// TODO: when Secrets in kapi.ServiceAccount get changed to MountSecrets and represented by LocalObjectReferences, this can be // refactored to reuse the addition code better // addSecretsToServiceAccount adds secrets to the service account, either as pull secrets, mount secrets, or both. func (o AddSecretOptions) addSecretsToServiceAccount(serviceaccount *kapi.ServiceAccount) error { updated := false newSecrets, err := o.getSecrets() if err != nil { return err } newSecretNames := getSecretNames(newSecrets) if o.ForMount { currentSecrets := getMountSecretNames(serviceaccount) secretsToAdd := newSecretNames.Difference(currentSecrets) for _, secretName := range secretsToAdd.List() { serviceaccount.Secrets = append(serviceaccount.Secrets, kapi.ObjectReference{Name: secretName}) updated = true } } if o.ForPull { currentSecrets := getPullSecretNames(serviceaccount) secretsToAdd := newSecretNames.Difference(currentSecrets) for _, secretName := range secretsToAdd.List() { serviceaccount.ImagePullSecrets = append(serviceaccount.ImagePullSecrets, kapi.LocalObjectReference{Name: secretName}) updated = true } } if updated { _, err = o.ClientInterface.ServiceAccounts(o.Namespace).Update(serviceaccount) return err } return nil }
func (o AddSecretOptions) AddSecretsToSAPullSecrets(serviceAccount *api.ServiceAccount) (*api.ServiceAccount, error) { secrets, err := o.getSecrets() if err != nil { return nil, err } currentSecrets := util.StringSet{} for _, secretRef := range serviceAccount.ImagePullSecrets { currentSecrets.Insert(secretRef.Name) } for _, secret := range secrets { if currentSecrets.Has(secret.Name) { continue } serviceAccount.ImagePullSecrets = append(serviceAccount.ImagePullSecrets, api.LocalObjectReference{Name: secret.Name}) currentSecrets.Insert(secret.Name) } return o.ClientInterface.ServiceAccounts(o.Namespace).Update(serviceAccount) }