Skip to content

Commit 7dc3ae6

Browse files
Merge branch 'main' into jetc/feat/a2a-v1-migration-a
2 parents 767ffd6 + 92d5b16 commit 7dc3ae6

4 files changed

Lines changed: 1870 additions & 966 deletions

File tree

go/core/cli/internal/cli/mcp/root.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -393,8 +393,8 @@ Examples:
393393
kagent mcp secrets sync production --dry-run
394394
`,
395395
Args: cobra.ExactArgs(1),
396-
RunE: func(_ *cobra.Command, args []string) error {
397-
return SyncSecretsMcp(cfg, args[0])
396+
RunE: func(cmd *cobra.Command, args []string) error {
397+
return SyncSecretsMcp(cmd.Context(), cfg, args[0])
398398
},
399399
}
400400

go/core/cli/internal/cli/mcp/secrets.go

Lines changed: 19 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@ import (
99

1010
"github.com/kagent-dev/kagent/go/core/cli/internal/mcp/manifests"
1111
corev1 "k8s.io/api/core/v1"
12+
apierrors "k8s.io/apimachinery/pkg/api/errors"
1213
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
1314
"k8s.io/client-go/kubernetes"
1415
"sigs.k8s.io/controller-runtime/pkg/client/config"
@@ -22,7 +23,7 @@ type SecretsCfg struct {
2223
ProjectDir string
2324
}
2425

25-
func SyncSecretsMcp(cfg *SecretsCfg, environment string) error {
26+
func SyncSecretsMcp(ctx context.Context, cfg *SecretsCfg, environment string) error {
2627
// Determine project root
2728
projectRoot := cfg.ProjectDir
2829
if projectRoot == "" {
@@ -109,10 +110,10 @@ func SyncSecretsMcp(cfg *SecretsCfg, environment string) error {
109110
}
110111

111112
// Apply to cluster
112-
return applySecretToCluster(secret)
113+
return applySecretToCluster(ctx, secret)
113114
}
114115

115-
func applySecretToCluster(secret *corev1.Secret) error {
116+
func applySecretToCluster(ctx context.Context, secret *corev1.Secret) error {
116117
// Get kubeconfig
117118
cfg, err := config.GetConfig()
118119
if err != nil {
@@ -125,18 +126,25 @@ func applySecretToCluster(secret *corev1.Secret) error {
125126
return fmt.Errorf("failed to create kubernetes clientset: %w", err)
126127
}
127128

128-
// Check if secret exists
129-
_, err = clientset.CoreV1().Secrets(secret.Namespace).Get(context.TODO(), secret.Name, metav1.GetOptions{})
130-
if err != nil {
131-
// Create if it doesn't exist
132-
_, err = clientset.CoreV1().Secrets(secret.Namespace).Create(context.TODO(), secret, metav1.CreateOptions{})
129+
// Check if secret exists. Branch on IsNotFound so RBAC, network, or
130+
// context-cancellation failures from Get aren't silently treated as
131+
// "secret does not exist" and don't fall through to a Create that masks
132+
// the real error.
133+
existing, err := clientset.CoreV1().Secrets(secret.Namespace).Get(ctx, secret.Name, metav1.GetOptions{})
134+
switch {
135+
case apierrors.IsNotFound(err):
136+
_, err = clientset.CoreV1().Secrets(secret.Namespace).Create(ctx, secret, metav1.CreateOptions{})
133137
if err != nil {
134138
return fmt.Errorf("failed to create secret: %w", err)
135139
}
136140
fmt.Printf("✅ Secret '%s' created in namespace '%s'.\n", secret.Name, secret.Namespace)
137-
} else {
138-
// Update if it exists
139-
_, err = clientset.CoreV1().Secrets(secret.Namespace).Update(context.TODO(), secret, metav1.UpdateOptions{})
141+
case err != nil:
142+
return fmt.Errorf("failed to get secret: %w", err)
143+
default:
144+
// Update requires the live resourceVersion from the existing object;
145+
// the Secret we built from .env has none.
146+
secret.ResourceVersion = existing.ResourceVersion
147+
_, err = clientset.CoreV1().Secrets(secret.Namespace).Update(ctx, secret, metav1.UpdateOptions{})
140148
if err != nil {
141149
return fmt.Errorf("failed to update secret: %w", err)
142150
}

0 commit comments

Comments
 (0)