85 lines
2.1 KiB
Go
85 lines
2.1 KiB
Go
package restic
|
|
|
|
import (
|
|
"github.com/pkg/errors"
|
|
corev1api "k8s.io/api/core/v1"
|
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
|
corev1client "k8s.io/client-go/kubernetes/typed/core/v1"
|
|
corev1listers "k8s.io/client-go/listers/core/v1"
|
|
)
|
|
|
|
const (
|
|
CredentialsSecretName = "ark-restic-credentials"
|
|
CredentialsKey = "ark-restic-credentials"
|
|
)
|
|
|
|
func NewRepositoryKey(secretClient corev1client.SecretsGetter, namespace string, data []byte) error {
|
|
secret := &corev1api.Secret{
|
|
ObjectMeta: metav1.ObjectMeta{
|
|
Namespace: namespace,
|
|
Name: CredentialsSecretName,
|
|
},
|
|
Type: corev1api.SecretTypeOpaque,
|
|
Data: map[string][]byte{
|
|
CredentialsKey: data,
|
|
},
|
|
}
|
|
|
|
_, err := secretClient.Secrets(namespace).Create(secret)
|
|
if err != nil {
|
|
return errors.WithStack(err)
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
type SecretGetter interface {
|
|
GetSecret(namespace, name string) (*corev1api.Secret, error)
|
|
}
|
|
|
|
type clientSecretGetter struct {
|
|
client corev1client.SecretsGetter
|
|
}
|
|
|
|
func NewClientSecretGetter(client corev1client.SecretsGetter) SecretGetter {
|
|
return &clientSecretGetter{client: client}
|
|
}
|
|
|
|
func (c *clientSecretGetter) GetSecret(namespace, name string) (*corev1api.Secret, error) {
|
|
secret, err := c.client.Secrets(namespace).Get(name, metav1.GetOptions{})
|
|
if err != nil {
|
|
return nil, errors.WithStack(err)
|
|
}
|
|
return secret, nil
|
|
}
|
|
|
|
type listerSecretGetter struct {
|
|
lister corev1listers.SecretLister
|
|
}
|
|
|
|
func NewListerSecretGetter(lister corev1listers.SecretLister) SecretGetter {
|
|
return &listerSecretGetter{lister: lister}
|
|
}
|
|
|
|
func (l *listerSecretGetter) GetSecret(namespace, name string) (*corev1api.Secret, error) {
|
|
secret, err := l.lister.Secrets(namespace).Get(name)
|
|
if err != nil {
|
|
return nil, errors.WithStack(err)
|
|
}
|
|
return secret, nil
|
|
}
|
|
|
|
func GetRepositoryKey(secretGetter SecretGetter, namespace string) ([]byte, error) {
|
|
secret, err := secretGetter.GetSecret(namespace, CredentialsSecretName)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
key, found := secret.Data[CredentialsKey]
|
|
if !found {
|
|
return nil, errors.Errorf("%q secret is missing data for key %q", CredentialsSecretName, CredentialsKey)
|
|
}
|
|
|
|
return key, nil
|
|
}
|