in fleet-argocd-plugin/fleetclient/fleetclient.go [222:267]
func (c *FleetSync) reconcileClusterSecrets(ctx context.Context) error {
// Create a Kubernetes clientset to apply resources.
config, err := rest.InClusterConfig()
if err != nil {
return fmt.Errorf("failed to get in cluster config: %w", err)
}
clientset, err := kubernetes.NewForConfig(config)
if err != nil {
return fmt.Errorf("failed to create Kubernetes clientset: %w", err)
}
// Construct a map of cluster secrets, from name to manifest.
clusterSecrets := make(map[string]string)
for membership := range c.MembershipTenancyMapCache {
parts := strings.Split(membership, "/")
secretName := fmt.Sprintf(clusterSecretNameTemplate, parts[5], parts[3], c.ProjectNum)
param := struct {
Name string
ConnectGatewayURL string
}{
Name: secretName,
ConnectGatewayURL: connectGatewayURL(c.ProjectNum, parts[3], parts[5]),
}
tmpl, err := template.New("secret").Parse(clusterSecretTemplate)
if err != nil {
return fmt.Errorf("failed to parse template: %w", err)
}
var secretManifest bytes.Buffer
err = tmpl.Execute(&secretManifest, param)
if err != nil {
fmt.Println("Error creating Secret manifest:", err)
continue
}
clusterSecrets[secretName] = secretManifest.String()
}
fmt.Println("Reconciling Cluster Secrets: %v", clusterSecrets)
// Apply the Secret to the cluster.
err = applySecrets(ctx, clientset, clusterSecrets)
if err != nil {
return fmt.Errorf("failed to apply secret: %w", err)
}
// Prune cluster secrets that are no longer existing in the Fleet.
return pruneSecrets(ctx, clientset, clusterSecrets)
}