move copysecret to pkg/utils

knative · Dec 5, 2019 · ecf8f01 · ecf8f01
1 parent 8e5c107
commit ecf8f01
Show file tree

Hide file tree

Showing 4 changed files with 79 additions and 104 deletions.
diff --git a/pkg/reconciler/namespace/namespace.go b/pkg/reconciler/namespace/namespace.go
@@ -18,7 +18,6 @@ package namespace
 
 import (
 	"context"
-	"errors"
 	"fmt"
 
 	"k8s.io/client-go/tools/cache"
@@ -37,7 +36,6 @@ import (
 	apierrs "k8s.io/apimachinery/pkg/api/errors"
 	k8serrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/types"
 	"knative.dev/eventing/pkg/apis/eventing/v1alpha1"
 	"knative.dev/eventing/pkg/logging"
 	"knative.dev/eventing/pkg/reconciler"
@@ -186,7 +184,7 @@ func (r *Reconciler) reconcileServiceAccountAndRoleBindings(ctx context.Context,
 				return nil
 			}
 		}
-		_, err := CopySecret(r, system.Namespace(), r.brokerPullSecretName, ns.Name, sa.Name)
+		_, err := utils.CopySecret(r.KubeClientSet.CoreV1(), system.Namespace(), r.brokerPullSecretName, ns.Name, sa.Name)
 		if err != nil {
 			r.Recorder.Event(ns, corev1.EventTypeNormal, secretCopied,
 				fmt.Sprintf("Error copying secret: %s", err))
@@ -259,43 +257,3 @@ func (r *Reconciler) reconcileBroker(ctx context.Context, ns *corev1.Namespace)
 	// Don't update anything that is already present.
 	return current, nil
 }
-
-func CopySecret(r *Reconciler, srcNS string, srcSecretName string, tgtNS string, svcAccount string) (*corev1.Secret, error) {
-	tgtNamespaceSvcAcct := r.KubeClientSet.CoreV1().ServiceAccounts(tgtNS)
-	srcSecrets := r.KubeClientSet.CoreV1().Secrets(srcNS)
-	tgtNamespaceSecrets := r.KubeClientSet.CoreV1().Secrets(tgtNS)
-
-	// First try to find the secret we're supposed to copy
-	srcSecret, err := srcSecrets.Get(srcSecretName, metav1.GetOptions{})
-	if err != nil {
-		return nil, err
-	}
-
-	// check for nil source secret
-	if srcSecret == nil {
-		return nil, errors.New("error copying secret")
-	}
-
-	// Found the secret, so now make a copy in our new namespace
-	newSecret, err := tgtNamespaceSecrets.Create(
-		&corev1.Secret{
-			ObjectMeta: metav1.ObjectMeta{
-				Name: srcSecretName,
-			},
-			Data: srcSecret.Data,
-			Type: srcSecret.Type,
-		})
-
-	// If the secret already exists then that's ok - may have already been created
-	if err != nil && !apierrs.IsAlreadyExists(err) {
-		return nil, fmt.Errorf("error copying the Secret: %s", err)
-	}
-
-	_, err = tgtNamespaceSvcAcct.Patch(svcAccount, types.StrategicMergePatchType,
-		[]byte(`{"imagePullSecrets":[{"name":"`+srcSecretName+`"}]}`))
-	if err != nil {
-		return nil, fmt.Errorf("patch failed on NS/SA (%s/%s): %s",
-			tgtNS, srcSecretName, err)
-	}
-	return newSecret, nil
-}
diff --git a/pkg/utils/secret.go b/pkg/utils/secret.go
@@ -0,0 +1,73 @@
+/*
+Copyright 2018 The Knative Authors
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package utils
+
+import (
+	"errors"
+	"fmt"
+
+	corev1 "k8s.io/api/core/v1"
+	apierrs "k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/types"
+	clientcorev1 "k8s.io/client-go/kubernetes/typed/core/v1"
+)
+
+// CopySecret will copy a secret from one namespace into another.
+// If a ServiceAccount name is provided then it'll add it as a PullSecret to
+// it.
+// It'll either return a pointer to the new Secret or and error indicating
+// why it couldn't do it.
+func CopySecret(corev1Input clientcorev1.CoreV1Interface, srcNS string, srcSecretName string, tgtNS string, svcAccount string) (*corev1.Secret, error) {
+	tgtNamespaceSvcAcct := corev1Input.ServiceAccounts(tgtNS)
+	srcSecrets := corev1Input.Secrets(srcNS)
+	tgtNamespaceSecrets := corev1Input.Secrets(tgtNS)
+
+	// First try to find the secret we're supposed to copy
+	srcSecret, err := srcSecrets.Get(srcSecretName, metav1.GetOptions{})
+	if err != nil {
+		return nil, err
+	}
+
+	// check for nil source secret
+	if srcSecret == nil {
+		return nil, errors.New("error copying secret; there is no error but secret is nil")
+	}
+
+	// Found the secret, so now make a copy in our new namespace
+	newSecret, err := tgtNamespaceSecrets.Create(
+		&corev1.Secret{
+			ObjectMeta: metav1.ObjectMeta{
+				Name: srcSecretName,
+			},
+			Data: srcSecret.Data,
+			Type: srcSecret.Type,
+		})
+
+	// If the secret already exists then that's ok - may have already been created
+	if err != nil && !apierrs.IsAlreadyExists(err) {
+		return nil, fmt.Errorf("error copying the Secret: %s", err)
+	}
+
+	_, err = tgtNamespaceSvcAcct.Patch(svcAccount, types.StrategicMergePatchType,
+		[]byte(`{"imagePullSecrets":[{"name":"`+srcSecretName+`"}]}`))
+	if err != nil {
+		return nil, fmt.Errorf("patch failed on NS/SA (%s/%s): %s",
+			tgtNS, srcSecretName, err)
+	}
+	return newSecret, nil
+}
diff --git a/test/common/creation.go b/test/common/creation.go
@@ -29,6 +29,7 @@ import (
 	flowsv1alpha1 "knative.dev/eventing/pkg/apis/flows/v1alpha1"
 	messagingv1alpha1 "knative.dev/eventing/pkg/apis/messaging/v1alpha1"
 	sourcesv1alpha1 "knative.dev/eventing/pkg/apis/sources/v1alpha1"
+	"knative.dev/eventing/pkg/utils"
 	"knative.dev/eventing/test/base"
 	"knative.dev/eventing/test/base/resources"
 	"knative.dev/pkg/test/helpers"
@@ -310,7 +311,7 @@ func (client *Client) CreateServiceAccountOrFail(saName string) {
 	// "kn-eventing-test-pull-secret" then use that as the ImagePullSecret
 	// on the new ServiceAccount we just created.
 	// This is needed for cases where the images are in a private registry.
-	_, err := CopySecret(client, "default", TestPullSecretName, namespace, saName)
+	_, err := utils.CopySecret(client.Kube.Kube.CoreV1(), "default", TestPullSecretName, namespace, saName)
 	if err != nil && !errors.IsNotFound(err) {
 		client.T.Fatalf("Error copying the secret: %s", err)
 	}

diff --git a/test/common/test_runner.go b/test/common/test_runner.go
@@ -17,18 +17,18 @@ limitations under the License.
 package common
 
 import (
-	"errors"
 	"fmt"
 	"os"
 	"os/signal"
 	"syscall"
 	"testing"
 	"time"
 
+	"knative.dev/eventing/pkg/utils"
+
 	corev1 "k8s.io/api/core/v1"
 	apierrs "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/apiserver/pkg/storage/names"
 	pkgTest "knative.dev/pkg/test"
@@ -129,63 +129,6 @@ func TearDown(client *Client) {
 	}
 }
 
-// CopySecret will copy a secret from one namespace into another.
-// If a ServiceAccount name is provided then it'll add it as a PullSecret to
-// it.
-// It'll either return a pointer to the new Secret or and error indicating
-// why it couldn't do it.
-func CopySecret(client *Client, srcNS string, srcSecretName string, tgtNS string, svcAccount string) (*corev1.Secret, error) {
-	// Get the Interfaces we need to access the resources in the cluster
-	srcSecI := client.Kube.Kube.CoreV1().Secrets(srcNS)
-	tgtNSSvcAccI := client.Kube.Kube.CoreV1().ServiceAccounts(tgtNS)
-	tgtNSSecI := client.Kube.Kube.CoreV1().Secrets(tgtNS)
-
-	// First try to find the secret we're supposed to copy
-	srcSecret, err := srcSecI.Get(srcSecretName, metav1.GetOptions{})
-	if err != nil {
-		return nil, err
-	}
-
-	// Just double checking
-	if srcSecret == nil {
-		return nil, errors.New("error copying Secret, it's nil w/o error")
-	}
-
-	// Found the secret, so now make a copy in our new namespace
-	newSecret, err := tgtNSSecI.Create(
-		&corev1.Secret{
-			ObjectMeta: metav1.ObjectMeta{
-				Name: srcSecretName,
-			},
-			Data: srcSecret.Data,
-			Type: srcSecret.Type,
-		})
-
-	// If the secret already exists then that's ok - some other test
-	// must have created it
-	if err != nil && !apierrs.IsAlreadyExists(err) {
-		return nil, fmt.Errorf("error copying the Secret: %s", err)
-	}
-
-	client.T.Logf("Copied Secret %q into Namespace %q",
-		srcSecretName, tgtNS)
-
-	// If a ServiceAccount was provided then add it as an ImagePullSecret.
-	// Note: if the SA aleady has it then this is no-op
-	if svcAccount != "" {
-		_, err = tgtNSSvcAccI.Patch(svcAccount, types.StrategicMergePatchType,
-			[]byte(`{"imagePullSecrets":[{"name":"`+srcSecretName+`"}]}`))
-		if err != nil {
-			return nil, fmt.Errorf("patch failed on NS/SA (%s/%s): %s",
-				tgtNS, srcSecretName, err)
-		}
-		client.T.Logf("Added Secret %q as ImagePullSecret to SA %q in NS %q",
-			srcSecretName, svcAccount, tgtNS)
-	}
-
-	return newSecret, nil
-}
-
 // CreateNamespaceIfNeeded creates a new namespace if it does not exist.
 func CreateNamespaceIfNeeded(t *testing.T, client *Client, namespace string) {
 	_, err := client.Kube.Kube.CoreV1().Namespaces().Get(namespace, metav1.GetOptions{})
@@ -209,7 +152,7 @@ func CreateNamespaceIfNeeded(t *testing.T, client *Client, namespace string) {
 		// "kn-eventing-test-pull-secret" then use that as the ImagePullSecret
 		// on the "default" ServiceAccount in this new Namespace.
 		// This is needed for cases where the images are in a private registry.
-		_, err := CopySecret(client, "default", TestPullSecretName, namespace, "default")
+		_, err := utils.CopySecret(client.Kube.Kube.CoreV1(), "default", TestPullSecretName, namespace, "default")
 		if err != nil && !apierrs.IsNotFound(err) {
 			t.Fatalf("error copying the secret into ns %q: %s", namespace, err)
 		}