func()

in ecrtokenrefresher/pkg/secrets/registrymirror/registrymirror.go [79:123]

• 43 lines of code
• 10 McCabe index (conditional complexity)

func (mirror *RegistryMirrorSecret) BroadcastCredentials() error {
	defaultClientSet := mirror.clientSets[mirror.mgmtClusterName]
	data := make(map[string][]byte)
	for clusterName, creds := range mirror.clusterCredentials {
		dockerConfig := common.CreateDockerAuthConfig(creds)
		configJson, err := json.Marshal(*dockerConfig)
		if err != nil {
			return err
		}
		common.BroadcastDockerAuthConfig(configJson, defaultClientSet, mirror.clientSets[clusterName], mirror.credName, clusterName)

		if clusterName == mirror.mgmtClusterName {
			data[corev1.DockerConfigJsonKey] = configJson
		}
		if len(creds[0].CA) > 0 { // when "" ca is used, no tls verification will succeed
			data[clusterName+"_ca.crt"] = []byte(creds[0].CA)
		}
		data["config.json"] = configJson
		if creds[0].Insecure == "true" {
			data[clusterName+"_insecure"] = []byte(creds[0].Insecure)
		}
	}
	// create a registry mirror secret for package controller pod to mount
	if _, ok := data[corev1.DockerConfigJsonKey]; !ok {
		configJson, _ := json.Marshal(common.CreateDockerAuthConfig([]*secrets.Credential{{
			Registry: "", Username: "", Password: "", CA: "", Insecure: "",
		}}))
		data[corev1.DockerConfigJsonKey] = configJson
	}
	secret, _ := k8s.GetSecret(defaultClientSet, credName, constants.PackagesNamespace)
	if secret == nil {
		utils.InfoLogger.Printf("Create secret %s in namespace %s", credName, constants.PackagesNamespace)
		_, err := k8s.CreateSecret(defaultClientSet, credName, constants.PackagesNamespace, data)
		if err != nil {
			return err
		}
	} else {
		utils.InfoLogger.Printf("Update secret %s in namespace %s", credName, constants.PackagesNamespace)
		_, err := k8s.UpdateSecret(defaultClientSet, constants.PackagesNamespace, secret, data)
		if err != nil {
			return err
		}
	}
	return nil
}