github.com/olli-ai/jx/v2@v2.0.400-0.20210921045218-14731b4dd448/pkg/cloud/amazon/vault/vault_backend.go (about) 1 package vault 2 3 import ( 4 "fmt" 5 6 v1 "k8s.io/api/core/v1" 7 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 8 "k8s.io/client-go/kubernetes" 9 ) 10 11 const ( 12 awsServiceAccountSecretKey = "credentials" 13 ) 14 15 // StoreAWSCredentialsIntoSecret stores AWS credentials into a secret 16 func StoreAWSCredentialsIntoSecret(client kubernetes.Interface, awsAccessKeyID, awsSecretAccessKey, vaultName, namespace string) (string, error) { 17 credentialsFileContent := []byte(fmt.Sprintf(`[default] 18 aws_access_key_id=%s 19 aws_secret_access_key=%s 20 `, awsAccessKeyID, awsSecretAccessKey)) 21 22 secretName := AwsServiceAccountSecretName(vaultName) 23 secret := &v1.Secret{ 24 ObjectMeta: metav1.ObjectMeta{ 25 Name: secretName, 26 }, 27 Data: map[string][]byte{ 28 awsServiceAccountSecretKey: credentialsFileContent, 29 }, 30 } 31 32 secrets := client.CoreV1().Secrets(namespace) 33 _, err := secrets.Get(secretName, metav1.GetOptions{}) 34 if err != nil { 35 _, err = secrets.Create(secret) 36 } else { 37 _, err = secrets.Update(secret) 38 } 39 return secretName, nil 40 }