "A map of the secret data.",
    30  				Optional:    true,
    31  				Sensitive:   true,
    32  			},
    33  			"type": {
    34  				Type:        schema.TypeString,
    35  				Description: "Type of secret",
    36  				Default:     "Opaque",
    37  				Optional:    true,
    38  				ForceNew:    true,
    39  			},
    40  		},
    41  	}
    42  }
    43  
    44  func resourceKubernetesSecretCreate(d *schema.ResourceData, meta interface{}) error {
    45  	conn := meta.(*kubernetes.Clientset)
    46  
    47  	metadata := expandMetadata(d.Get("metadata").([]interface{}))
    48  	secret := api.Secret{
    49  		ObjectMeta: metadata,
    50  		StringData: expandStringMap(d.Get("data").(map[string]interface{})),
    51  	}
    52  
    53  	if v, ok := d.GetOk("type"); ok {
    54  		secret.Type = api.SecretType(v.(string))
    55  	}
    56  
    57  	log.Printf("[INFO] Creating new secret: %#v", secret)
    58  	out, err := conn.CoreV1().Secrets(metadata.Namespace).Create(&secret)
    59  	if err != nil {
    60  		return err
    61  	}
    62  
    63  	log.Printf("[INFO] Submitting new secret: %#v", out)
    64  	d.SetId(buildId(out.ObjectMeta))
    65  
    66  	return resourceKubernetesSecretRead(d, meta)
    67  }
    68  
    69  func resourceKubernetesSecretRead(d *schema.ResourceData, meta interface{}) error {
    70  	conn := meta.(*kubernetes.Clientset)
    71  
    72  	namespace, name := idParts(d.Id())
    73  
    74  	log.Printf("[INFO] Reading secret %s", name)
    75  	secret, err := conn.CoreV1().Secrets(namespace).Get(name)
    76  	if err != nil {
    77  		return err
    78  	}
    79  
    80  	log.Printf("[INFO] Received secret: %#v", secret)
    81  	err = d.Set("metadata", flattenMetadata(secret.ObjectMeta))
    82  	if err != nil {
    83  		return err
    84  	}
    85  
    86  	d.Set("data", byteMapToStringMap(secret.Data))
    87  	d.Set("type", secret.Type)
    88  
    89  	return nil
    90  }
    91  
    92  func resourceKubernetesSecretUpdate(d *schema.ResourceData, meta interface{}) error {
    93  	conn := meta.(*kubernetes.Clientset)
    94  
    95  	namespace, name := idParts(d.Id())
    96  
    97  	ops := patchMetadata("metadata.0.", "/metadata/", d)
    98  	if d.HasChange("data") {
    99  		oldV, newV := d.GetChange("data")
   100  
   101  		oldV = base64EncodeStringMap(oldV.(map[string]interface{}))
   102  		newV = base64EncodeStringMap(newV.(map[string]interface{}))
   103  
   104  		diffOps := diffStringMap("/data/", oldV.(map[string]interface{}), newV.(map[string]interface{}))
   105  
   106  		ops = append(ops, diffOps...)
   107  	}
   108  
   109  	data, err := ops.MarshalJSON()
   110  	if err != nil {
   111  		return fmt.Errorf("Failed to marshal update operations: %s", err)
   112  	}
   113  
   114  	log.Printf("[INFO] Updating secret %q: %v", name, data)
   115  	out, err := conn.CoreV1().Secrets(namespace).Patch(name, pkgApi.JSONPatchType, data)
   116  	if err != nil {
   117  		return fmt.Errorf("Failed to update secret: %s", err)
   118  	}
   119  
   120  	log.Printf("[INFO] Submitting updated secret: %#v", out)
   121  	d.SetId(buildId(out.ObjectMeta))
   122  
   123  	return resourceKubernetesSecretRead(d, meta)
   124  }
   125  
   126  func resourceKubernetesSecretDelete(d *schema.ResourceData, meta interface{}) error {
   127  	conn := meta.(*kubernetes.Clientset)
   128  
   129  	namespace, name := idParts(d.Id())
   130  
   131  	log.Printf("[INFO] Deleting secret: %q", name)
   132  	err := conn.CoreV1().Secrets(namespace).Delete(name, &api.DeleteOptions{})
   133  	if err != nil {
   134  		return err
   135  	}
   136  
   137  	log.Printf("[INFO] Secret %s deleted", name)
   138  
   139  	d.SetId("")
   140  
   141  	return nil
   142  }
   143  
   144  func resourceKubernetesSecretExists(d *schema.ResourceData, meta interface{}) (bool, error) {
   145  	conn := meta.(*kubernetes.Clientset)
   146  
   147  	namespace, name := idParts(d.Id())
   148  
   149  	log.Printf("[INFO] Checking secret %s", name)
   150  	_, err := conn.CoreV1().Secrets(namespace).Get(name)
   151  	if err != nil {
   152  		if statusErr, ok := err.(*errors.StatusError); ok && statusErr.ErrStatus.Code == 404 {
   153  			return false, nil
   154  		}
   155  		log.Printf("[DEBUG] Received error: %#v", err)
   156  	}
   157  
   158  	return true, err
   159  }