github.com/koding/terraform@v0.6.4-0.20170608090606-5d7e0339779d/builtin/providers/kubernetes/resource_kubernetes_secret.go (about)

     1  package kubernetes
     2  
     3  import (
     4  	"log"
     5  
     6  	"fmt"
     7  	"github.com/hashicorp/terraform/helper/schema"
     8  	"k8s.io/apimachinery/pkg/api/errors"
     9  	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
    10  	pkgApi "k8s.io/apimachinery/pkg/types"
    11  	api "k8s.io/kubernetes/pkg/api/v1"
    12  	kubernetes "k8s.io/kubernetes/pkg/client/clientset_generated/clientset"
    13  )
    14  
    15  func resourceKubernetesSecret() *schema.Resource {
    16  	return &schema.Resource{
    17  		Create: resourceKubernetesSecretCreate,
    18  		Read:   resourceKubernetesSecretRead,
    19  		Exists: resourceKubernetesSecretExists,
    20  		Update: resourceKubernetesSecretUpdate,
    21  		Delete: resourceKubernetesSecretDelete,
    22  		Importer: &schema.ResourceImporter{
    23  			State: schema.ImportStatePassthrough,
    24  		},
    25  
    26  		Schema: map[string]*schema.Schema{
    27  			"metadata": namespacedMetadataSchema("secret", true),
    28  			"data": {
    29  				Type:        schema.TypeMap,
    30  				Description: "A map of the secret data.",
    31  				Optional:    true,
    32  				Sensitive:   true,
    33  			},
    34  			"type": {
    35  				Type:        schema.TypeString,
    36  				Description: "Type of secret",
    37  				Default:     "Opaque",
    38  				Optional:    true,
    39  				ForceNew:    true,
    40  			},
    41  		},
    42  	}
    43  }
    44  
    45  func resourceKubernetesSecretCreate(d *schema.ResourceData, meta interface{}) error {
    46  	conn := meta.(*kubernetes.Clientset)
    47  
    48  	metadata := expandMetadata(d.Get("metadata").([]interface{}))
    49  	secret := api.Secret{
    50  		ObjectMeta: metadata,
    51  		StringData: expandStringMap(d.Get("data").(map[string]interface{})),
    52  	}
    53  
    54  	if v, ok := d.GetOk("type"); ok {
    55  		secret.Type = api.SecretType(v.(string))
    56  	}
    57  
    58  	log.Printf("[INFO] Creating new secret: %#v", secret)
    59  	out, err := conn.CoreV1().Secrets(metadata.Namespace).Create(&secret)
    60  	if err != nil {
    61  		return err
    62  	}
    63  
    64  	log.Printf("[INFO] Submitting new secret: %#v", out)
    65  	d.SetId(buildId(out.ObjectMeta))
    66  
    67  	return resourceKubernetesSecretRead(d, meta)
    68  }
    69  
    70  func resourceKubernetesSecretRead(d *schema.ResourceData, meta interface{}) error {
    71  	conn := meta.(*kubernetes.Clientset)
    72  
    73  	namespace, name := idParts(d.Id())
    74  
    75  	log.Printf("[INFO] Reading secret %s", name)
    76  	secret, err := conn.CoreV1().Secrets(namespace).Get(name, meta_v1.GetOptions{})
    77  	if err != nil {
    78  		return err
    79  	}
    80  
    81  	log.Printf("[INFO] Received secret: %#v", secret)
    82  	err = d.Set("metadata", flattenMetadata(secret.ObjectMeta))
    83  	if err != nil {
    84  		return err
    85  	}
    86  
    87  	d.Set("data", byteMapToStringMap(secret.Data))
    88  	d.Set("type", secret.Type)
    89  
    90  	return nil
    91  }
    92  
    93  func resourceKubernetesSecretUpdate(d *schema.ResourceData, meta interface{}) error {
    94  	conn := meta.(*kubernetes.Clientset)
    95  
    96  	namespace, name := idParts(d.Id())
    97  
    98  	ops := patchMetadata("metadata.0.", "/metadata/", d)
    99  	if d.HasChange("data") {
   100  		oldV, newV := d.GetChange("data")
   101  
   102  		oldV = base64EncodeStringMap(oldV.(map[string]interface{}))
   103  		newV = base64EncodeStringMap(newV.(map[string]interface{}))
   104  
   105  		diffOps := diffStringMap("/data/", oldV.(map[string]interface{}), newV.(map[string]interface{}))
   106  
   107  		ops = append(ops, diffOps...)
   108  	}
   109  
   110  	data, err := ops.MarshalJSON()
   111  	if err != nil {
   112  		return fmt.Errorf("Failed to marshal update operations: %s", err)
   113  	}
   114  
   115  	log.Printf("[INFO] Updating secret %q: %v", name, data)
   116  	out, err := conn.CoreV1().Secrets(namespace).Patch(name, pkgApi.JSONPatchType, data)
   117  	if err != nil {
   118  		return fmt.Errorf("Failed to update secret: %s", err)
   119  	}
   120  
   121  	log.Printf("[INFO] Submitting updated secret: %#v", out)
   122  	d.SetId(buildId(out.ObjectMeta))
   123  
   124  	return resourceKubernetesSecretRead(d, meta)
   125  }
   126  
   127  func resourceKubernetesSecretDelete(d *schema.ResourceData, meta interface{}) error {
   128  	conn := meta.(*kubernetes.Clientset)
   129  
   130  	namespace, name := idParts(d.Id())
   131  
   132  	log.Printf("[INFO] Deleting secret: %q", name)
   133  	err := conn.CoreV1().Secrets(namespace).Delete(name, &meta_v1.DeleteOptions{})
   134  	if err != nil {
   135  		return err
   136  	}
   137  
   138  	log.Printf("[INFO] Secret %s deleted", name)
   139  
   140  	d.SetId("")
   141  
   142  	return nil
   143  }
   144  
   145  func resourceKubernetesSecretExists(d *schema.ResourceData, meta interface{}) (bool, error) {
   146  	conn := meta.(*kubernetes.Clientset)
   147  
   148  	namespace, name := idParts(d.Id())
   149  
   150  	log.Printf("[INFO] Checking secret %s", name)
   151  	_, err := conn.CoreV1().Secrets(namespace).Get(name, meta_v1.GetOptions{})
   152  	if err != nil {
   153  		if statusErr, ok := err.(*errors.StatusError); ok && statusErr.ErrStatus.Code == 404 {
   154  			return false, nil
   155  		}
   156  		log.Printf("[DEBUG] Received error: %#v", err)
   157  	}
   158  
   159  	return true, err
   160  }