Merge pull request #11945 from sharifelgamal/gcp-sa

don't try to recreate pull secrets for refreshing gcp-auth
2021-07-28 16:09:45 -07:00 · 2021-07-28 16:09:45 -07:00 · 5da954e278
parent f385a698c1 6d710b4e59
commit 5da954e278
1 changed files with 34 additions and 16 deletions
--- a/pkg/addons/addons_gcpauth.go
+++ b/pkg/addons/addons_gcpauth.go
@ -139,18 +139,20 @@ func createPullSecret(cc *config.ClusterConfig, creds *google.Credentials) error
 			secrets := client.Secrets(n.Name)

 			exists := false
-			secList, err := secrets.List(context.TODO(), metav1.ListOptions{})
-			if err != nil {
-				return err
-			}
-			for _, s := range secList.Items {
-				if s.Name == secretName {
-					exists = true
-					break
+			if !Refresh {
+				secList, err := secrets.List(context.TODO(), metav1.ListOptions{})
+				if err != nil {
+					return err
+				}
+				for _, s := range secList.Items {
+					if s.Name == secretName {
+						exists = true
+						break
+					}
 				}
 			}

-			if !exists {
+			if !exists || Refresh {
 				secretObj := &corev1.Secret{
 					ObjectMeta: metav1.ObjectMeta{
 						Name: secretName,
@ -159,9 +161,16 @@ func createPullSecret(cc *config.ClusterConfig, creds *google.Credentials) error
 					Type: "kubernetes.io/dockercfg",
 				}

-				_, err = secrets.Create(context.TODO(), secretObj, metav1.CreateOptions{})
-				if err != nil {
-					return err
+				if exists && Refresh {
+					_, err := secrets.Update(context.TODO(), secretObj, metav1.UpdateOptions{})
+					if err != nil {
+						return err
+					}
+				} else {
+					_, err = secrets.Create(context.TODO(), secretObj, metav1.CreateOptions{})
+					if err != nil {
+						return err
+					}
 				}
 			}

@ -183,10 +192,19 @@ func createPullSecret(cc *config.ClusterConfig, creds *google.Credentials) error

 			ips := corev1.LocalObjectReference{Name: secretName}
 			for _, sa := range salist.Items {
-				sa.ImagePullSecrets = append(sa.ImagePullSecrets, ips)
-				_, err := serviceaccounts.Update(context.TODO(), &sa, metav1.UpdateOptions{})
-				if err != nil {
-					return err
+				add := true
+				for _, ps := range sa.ImagePullSecrets {
+					if ps.Name == secretName {
+						add = false
+						break
+					}
+				}
+				if add {
+					sa.ImagePullSecrets = append(sa.ImagePullSecrets, ips)
+					_, err := serviceaccounts.Update(context.TODO(), &sa, metav1.UpdateOptions{})
+					if err != nil {
+						return err
+					}
 				}
 			}