This repository has been archived by the owner on Aug 30, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
controller_secret.rs
96 lines (87 loc) · 3.93 KB
/
controller_secret.rs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
use super::{
custom_resources::KubePostgresXlCluster,
enums::ResourceAction,
functions::{create_context, create_global_template, get_kube_config},
structs::EmbeddedSecretTemplates,
vars::NAMESPACE,
};
use kube::{
api::{Api, DeleteParams, PostParams},
client::APIClient,
};
pub async fn action(
custom_resource: &KubePostgresXlCluster,
resource_action: &ResourceAction,
config_map_sha: String,
) -> anyhow::Result<()> {
let context = create_context(&custom_resource, config_map_sha).await;
if context.is_ok() {
let context_unwrapped = context?.to_owned();
let global_template = create_global_template().await?;
let config = get_kube_config().await?;
let client = APIClient::new(config);
let namespace = std::env::var("NAMESPACE").unwrap_or(NAMESPACE.into());
let resource_client = Api::v1Secret(client).within(&namespace);
for asset in EmbeddedSecretTemplates::iter() {
let filename = asset.as_ref();
// Ignore hidden files
if !filename.starts_with(".") {
// Create new resources
let file_data = EmbeddedSecretTemplates::get(&filename).unwrap();
let file_data_string = std::str::from_utf8(file_data.as_ref())?;
let new_resource_object = super::functions::create_resource_object(
&context_unwrapped.to_owned(),
&global_template,
&file_data_string.to_owned(),
)
.await;
if new_resource_object.is_ok() {
let new_resource_object_unwapped = new_resource_object.unwrap();
let pp = PostParams::default();
match resource_action {
ResourceAction::Added => {
match resource_client
.create(&pp, serde_json::to_vec(&new_resource_object_unwapped)?)
.await
{
Ok(o) => {
if new_resource_object_unwapped["metadata"]["name"]
== o.metadata.name
{
info!("Created {}", o.metadata.name);
}
}
Err(e) => error!("{:?}", e), // any other case is probably bad
}
}
ResourceAction::Modified => {
// Don't update secrets on update as they are handled by the rotation controller
// and used for health checks which could cause problems.
// Deleting and recreating the cluster is better if changed values are required.
}
ResourceAction::Deleted => {
let resource_name = &new_resource_object_unwapped["metadata"]["name"]
.as_str()
.unwrap();
match resource_client
.delete(resource_name, &DeleteParams::default())
.await
{
Ok(_o) => info!(
"Deleted {}",
new_resource_object_unwapped["metadata"]["name"]
.as_str()
.unwrap()
),
Err(e) => error!("{:?}", e), // any other case is probably bad
}
}
}
}
}
}
} else {
error!("{}", context.err().unwrap())
}
Ok(())
}