fluxcd
/
image-automation-controller
mirror of https://github.com/fluxcd/image-automation-controller.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix nil pointer dereference and minor refactor 

Signed-off-by: LWJ <lwjames1996@gmail.com>
This commit is contained in:
LWJ 2021-03-29 18:15:57 +01:00
parent 610bb14a2b
commit d1cfabf793
4 changed files with 30 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
api/v1alpha1/imageupdateautomation_types.go
View File

@ -152,7 +152,7 @@ type SigningKey struct {
// keypair as the value. It must be in the same namespace as the // keypair as the value. It must be in the same namespace as the
// ImageUpdateAutomation. // ImageUpdateAutomation.
// +required // +required
SecretRef *meta.LocalObjectReference `json:"secretRef,omitempty"` SecretRef meta.LocalObjectReference `json:"secretRef,omitempty"`
} }
const ( const (

9
api/v1alpha1/zz_generated.deepcopy.go
View File

@ -21,7 +21,6 @@ limitations under the License.
package v1alpha1 package v1alpha1
import ( import (
"github.com/fluxcd/pkg/apis/meta"
"k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime" runtime "k8s.io/apimachinery/pkg/runtime"
) )
@ -32,7 +31,7 @@ func (in *CommitSpec) DeepCopyInto(out *CommitSpec) {
if in.SigningKey != nil { if in.SigningKey != nil {
in, out := &in.SigningKey, &out.SigningKey in, out := &in.SigningKey, &out.SigningKey
*out = new(SigningKey) *out = new(SigningKey)
(*in).DeepCopyInto(*out) **out = **in
} }
} }
@ -198,11 +197,7 @@ func (in *PushSpec) DeepCopy() *PushSpec {
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *SigningKey) DeepCopyInto(out *SigningKey) { func (in *SigningKey) DeepCopyInto(out *SigningKey) {
*out = *in *out = *in
if in.SecretRef != nil { out.SecretRef = in.SecretRef
in, out := &in.SecretRef, &out.SecretRef
*out = new(meta.LocalObjectReference)
**out = **in
}
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SigningKey. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SigningKey.

4
controllers/imageupdateautomation_controller.go
View File

@ -72,6 +72,8 @@ const defaultMessageTemplate = `Update from image update automation`
const repoRefKey = ".spec.gitRepository" const repoRefKey = ".spec.gitRepository"
const imagePolicyKey = ".spec.update.imagePolicy" const imagePolicyKey = ".spec.update.imagePolicy"
const signingSecretKey = "git.asc"
// TemplateData is the type of the value given to the commit message // TemplateData is the type of the value given to the commit message
// template. // template.
type TemplateData struct { type TemplateData struct {
@ -502,7 +504,7 @@ func (r *ImageUpdateAutomationReconciler) getSigningEntity(ctx context.Context,
} }
// get data from secret // get data from secret
data, ok := secret.Data["git.asc"] data, ok := secret.Data[signingSecretKey]
if !ok { if !ok {
return nil, fmt.Errorf("signing key secret '%s' does not contain a 'git.asc' key", secretName) return nil, fmt.Errorf("signing key secret '%s' does not contain a 'git.asc' key", secretName)
} }

47
controllers/update_test.go
View File

@ -463,6 +463,27 @@ Images:
// made by automation. // made by automation.
waitForNewHead(localRepo, branch) waitForNewHead(localRepo, branch)
// configure OpenPGP armor encoder
b := bytes.NewBuffer(nil)
w, err := armor.Encode(b, openpgp.PrivateKeyType, nil)
Expect(err).ToNot(HaveOccurred())
// serialize private key
err = pgpEntity.SerializePrivate(w, nil)
Expect(err).ToNot(HaveOccurred())
err = w.Close()
Expect(err).ToNot(HaveOccurred())
// create the secret containing signing key
sec := &corev1.Secret{
Data: map[string][]byte{
"git.asc": b.Bytes(),
},
}
sec.Name = "signing-key-secret-" + randStringRunes(5)
sec.Namespace = namespace.Name
Expect(k8sClient.Create(context.Background(), sec)).To(Succeed())
// now create the automation object, and let it (one // now create the automation object, and let it (one
// hopes!) make a commit itself. // hopes!) make a commit itself.
updateKey := types.NamespacedName{ updateKey := types.NamespacedName{
@ -486,33 +507,13 @@ Images:
Strategy: imagev1.UpdateStrategySetters, Strategy: imagev1.UpdateStrategySetters,
}, },
Commit: imagev1.CommitSpec{ Commit: imagev1.CommitSpec{
SigningKey: &imagev1.SigningKey{}, SigningKey: &imagev1.SigningKey{
SecretRef: meta.LocalObjectReference{Name: sec.Name},
},
}, },
}, },
} }
// configure OpenPGP armor encoder
b := bytes.NewBuffer(nil)
w, err := armor.Encode(b, openpgp.PrivateKeyType, nil)
Expect(err).ToNot(HaveOccurred())
// serialize private key
err = pgpEntity.SerializePrivate(w, nil)
Expect(err).ToNot(HaveOccurred())
err = w.Close()
Expect(err).ToNot(HaveOccurred())
// create the secret containing signing key
sec := &corev1.Secret{
Data: map[string][]byte{
"git.asc": b.Bytes(),
},
}
sec.Name = "signing-key-secret-" + randStringRunes(5)
sec.Namespace = namespace.Name
Expect(k8sClient.Create(context.Background(), sec)).To(Succeed())
updateBySetters.Spec.Commit.SigningKey.SecretRef = &meta.LocalObjectReference{Name: sec.Name}
Expect(k8sClient.Create(context.Background(), updateBySetters)).To(Succeed()) Expect(k8sClient.Create(context.Background(), updateBySetters)).To(Succeed())
// wait for a new commit to be made by the controller // wait for a new commit to be made by the controller
waitForNewHead(localRepo, branch) waitForNewHead(localRepo, branch)