From 544c832d6e865c8d591ab9ed271006bdd3d48667 Mon Sep 17 00:00:00 2001 From: Andrew Lavery Date: Mon, 6 Apr 2020 16:57:10 -0400 Subject: [PATCH 1/3] support the 'includeValue' flag for secrets --- pkg/collect/secret.go | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/pkg/collect/secret.go b/pkg/collect/secret.go index 99a401e4..f4043a71 100644 --- a/pkg/collect/secret.go +++ b/pkg/collect/secret.go @@ -34,16 +34,20 @@ func Secret(ctx *Context, secretCollector *troubleshootv1beta1.Secret) ([]byte, Errors: make(map[string][]byte), } - secret, encoded, err := secret(client, secretCollector) + if secretCollector.Namespace == "" { + secretCollector.Namespace = "default" + } + + path, encoded, err := secret(client, secretCollector) if err != nil { errorBytes, err := marshalNonNil([]string{err.Error()}) if err != nil { return nil, err } - secretOutput.Errors[fmt.Sprintf("%s.json", secret.Name)] = errorBytes + secretOutput.Errors[path] = errorBytes } if encoded != nil { - secretOutput.FoundSecret[fmt.Sprintf("%s.json", secret.Name)] = encoded + secretOutput.FoundSecret[path] = encoded if ctx.Redact { secretOutput, err = secretOutput.Redact() if err != nil { @@ -60,7 +64,12 @@ func Secret(ctx *Context, secretCollector *troubleshootv1beta1.Secret) ([]byte, return b, nil } -func secret(client *kubernetes.Clientset, secretCollector *troubleshootv1beta1.Secret) (*FoundSecret, []byte, error) { +func secret(client *kubernetes.Clientset, secretCollector *troubleshootv1beta1.Secret) (string, []byte, error) { + path := fmt.Sprintf("%s/%s.json", secretCollector.Namespace, secretCollector.SecretName) + if secretCollector.Key != "" { + path = fmt.Sprintf("%s/%s/%s.json", secretCollector.Namespace, secretCollector.SecretName, secretCollector.Key) + } + found, err := client.CoreV1().Secrets(secretCollector.Namespace).Get(secretCollector.SecretName, metav1.GetOptions{}) if err != nil { missingSecret := FoundSecret{ @@ -71,16 +80,20 @@ func secret(client *kubernetes.Clientset, secretCollector *troubleshootv1beta1.S b, marshalErr := json.MarshalIndent(missingSecret, "", " ") if marshalErr != nil { - return nil, nil, marshalErr + return path, nil, marshalErr } - return &missingSecret, b, err + return path, b, err } keyExists := false + keyData := "" if secretCollector.Key != "" { - if _, ok := found.Data[secretCollector.Key]; ok { + if val, ok := found.Data[secretCollector.Key]; ok { keyExists = true + if secretCollector.IncludeValue { + keyData = string(val) + } } } @@ -89,14 +102,15 @@ func secret(client *kubernetes.Clientset, secretCollector *troubleshootv1beta1.S Name: found.Name, SecretExists: true, KeyExists: keyExists, + Value: keyData, } b, err := json.MarshalIndent(secret, "", " ") if err != nil { - return nil, nil, err + return path, nil, err } - return &secret, b, nil + return path, b, nil } func (s *SecretOutput) Redact() (*SecretOutput, error) { From 3844a3dbd36d76f0176910cce3099fc50b06e6da Mon Sep 17 00:00:00 2001 From: Andrew Lavery Date: Mon, 6 Apr 2020 17:44:57 -0400 Subject: [PATCH 2/3] don't override namespace --- pkg/collect/secret.go | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/pkg/collect/secret.go b/pkg/collect/secret.go index f4043a71..49c65aec 100644 --- a/pkg/collect/secret.go +++ b/pkg/collect/secret.go @@ -34,10 +34,6 @@ func Secret(ctx *Context, secretCollector *troubleshootv1beta1.Secret) ([]byte, Errors: make(map[string][]byte), } - if secretCollector.Namespace == "" { - secretCollector.Namespace = "default" - } - path, encoded, err := secret(client, secretCollector) if err != nil { errorBytes, err := marshalNonNil([]string{err.Error()}) @@ -65,9 +61,13 @@ func Secret(ctx *Context, secretCollector *troubleshootv1beta1.Secret) ([]byte, } func secret(client *kubernetes.Clientset, secretCollector *troubleshootv1beta1.Secret) (string, []byte, error) { - path := fmt.Sprintf("%s/%s.json", secretCollector.Namespace, secretCollector.SecretName) + ns := secretCollector.Namespace + if ns == "" { + ns = "current-namespace" + } + path := fmt.Sprintf("%s/%s.json", ns, secretCollector.SecretName) if secretCollector.Key != "" { - path = fmt.Sprintf("%s/%s/%s.json", secretCollector.Namespace, secretCollector.SecretName, secretCollector.Key) + path = fmt.Sprintf("%s/%s/%s.json", ns, secretCollector.SecretName, secretCollector.Key) } found, err := client.CoreV1().Secrets(secretCollector.Namespace).Get(secretCollector.SecretName, metav1.GetOptions{}) @@ -86,6 +86,13 @@ func secret(client *kubernetes.Clientset, secretCollector *troubleshootv1beta1.S return path, b, err } + ns = found.Namespace + if secretCollector.Key != "" { + path = fmt.Sprintf("%s/%s/%s.json", ns, secretCollector.SecretName, secretCollector.Key) + } else { + path = fmt.Sprintf("%s/%s.json", ns, secretCollector.SecretName) + } + keyExists := false keyData := "" if secretCollector.Key != "" { From c3646bacd91586e37bc00ebaeda415816c627241 Mon Sep 17 00:00:00 2001 From: Andrew Lavery Date: Mon, 6 Apr 2020 18:01:13 -0400 Subject: [PATCH 3/3] don't use a default filename in paths --- pkg/collect/secret.go | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/pkg/collect/secret.go b/pkg/collect/secret.go index 49c65aec..923dd342 100644 --- a/pkg/collect/secret.go +++ b/pkg/collect/secret.go @@ -3,6 +3,7 @@ package collect import ( "encoding/json" "fmt" + "path/filepath" troubleshootv1beta1 "github.com/replicatedhq/troubleshoot/pkg/apis/troubleshoot/v1beta1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -62,13 +63,7 @@ func Secret(ctx *Context, secretCollector *troubleshootv1beta1.Secret) ([]byte, func secret(client *kubernetes.Clientset, secretCollector *troubleshootv1beta1.Secret) (string, []byte, error) { ns := secretCollector.Namespace - if ns == "" { - ns = "current-namespace" - } - path := fmt.Sprintf("%s/%s.json", ns, secretCollector.SecretName) - if secretCollector.Key != "" { - path = fmt.Sprintf("%s/%s/%s.json", ns, secretCollector.SecretName, secretCollector.Key) - } + path := fmt.Sprintf("%s.json", filepath.Join(ns, secretCollector.SecretName)) found, err := client.CoreV1().Secrets(secretCollector.Namespace).Get(secretCollector.SecretName, metav1.GetOptions{}) if err != nil { @@ -87,11 +82,7 @@ func secret(client *kubernetes.Clientset, secretCollector *troubleshootv1beta1.S } ns = found.Namespace - if secretCollector.Key != "" { - path = fmt.Sprintf("%s/%s/%s.json", ns, secretCollector.SecretName, secretCollector.Key) - } else { - path = fmt.Sprintf("%s/%s.json", ns, secretCollector.SecretName) - } + path = fmt.Sprintf("%s.json", filepath.Join(ns, secretCollector.SecretName, secretCollector.Key)) keyExists := false keyData := ""