func svcAcctJWT()

in vault-api-helper/main.go [95:144]

• 33 lines of code
• 6 McCabe index (conditional complexity)

func svcAcctJWT(ctx context.Context, name, namespace string) (string, error) {
  log.Info("common:svcAcctJWT")

  var (
    err error

    secret     = &corev1.Secret{}
    svcAccount = &corev1.ServiceAccount{}
  )

  log.Info("common:svcAcctJWT:secret", "name", name, "namespace", namespace)

  config, err := clientcmd.BuildConfigFromFlags("", "")
  if err != nil {
    panic(err)
  }
  clientset, err := kubernetes.NewForConfig(config)
  if err != nil {
    panic(err)
  }

  // get service account
  sa, err := clientset.CoreV1().ServiceAccounts(namespace).Get(name, metav1.GetOptions{})
  if err != nil {
    log.Error(err, "get ServiceAccount")
    return "", fmt.Errorf("%s serviceAccount not found in %s namespace", name, namespace)
  }

  if len(sa.Secrets) == 0 {
    return "", fmt.Errorf("%s serviceAccount token not found", name)
  }

  log.Info("common:svcAcctJWT:secret:value", "name", name, "namespace", namespace)

  ref := svcAccount.Secrets[0]

  // get service account token secret
  secret, err = clientset.CoreV1().Secrets(namespace).Get(ref.Name, metav1.GetOptions{})
  if err != nil {
    return "", fmt.Errorf("%s serviceAccount token not found: %s", name, err)
  }

  b := string(secret.Data["token"])
  //b, err := base64.StdEncoding.DecodeString(string(secret.Data["token"]))
  //if err != nil {
  //	return "", err
  //}

  return string(b), nil
}