// TODO: when Secrets in kapi.ServiceAccount get changed to MountSecrets and represented by LocalObjectReferences, this can be
// refactored to reuse the addition code better
// addSecretsToServiceAccount adds secrets to the service account, either as pull secrets, mount secrets, or both.
func (o AddSecretOptions) addSecretsToServiceAccount(serviceaccount *kapi.ServiceAccount) error {
updated := false
newSecrets, err := o.getSecrets()
if err != nil {
return err
}
newSecretNames := getSecretNames(newSecrets)
if o.ForMount {
currentSecrets := getMountSecretNames(serviceaccount)
secretsToAdd := newSecretNames.Difference(currentSecrets)
for _, secretName := range secretsToAdd.List() {
serviceaccount.Secrets = append(serviceaccount.Secrets, kapi.ObjectReference{Name: secretName})
updated = true
}
}
if o.ForPull {
currentSecrets := getPullSecretNames(serviceaccount)
secretsToAdd := newSecretNames.Difference(currentSecrets)
for _, secretName := range secretsToAdd.List() {
serviceaccount.ImagePullSecrets = append(serviceaccount.ImagePullSecrets, kapi.LocalObjectReference{Name: secretName})
updated = true
}
}
if updated {
_, err = o.ClientInterface.ServiceAccounts(o.Namespace).Update(serviceaccount)
return err
}
return nil
}
func (o AddSecretOptions) AddSecretsToSAPullSecrets(serviceAccount *api.ServiceAccount) (*api.ServiceAccount, error) {
secrets, err := o.getSecrets()
if err != nil {
return nil, err
}
currentSecrets := util.StringSet{}
for _, secretRef := range serviceAccount.ImagePullSecrets {
currentSecrets.Insert(secretRef.Name)
}
for _, secret := range secrets {
if currentSecrets.Has(secret.Name) {
continue
}
serviceAccount.ImagePullSecrets = append(serviceAccount.ImagePullSecrets, api.LocalObjectReference{Name: secret.Name})
currentSecrets.Insert(secret.Name)
}
return o.ClientInterface.ServiceAccounts(o.Namespace).Update(serviceAccount)
}
