Skip to content

Commit e39b6c4

Browse files
alexellisalexellis
committed
Replace secrets via secret create when needed
An upsert is more convenient from CI/CD jobs and from bash scripts. Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
1 parent 1ca7ded commit e39b6c4

File tree

1 file changed

+26
-6
lines changed

1 file changed

+26
-6
lines changed

commands/secret_create.go

Lines changed: 26 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@ import (
77
"context"
88
"fmt"
99
"io"
10+
"net/http"
1011
"os"
1112
"regexp"
1213
"strings"
@@ -20,6 +21,7 @@ var (
2021
literalSecret string
2122
secretFile string
2223
trimSecret bool
24+
replaceSecret bool
2325
)
2426

2527
// secretCreateCmd represents the secretCreate command
@@ -32,10 +34,23 @@ var secretCreateCmd = &cobra.Command{
3234
[--tls-no-verify]`,
3335
Short: "Create a new secret",
3436
Long: `The create command creates a new secret from file, literal or STDIN`,
35-
Example: `faas-cli secret create secret-name --from-literal=secret-value
36-
faas-cli secret create secret-name --from-literal=secret-value --gateway=http://127.0.0.1:8080
37-
faas-cli secret create secret-name --from-file=/path/to/secret/file --gateway=http://127.0.0.1:8080
38-
cat /path/to/secret/file | faas-cli secret create secret-name`,
37+
Example: ` # Create a secret from a literal value in the default namespace
38+
faas-cli secret create NAME --from-literal=VALUE
39+
40+
# Create a secret in a specific namespace
41+
faas-cli secret create NAME --from-literal=VALUE \
42+
--namespace=NS
43+
44+
# Create the secret from a file with a given gateway
45+
faas-cli secret create NAME --from-file=PATH \
46+
--gateway=http://127.0.0.1:8080
47+
48+
# Create the secret from a STDIN pipe
49+
cat ./secret.txt | faas-cli secret create NAME
50+
51+
# Force an update if the secret already exists
52+
faas-cli secret create NAME --from-file PATH --update
53+
`,
3954
RunE: runSecretCreate,
4055
PreRunE: preRunSecretCreate,
4156
}
@@ -48,6 +63,7 @@ func init() {
4863
secretCreateCmd.Flags().StringVarP(&gateway, "gateway", "g", defaultGateway, "Gateway URL starting with http(s)://")
4964
secretCreateCmd.Flags().StringVarP(&token, "token", "k", "", "Pass a JWT token to use instead of basic auth")
5065
secretCreateCmd.Flags().StringVarP(&functionNamespace, "namespace", "n", "", "Namespace of the function")
66+
secretCreateCmd.Flags().BoolVar(&replaceSecret, "replace", false, "Replace the secret if it already exists using an update")
5167

5268
secretCmd.AddCommand(secretCreateCmd)
5369
}
@@ -130,8 +146,12 @@ func runSecretCreate(cmd *cobra.Command, args []string) error {
130146
}
131147

132148
fmt.Printf("Creating secret: %s.%s\n", secret.Name, functionNamespace)
133-
_, output := client.CreateSecret(context.Background(), secret)
134-
fmt.Printf(output)
149+
status, output := client.CreateSecret(context.Background(), secret)
150+
if status == http.StatusConflict && replaceSecret {
151+
fmt.Printf("Secret %s already exists, updating...\n", secret.Name)
152+
_, output = client.UpdateSecret(context.Background(), secret)
153+
}
154+
fmt.Print(output)
135155

136156
return nil
137157
}

0 commit comments

Comments
 (0)