-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.go
92 lines (80 loc) · 2.02 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
package main
import (
"cron-vault-sync/internal/services/k8s/controller"
vaultclient "cron-vault-sync/internal/services/vault"
"os"
"github.com/sirupsen/logrus"
)
func main() {
keyPath := os.Getenv("VAULT_PREFIX_KEY_PATH")
namespace := os.Getenv("NAMESPACE")
vclient, err := vaultclient.NewVaultClient()
if err != nil {
logrus.Fatal(err)
}
ctrl, err := controller.NewObjectsController(namespace)
if err != nil {
logrus.Fatal(err)
}
secrets, err := vclient.ListSecrets(keyPath)
if err != nil {
logrus.Fatal(err)
}
vaultCRDSecrets, err := ctrl.ListVaultCRDSecrets()
if err != nil {
logrus.Fatal(err)
}
secretNames := []string{}
for _, s := range secrets.Data["keys"].([]interface{}) {
secretNames = append(secretNames, s.(string))
}
crdSecretNames := []string{}
for _, s := range vaultCRDSecrets.Items {
crdSecretNames = append(crdSecretNames, s.GetName())
}
for _, secretName := range secretNames {
if !contains(crdSecretNames, secretName) {
secretKeyPath := keyPath + secretName
metadata, err := vclient.GetSecretMetadata(secretKeyPath)
if err != nil {
logrus.Error(err)
continue
}
customMetadata := make(map[string]interface{})
if metadata.Data["custom_metadata"] != nil {
customMetadata = metadata.Data["custom_metadata"].(map[string]interface{})
}
if err := ctrl.CreateVaultCRDSecret(secretName, secretKeyPath, customMetadata); err != nil {
logrus.Error(err)
} else {
logrus.Info("Created Vault CRD Secret: " + secretName)
}
}
}
for _, crdSecretName := range crdSecretNames {
if !contains(secretNames, crdSecretName) {
if err := ctrl.DeleteVaultCRDSecret(crdSecretName); err != nil {
logrus.Error(err)
} else {
logrus.Info("Deleted Vault CRD Secret: " + crdSecretName)
}
}
}
}
func contains(s interface{}, e string) bool {
switch as := s.(type) {
case []string:
for _, a := range as {
if a == e {
return true
}
}
case []interface{}:
for _, a := range as {
if a.(string) == e {
return true
}
}
}
return false
}