@@ -2,13 +2,12 @@ use azure_core::new_http_client;
22use azure_identity:: { ClientSecretCredential , TokenCredentialOptions } ;
33use azure_security_keyvault:: prelude:: * ;
44use futures:: StreamExt ;
5- use k8s_openapi:: api:: core:: v1:: Secret ;
6- use kube:: { Api , Client } ;
7- use std:: str:: { from_utf8, Utf8Error } ;
5+ use kube:: Client ;
86use std:: { env, process, sync:: Arc } ;
97use tracing:: { error, info} ;
108
119use crate :: crd:: CDBootstrap ;
10+ use crate :: subresources:: AgentSecret ;
1211
1312#[ derive( Debug ) ]
1413pub struct AzureVault {
@@ -17,7 +16,6 @@ pub struct AzureVault {
1716 pub spn : String ,
1817}
1918
20- #[ allow( dead_code) ]
2119impl AzureVault {
2220 pub fn new ( tenant : & str , keyvault_url : & str , spn : & str ) -> Self {
2321 Self {
@@ -57,7 +55,8 @@ impl AzureVault {
5755}
5856
5957pub async fn run ( client : Client , name : & str , namespace : & str , cr : & CDBootstrap ) {
60- let sps_result = secret_value_is_set ( client. clone ( ) , & name, & namespace, "SPN_SECRET" ) . await ;
58+ let sps_result =
59+ AgentSecret :: value_is_set ( client. clone ( ) , & name, & namespace, "SPN_SECRET" ) . await ;
6160 let sps = match sps_result {
6261 Ok ( sps) => sps,
6362 Err ( err) => {
@@ -66,7 +65,8 @@ pub async fn run(client: Client, name: &str, namespace: &str, cr: &CDBootstrap)
6665 }
6766 } ;
6867
69- let azp_result = secret_value_is_set ( client. clone ( ) , & name, & namespace, "AZP_TOKEN" ) . await ;
68+ let azp_result =
69+ AgentSecret :: value_is_set ( client. clone ( ) , & name, & namespace, "AZP_TOKEN" ) . await ;
7070 let azp = match azp_result {
7171 Ok ( azp) => azp,
7272 Err ( err) => {
@@ -84,7 +84,7 @@ pub async fn run(client: Client, name: &str, namespace: &str, cr: &CDBootstrap)
8484 info ! ( "SPN_SECRET value in Namespace {} Has been set" , namespace) ;
8585 info ! ( "Testing authentication to the Vault" ) ;
8686 if let Ok ( secret_value) =
87- get_secret_value ( client. clone ( ) , & name, & namespace, "SPN_SECRET" ) . await
87+ AgentSecret :: get_value ( client. clone ( ) , & name, & namespace, "SPN_SECRET" ) . await
8888 {
8989 let azure_vault = AzureVault :: new ( & cr. spec . tenant , & cr. spec . keyvault , & cr. spec . spn ) ;
9090 AzureVault :: test_connection ( & azure_vault, & secret_value. to_string ( ) ) . await ;
@@ -103,59 +103,6 @@ pub async fn run(client: Client, name: &str, namespace: &str, cr: &CDBootstrap)
103103 }
104104}
105105
106- async fn secret_value_is_set (
107- client : Client ,
108- name : & str ,
109- namespace : & str ,
110- key : & str ,
111- ) -> Result < bool , Utf8Error > {
112- let mut is_set = false ;
113- let api: Api < Secret > = Api :: namespaced ( client. clone ( ) , namespace) ;
114-
115- match api. get ( name) . await {
116- Ok ( secret) => {
117- if let Some ( data) = secret. data {
118- if let Some ( value) = data. get ( key) {
119- let token_decoded = from_utf8 ( & value. 0 ) ?;
120- is_set = !token_decoded. is_empty ( ) ;
121- }
122- }
123- }
124- Err ( _) => {
125- error ! ( "Secret {} in namespace {} NOT found" , name, namespace) ;
126- }
127- }
128-
129- Ok ( is_set)
130- }
131-
132- pub async fn get_secret_value (
133- client : Client ,
134- name : & str ,
135- namespace : & str ,
136- key : & str ,
137- ) -> Result < String , Utf8Error > {
138- let mut client_secret = String :: from ( "" ) ;
139-
140- let api: Api < Secret > = Api :: namespaced ( client. clone ( ) , namespace) ;
141-
142- match api. get ( name) . await {
143- Ok ( secret) => {
144- if let Some ( data) = secret. data {
145- if let Some ( value) = data. get ( key) {
146- let token_decoded = from_utf8 ( & value. 0 ) ?;
147- client_secret = token_decoded. to_string ( ) ;
148- }
149- }
150- }
151- Err ( _) => {
152- error ! ( "Error getting Secret {} in namespace {}" , name, namespace) ;
153- }
154- }
155-
156- Ok ( client_secret)
157- }
158-
159106pub async fn print_secret_from_vault ( az : & AzureVault , secret_name : & str ) {
160107 let config = AzureVault {
161108 tenant : az. tenant . clone ( ) ,
0 commit comments