secrets

package

v0.6.12 Latest Latest Go to latest Published: Dec 12, 2025 License: Apache-2.0 Imports: 7 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/stacklok/toolhive

Links

Open Source Insights

Documentation ¶

Overview ¶

Package secrets provides utilities for working with Kubernetes Secrets.

This package offers a Client that wraps the controller-runtime client and provides convenience methods for common Secret operations like Get, GetValue, and Upsert with optional owner references.

Example usage:

client := secrets.NewClient(ctrlClient, scheme)

// Get a secret value
value, err := client.GetSecretValue(ctx, "namespace", secretKeySelector)

// Upsert a secret with owner reference
result, err := client.UpsertWithOwnerReference(ctx, secret, ownerObject)

Index ¶

type Client
- func NewClient(c client.Client, scheme *runtime.Scheme) *Client

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Client ¶

type Client struct {
	// contains filtered or unexported fields
}

Client provides convenience methods for working with Kubernetes Secrets.

func NewClient ¶

func NewClient(c client.Client, scheme *runtime.Scheme) *Client

NewClient creates a new secrets Client instance. The scheme is required for operations that need to set owner references.

func (*Client) Get ¶

func (c *Client) Get(ctx context.Context, name, namespace string) (*corev1.Secret, error)

Get retrieves a Kubernetes Secret by name and namespace. Returns the secret if found, or an error if not found or on failure.

func (*Client) GetValue ¶

func (c *Client) GetValue(ctx context.Context, namespace string, secretRef corev1.SecretKeySelector) (string, error)

GetValue retrieves a specific key's value from a Kubernetes Secret. Uses a SecretKeySelector to identify the secret name and key. Returns the value as a string, or an error if the secret or key is not found.

func (*Client) Upsert ¶

func (c *Client) Upsert(ctx context.Context, secret *corev1.Secret) (controllerutil.OperationResult, error)

Upsert creates or updates a Kubernetes Secret without an owner reference. Uses retry logic to handle conflicts from concurrent modifications. Returns the operation result (Created, Updated, or Unchanged) and any error.

func (*Client) UpsertWithOwnerReference ¶

func (c *Client) UpsertWithOwnerReference(
	ctx context.Context,
	secret *corev1.Secret,
	owner client.Object,
) (controllerutil.OperationResult, error)

UpsertWithOwnerReference creates or updates a Kubernetes Secret with an owner reference. The owner reference ensures the secret is garbage collected when the owner is deleted. Uses retry logic to handle conflicts from concurrent modifications. Returns the operation result (Created, Updated, or Unchanged) and any error.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL