sigs.k8s.io/cluster-api-provider-aws@v1.5.5/cmd/clusterawsadm/controller/credentials/update_credentials.go

sigs.k8s.io/cluster-api-provider-aws@v1.5.5/cmd/clusterawsadm/controller/credentials/update_credentials.go (about)

     1  /*
     2  Copyright 2021 The Kubernetes Authors.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8  	http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package credentials
    18  
    19  import (
    20  	"context"
    21  	"fmt"
    22  	"os"
    23  
    24  	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
    25  	"k8s.io/apimachinery/pkg/types"
    26  
    27  	"sigs.k8s.io/cluster-api-provider-aws/cmd/clusterawsadm/controller"
    28  )
    29  
    30  // UpdateCredentialsInput defines the specs for update credentials input.
    31  type UpdateCredentialsInput struct {
    32  	KubeconfigPath    string
    33  	KubeconfigContext string
    34  	Credentials       string
    35  	Namespace         string
    36  }
    37  
    38  // UpdateCredentials updates the CAPA controller bootstrap secret
    39  // RolloutControllers() must be called after any change to the controller bootstrap secret to take effect.
    40  func UpdateCredentials(input UpdateCredentialsInput) error {
    41  	client, err := controller.GetClient(input.KubeconfigPath, input.KubeconfigContext)
    42  	if err != nil {
    43  		fmt.Fprintf(os.Stderr, "Failed to get client-go client for the cluster: %s\n", err.Error())
    44  		return err
    45  	}
    46  
    47  	creds := input.Credentials
    48  	if creds == "" {
    49  		creds = "Cg=="
    50  	}
    51  
    52  	patch := fmt.Sprintf("{\"data\":{\"credentials\": \"%s\"}}", creds)
    53  	_, err = client.CoreV1().Secrets(input.Namespace).Patch(
    54  		context.TODO(),
    55  		controller.BootstrapCredsSecret,
    56  		types.MergePatchType,
    57  		[]byte(patch),
    58  		metav1.PatchOptions{},
    59  	)
    60  	if err != nil {
    61  		fmt.Fprintf(os.Stderr, "Failed to patch bootstrap credentials secret: %s\n", err.Error())
    62  		return err
    63  	}
    64  
    65  	secret, err := client.CoreV1().Secrets(input.Namespace).Get(context.TODO(), controller.BootstrapCredsSecret, metav1.GetOptions{})
    66  	if err != nil {
    67  		fmt.Fprintf(os.Stderr, "Failed to get bootstrap credentials secret: %s\n", err.Error())
    68  		return err
    69  	}
    70  	controller.PrintBootstrapCredentials(secret)
    71  	return nil
    72  }