Merge pull request #41 from cloudfoundry-incubator/rohit/annotations

Add annotations arg in create secret func
cloudfoundry-incubator · Apr 30, 2020 · 5d5894d · 5d5894d
2 parents 3be3c1d + 0bd9275
commit 5d5894d
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 9 deletions.
diff --git a/pkg/versionedsecretstore/versioned_secret_store.go b/pkg/versionedsecretstore/versioned_secret_store.go
@@ -79,7 +79,7 @@ type versionedSecretStoreBackend interface {
 // the Custom Resource Definition that generated it.
 type VersionedSecretStore interface {
 	SetSecretReferences(ctx context.Context, namespace string, podSpec *corev1.PodSpec) error
-	Create(ctx context.Context, namespace string, ownerName string, ownerID types.UID, secretName string, secretData map[string]string, labels map[string]string, sourceDescription string) error
+	Create(ctx context.Context, namespace string, ownerName string, ownerID types.UID, secretName string, secretData map[string]string, annotations map[string]string, labels map[string]string, sourceDescription string) error
 	Get(ctx context.Context, namespace string, secretName string, version int) (*corev1.Secret, error)
 	Latest(ctx context.Context, namespace string, secretName string) (*corev1.Secret, error)
 	List(ctx context.Context, namespace string, secretName string) ([]corev1.Secret, error)
@@ -163,7 +163,15 @@ func (p VersionedSecretImpl) SetSecretReferences(ctx context.Context, namespace
 }
 
 // Create creates a new version of the secret from secret data
-func (p VersionedSecretImpl) Create(ctx context.Context, namespace string, ownerName string, ownerID types.UID, secretName string, secretData map[string]string, labels map[string]string, sourceDescription string) error {
+func (p VersionedSecretImpl) Create(ctx context.Context,
+	namespace string,
+	ownerName string,
+	ownerID types.UID,
+	secretName string,
+	secretData map[string]string,
+	annotations map[string]string,
+	labels map[string]string,
+	sourceDescription string) error {
 	latest, err := p.Latest(ctx, namespace, secretName)
 	if err == nil {
 		labelsIdentical := true
@@ -177,12 +185,20 @@ func (p VersionedSecretImpl) Create(ctx context.Context, namespace string, owner
 			}
 		}
 
+		annotationsIdentical := true
+		for k, v := range latest.Annotations {
+			if annotations[k] != v {
+				annotationsIdentical = false
+				break
+			}
+		}
+
 		encodedData := make(map[string][]byte)
 		for k, v := range secretData {
 			encodedData[k] = []byte(v)
 		}
 
-		if reflect.DeepEqual(encodedData, latest.Data) && labelsIdentical {
+		if reflect.DeepEqual(encodedData, latest.Data) && labelsIdentical && annotationsIdentical {
 			// Do not create new versions if the content and the labels (except the version label) are identical
 			return SecretIdenticalError{secret: latest}
 		}
@@ -197,16 +213,22 @@ func (p VersionedSecretImpl) Create(ctx context.Context, namespace string, owner
 	labels[LabelVersion] = strconv.Itoa(version)
 	labels[LabelSecretKind] = VersionSecretKind
 
+	if annotations == nil {
+		annotations = map[string]string{}
+	}
+	annotations[AnnotationSourceDescription] = sourceDescription
+
 	generatedSecretName, err := generateSecretName(secretName, version)
 	if err != nil {
 		return err
 	}
 
 	secret := &corev1.Secret{
 		ObjectMeta: metav1.ObjectMeta{
-			Name:      generatedSecretName,
-			Namespace: namespace,
-			Labels:    labels,
+			Name:        generatedSecretName,
+			Namespace:   namespace,
+			Labels:      labels,
+			Annotations: annotations,
 			OwnerReferences: []metav1.OwnerReference{
 				{
 					APIVersion:         LabelAPIVersion,
@@ -217,9 +239,6 @@ func (p VersionedSecretImpl) Create(ctx context.Context, namespace string, owner
 					Controller:         pointers.Bool(true),
 				},
 			},
-			Annotations: map[string]string{
-				AnnotationSourceDescription: sourceDescription,
-			},
 		},
 		StringData: secretData,
 	}

diff --git a/pkg/versionedsecretstore/versioned_secret_store_test.go b/pkg/versionedsecretstore/versioned_secret_store_test.go
@@ -27,6 +27,7 @@ var _ = Describe("VersionedSecretStore", func() {
 		secretNamePrefix         string
 		exampleSourceDescription string
 		secretLabels             map[string]string
+		secretAnnotations        map[string]string
 		secretV1                 *corev1.Secret
 		secretV2                 *corev1.Secret
 		secretV4                 *corev1.Secret
@@ -43,6 +44,9 @@ var _ = Describe("VersionedSecretStore", func() {
 		secretLabels = map[string]string{
 			"deployment-name": secretNamePrefix,
 		}
+		secretAnnotations = map[string]string{
+			"test": "test",
+		}
 
 		secretV1 = &corev1.Secret{
 			ObjectMeta: metav1.ObjectMeta{
@@ -53,6 +57,7 @@ var _ = Describe("VersionedSecretStore", func() {
 					LabelSecretKind: "versionedSecret",
 					LabelVersion:    "1",
 				},
+				Annotations: secretAnnotations,
 			},
 			Data: map[string][]byte{
 				"manifest": []byte(`instance_groups:
@@ -266,6 +271,7 @@ name: fake-deployment-v4
 					map[string]string{
 						"manifest": `{"instance_groups":[{"instances":3,"name":"diego"},{"instances":2,"name":"mysql"}]}`,
 					},
+					nil,
 					secretLabels,
 					exampleSourceDescription,
 				)
@@ -313,6 +319,7 @@ name: fake-deployment-v4
 					map[string]string{
 						"manifest": `{"instance_groups":[{"instances":3,"name":"diego"},{"instances":2,"name":"mysql"}]}`,
 					},
+					nil,
 					secretLabels,
 					exampleSourceDescription,
 				)
@@ -343,6 +350,7 @@ name: fake-deployment-v4
 					types.UID("d3d423b7-a57f-43b0-8305-79d484154e4f"),
 					secretNamePrefix,
 					data,
+					secretAnnotations,
 					secretV1.Labels,
 					exampleSourceDescription,
 				)
@@ -364,6 +372,7 @@ name: fake-deployment-v4
 					map[string]string{
 						"manifest": `{"instance_groups":[{"instances":3,"name":"diego"},{"instances":2,"name":"mysql"}]}`,
 					},
+					nil,
 					secretLabels,
 					exampleSourceDescription,
 				)