Update ephemeral-bmc-secret to use base64 data

Transform stringData into base64-enc data manually so the annotation won't remain from the stringData. Closes: #424 Change-Id: I4bcfd57601d9199307c749e8e6deb5ee5445d821
2021-03-12 13:39:18 -06:00 · 2021-03-12 13:39:18 -06:00 · 97377236ec
commit 97377236ec
parent 0d588c83b1
6 changed files with 38 additions and 2 deletions
--- a/krm-functions/cloud-init/image/go.mod
+++ b/krm-functions/cloud-init/image/go.mod
@ -3,7 +3,6 @@ module opendev.org/airship/airshipctl/functions/cloud-init/image
 go 1.14

 require (
-	opendev.org/airship/airshipctl v0.0.0-20210421143147-014e24cd1591
 	sigs.k8s.io/kustomize/kyaml v0.10.0
 	sigs.k8s.io/kustomize/api v0.7.2
 )
--- a/manifests/function/ephemeral/replacements/cleanup.yaml
+++ b/manifests/function/ephemeral/replacements/cleanup.yaml
@ -0,0 +1,12 @@
+apiVersion: builtin
+kind: PatchStrategicMergeTransformer
+metadata:
+  name: delete-secret-stringData
+patches: |-
+  ---
+  apiVersion: v1
+  kind: Secret
+  metadata:
+    name: ephemeral-bmc-secret
+  stringData:
+    $patch: delete
--- a/manifests/function/ephemeral/replacements/kustomization.yaml
+++ b/manifests/function/ephemeral/replacements/kustomization.yaml
@ -4,3 +4,5 @@ resources:
  - ephemeral-env-vars.yaml
  - networking.yaml
  - generated-secrets.yaml
+  - stringData-encode.yaml
+  - cleanup.yaml
--- a/manifests/function/ephemeral/replacements/stringData-encode.yaml
+++ b/manifests/function/ephemeral/replacements/stringData-encode.yaml
@ -0,0 +1,21 @@
+# These rules inject networking info artifacts into the ephemeral function.
+apiVersion: airshipit.org/v1alpha1
+kind: ReplacementTransformer
+metadata:
+  name: secret-encode
+  annotations:
+    config.kubernetes.io/function: |-
+      container:
+        image: localhost/replacement-transformer
+replacements:
+# converts and moves stringData to data field
+- source:
+    objref:
+      kind: Secret
+      name: ephemeral-bmc-secret
+    fieldref: stringData.userData
+  target:
+    objref:
+      name: ephemeral-bmc-secret
+      kind: Secret
+    fieldrefs: ["data.userData"]
--- a/manifests/function/ephemeral/secret.yaml
+++ b/manifests/function/ephemeral/secret.yaml
@ -6,6 +6,8 @@ metadata:
    airshipit.org/deploy-k8s: "false"
  name: ephemeral-bmc-secret # replacement rules key off this name
 type: Opaque
+data:
+  userData: null
 stringData:
  # These substrings must be overriden via the `replacements` entrypoint and networking catalogue:
  # REPLACEMENT_CP_IP, REPLACEMENT_CP_PORT, REPLACEMENT_CERT_SANS, REPLACEMENT_POD_CIDR
--- a/pkg/document/dochelper_utils.go
+++ b/pkg/document/dochelper_utils.go
@ -37,7 +37,7 @@ func GetSecretDataKey(cfg Document, key string) (string, error) {
 		if err != nil {
 			return "", ErrDocumentMalformed{
 				DocName: docName,
-				Message: "The secret document lacks a data or stringData top level field",
+				Message: "The data or stringData structure is missing or malformed.",
 			}
 		}
 	}