github.com/koding/terraform@v0.6.4-0.20170608090606-5d7e0339779d/builtin/providers/kubernetes/resource_kubernetes_secret.go (about) 1 package kubernetes 2 3 import ( 4 "log" 5 6 "fmt" 7 "github.com/hashicorp/terraform/helper/schema" 8 "k8s.io/apimachinery/pkg/api/errors" 9 meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1" 10 pkgApi "k8s.io/apimachinery/pkg/types" 11 api "k8s.io/kubernetes/pkg/api/v1" 12 kubernetes "k8s.io/kubernetes/pkg/client/clientset_generated/clientset" 13 ) 14 15 func resourceKubernetesSecret() *schema.Resource { 16 return &schema.Resource{ 17 Create: resourceKubernetesSecretCreate, 18 Read: resourceKubernetesSecretRead, 19 Exists: resourceKubernetesSecretExists, 20 Update: resourceKubernetesSecretUpdate, 21 Delete: resourceKubernetesSecretDelete, 22 Importer: &schema.ResourceImporter{ 23 State: schema.ImportStatePassthrough, 24 }, 25 26 Schema: map[string]*schema.Schema{ 27 "metadata": namespacedMetadataSchema("secret", true), 28 "data": { 29 Type: schema.TypeMap, 30 Description: "A map of the secret data.", 31 Optional: true, 32 Sensitive: true, 33 }, 34 "type": { 35 Type: schema.TypeString, 36 Description: "Type of secret", 37 Default: "Opaque", 38 Optional: true, 39 ForceNew: true, 40 }, 41 }, 42 } 43 } 44 45 func resourceKubernetesSecretCreate(d *schema.ResourceData, meta interface{}) error { 46 conn := meta.(*kubernetes.Clientset) 47 48 metadata := expandMetadata(d.Get("metadata").([]interface{})) 49 secret := api.Secret{ 50 ObjectMeta: metadata, 51 StringData: expandStringMap(d.Get("data").(map[string]interface{})), 52 } 53 54 if v, ok := d.GetOk("type"); ok { 55 secret.Type = api.SecretType(v.(string)) 56 } 57 58 log.Printf("[INFO] Creating new secret: %#v", secret) 59 out, err := conn.CoreV1().Secrets(metadata.Namespace).Create(&secret) 60 if err != nil { 61 return err 62 } 63 64 log.Printf("[INFO] Submitting new secret: %#v", out) 65 d.SetId(buildId(out.ObjectMeta)) 66 67 return resourceKubernetesSecretRead(d, meta) 68 } 69 70 func resourceKubernetesSecretRead(d *schema.ResourceData, meta interface{}) error { 71 conn := meta.(*kubernetes.Clientset) 72 73 namespace, name := idParts(d.Id()) 74 75 log.Printf("[INFO] Reading secret %s", name) 76 secret, err := conn.CoreV1().Secrets(namespace).Get(name, meta_v1.GetOptions{}) 77 if err != nil { 78 return err 79 } 80 81 log.Printf("[INFO] Received secret: %#v", secret) 82 err = d.Set("metadata", flattenMetadata(secret.ObjectMeta)) 83 if err != nil { 84 return err 85 } 86 87 d.Set("data", byteMapToStringMap(secret.Data)) 88 d.Set("type", secret.Type) 89 90 return nil 91 } 92 93 func resourceKubernetesSecretUpdate(d *schema.ResourceData, meta interface{}) error { 94 conn := meta.(*kubernetes.Clientset) 95 96 namespace, name := idParts(d.Id()) 97 98 ops := patchMetadata("metadata.0.", "/metadata/", d) 99 if d.HasChange("data") { 100 oldV, newV := d.GetChange("data") 101 102 oldV = base64EncodeStringMap(oldV.(map[string]interface{})) 103 newV = base64EncodeStringMap(newV.(map[string]interface{})) 104 105 diffOps := diffStringMap("/data/", oldV.(map[string]interface{}), newV.(map[string]interface{})) 106 107 ops = append(ops, diffOps...) 108 } 109 110 data, err := ops.MarshalJSON() 111 if err != nil { 112 return fmt.Errorf("Failed to marshal update operations: %s", err) 113 } 114 115 log.Printf("[INFO] Updating secret %q: %v", name, data) 116 out, err := conn.CoreV1().Secrets(namespace).Patch(name, pkgApi.JSONPatchType, data) 117 if err != nil { 118 return fmt.Errorf("Failed to update secret: %s", err) 119 } 120 121 log.Printf("[INFO] Submitting updated secret: %#v", out) 122 d.SetId(buildId(out.ObjectMeta)) 123 124 return resourceKubernetesSecretRead(d, meta) 125 } 126 127 func resourceKubernetesSecretDelete(d *schema.ResourceData, meta interface{}) error { 128 conn := meta.(*kubernetes.Clientset) 129 130 namespace, name := idParts(d.Id()) 131 132 log.Printf("[INFO] Deleting secret: %q", name) 133 err := conn.CoreV1().Secrets(namespace).Delete(name, &meta_v1.DeleteOptions{}) 134 if err != nil { 135 return err 136 } 137 138 log.Printf("[INFO] Secret %s deleted", name) 139 140 d.SetId("") 141 142 return nil 143 } 144 145 func resourceKubernetesSecretExists(d *schema.ResourceData, meta interface{}) (bool, error) { 146 conn := meta.(*kubernetes.Clientset) 147 148 namespace, name := idParts(d.Id()) 149 150 log.Printf("[INFO] Checking secret %s", name) 151 _, err := conn.CoreV1().Secrets(namespace).Get(name, meta_v1.GetOptions{}) 152 if err != nil { 153 if statusErr, ok := err.(*errors.StatusError); ok && statusErr.ErrStatus.Code == 404 { 154 return false, nil 155 } 156 log.Printf("[DEBUG] Received error: %#v", err) 157 } 158 159 return true, err 160 }