galen/cert-manager-webhook-gandi
2
Fork 0
Code Issues Pull Requests Actions Packages Releases 9 Activity

Compare commits

base: galen:v0.4.2
Branches Tags
galen:main galen:release-flow
galen:v0.4.6 galen:v0.4.5 galen:v0.4.4 galen:v0.4.3 galen:v0.4.2 galen:v0.4.1 galen:v0.4.0 galen:v0.3.1 galen:v0.3.0 galen:v0.2.0 galen:v0.1.1
..
compare: galen:v0.4.3
Branches Tags
galen:main galen:release-flow
galen:v0.4.6 galen:v0.4.5 galen:v0.4.4 galen:v0.4.3 galen:v0.4.2 galen:v0.4.1 galen:v0.4.0 galen:v0.3.1 galen:v0.3.0 galen:v0.2.0 galen:v0.1.1

2 Commits
v0.4.2 ... v0.4.3

Author SHA1 Message Date
Galen Abell
b62f1cf632 Bump version to v0.4.3
All checks were successful
Release workflow / Check version (push) Successful in 5s
Details
Release workflow / Publish Helm chart (push) Successful in 32s
Details
Release workflow / Publish Docker image (push) Successful in 2m24s
Details
2023-10-17 14:40:27 -04:00
Galen Abell
cfc6360ffc Revert secret decoding "fixes" 
Apparently the data from the secret is already decoded?
 2023-10-17 14:39:57 -04:00
2 changed files with 6 additions and 13 deletions
Expand all files Collapse all files

2
deploy/cert-manager-webhook-gandi/Chart.yaml
View File

@@ -1,4 +1,4 @@
apiVersion: v2 apiVersion: v2
description: A Helm chart for cert-manager-webhook-gandi description: A Helm chart for cert-manager-webhook-gandi
name: cert-manager-webhook-gandi name: cert-manager-webhook-gandi
version: v0.4.2 version: v0.4.3

17
main.go
View File

@@ -2,7 +2,6 @@ package main
import ( import (
"context" "context"
"encoding/base64"
"encoding/json" "encoding/json"
"errors" "errors"
"fmt" "fmt"
@@ -206,34 +205,28 @@ func (c *gandiDNSProviderSolver) newClient(ch *v1alpha1.ChallengeRequest) (*live
} }
return gandi.NewLiveDNSClient(config.Config{ return gandi.NewLiveDNSClient(config.Config{
APIKey: *apiKey, APIKey: apiKey,
Timeout: time.Second * 30, Timeout: time.Second * 30,
Debug: DebugHTTP != "", Debug: DebugHTTP != "",
}), nil }), nil
} }
// Get Gandi API key from Kubernetes secret. // Get Gandi API key from Kubernetes secret.
func (c *gandiDNSProviderSolver) getApiKey(cfg *gandiDNSProviderConfig, namespace string) (*string, error) { func (c *gandiDNSProviderSolver) getApiKey(cfg *gandiDNSProviderConfig, namespace string) (string, error) {
secretName := cfg.APIKeySecretRef.LocalObjectReference.Name secretName := cfg.APIKeySecretRef.LocalObjectReference.Name
klog.V(6).Infof("try to load secret `%s` with key `%s`", secretName, cfg.APIKeySecretRef.Key) klog.V(6).Infof("try to load secret `%s` with key `%s`", secretName, cfg.APIKeySecretRef.Key)
sec, err := c.client.CoreV1().Secrets(namespace).Get(context.Background(), secretName, metav1.GetOptions{}) sec, err := c.client.CoreV1().Secrets(namespace).Get(context.Background(), secretName, metav1.GetOptions{})
if err != nil { if err != nil {
return nil, fmt.Errorf("unable to get secret `%s`; %v", secretName, err) return "", fmt.Errorf("unable to get secret `%s`; %v", secretName, err)
} }
secBytes, ok := sec.Data[cfg.APIKeySecretRef.Key] secBytes, ok := sec.Data[cfg.APIKeySecretRef.Key]
if !ok { if !ok {
return nil, fmt.Errorf("key %q not found in secret \"%s/%s\"", cfg.APIKeySecretRef.Key, return "", fmt.Errorf("key %q not found in secret \"%s/%s\"", cfg.APIKeySecretRef.Key,
cfg.APIKeySecretRef.LocalObjectReference.Name, namespace) cfg.APIKeySecretRef.LocalObjectReference.Name, namespace)
} }
decoded := make([]byte, base64.StdEncoding.DecodedLen(len(secBytes)))
_, err = base64.RawStdEncoding.Decode(decoded, secBytes)
if err != nil {
return nil, fmt.Errorf("failed to decode api key secret: %w", err)
}
apiKey := string(decoded) return string(secBytes), nil
return &apiKey, nil
} }