github-mirrors/imagepullsecret-injector
1
0
Fork 0
mirror of https://github.com/ysoftdevs/imagepullsecret-injector.git synced 2026-03-17 23:04:15 +01:00
Code Issues Packages Projects Releases 10 Wiki Activity

Create proper secrets before checking whether the SA needs to be patched (in case the secret itself changed)

Browse Source
This commit is contained in:
Martin Šalata
2022-06-13 14:27:12 +02:00
parent 265f6ba0e1
commit 012a498a8b
3 changed files with 18 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
VERSION
View File

@@ -1 +1 @@
0.0.14 0.0.15

4
charts/imagepullsecret-injector/Chart.yaml
View File

@@ -15,9 +15,9 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes # This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version. # to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/) # Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.0.25 version: 0.0.26
# This is the version number of the application being deployed. This version number should be # This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to # incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using. # follow Semantic Versioning. They should reflect the version the application is using.
appVersion: 0.0.14 appVersion: 0.0.25

30
cmd/webhook.go
View File

@@ -236,11 +236,24 @@ func (whsvr *WebhookServer) mutateServiceAccount(ar *v1beta1.AdmissionReview) *v
} }
} }
// Check whether we already have the imagePullSecretName present // Make sure the secrets are present
if err := whsvr.ensureSecrets(ar); err != nil {
whsvr.logger.Errorf("Could not ensure existence of the imagePullSecret")
if !whsvr.config.ignoreSecretCreationError {
whsvr.logger.Errorf("Failing the mutation process")
return &v1beta1.AdmissionResponse{
Result: &metav1.Status{
Message: err.Error(),
},
}
}
whsvr.logger.Infof("ignoreSecretCreationError is true, ignoring")
}
if sa.ImagePullSecrets != nil { if sa.ImagePullSecrets != nil {
whsvr.logger.Infof("ServiceAccount is already in the correct state, skipping")
for _, lor := range sa.ImagePullSecrets { for _, lor := range sa.ImagePullSecrets {
if whsvr.config.targetImagePullSecretName == lor.Name { if whsvr.config.targetImagePullSecretName == lor.Name {
whsvr.logger.Infof("ServiceAccount is already in the correct state, skipping the patch")
return &v1beta1.AdmissionResponse{ return &v1beta1.AdmissionResponse{
Allowed: true, Allowed: true,
} }
@@ -262,19 +275,6 @@ func (whsvr *WebhookServer) mutateServiceAccount(ar *v1beta1.AdmissionReview) *v
} }
} }
if err := whsvr.ensureSecrets(ar); err != nil {
whsvr.logger.Errorf("Could not ensure existence of the imagePullSecret")
if !whsvr.config.ignoreSecretCreationError {
whsvr.logger.Errorf("Failing the mutation process")
return &v1beta1.AdmissionResponse{
Result: &metav1.Status{
Message: err.Error(),
},
}
}
whsvr.logger.Infof("ignoreSecretCreationError is true, ignoring")
}
return &v1beta1.AdmissionResponse{ return &v1beta1.AdmissionResponse{
Allowed: true, Allowed: true,
Patch: patchBytes, Patch: patchBytes,