wormhole/tilt_modules/secret/Tiltfile

# -*- mode: Python -*-

def secret_yaml_generic(name, namespace="", from_file=None, secret_type=None, from_env_file=None):
  """Returns YAML for a generic secret

  Args:
    name: The secret name.
    namespace: The namespace.
    from_file: Use the from-file secret generator. May be a string or a list of strings.
       Example: ["ssh--privatekey=path/to/id_rsa", "ssh-publickey=path/to/id_rsa.pub"]
    from_env_file: Specify the path to a file to read lines of key=val pairs to create a secret
      (i.e. a Docker .env file)
    secret_type (optional): Specify the type of the secret
      Example: 'kubernetes.io/dockerconfigjson'

  Returns:
    The secret YAML as a blob
  """

  args = [
    "kubectl",
    "create",
    "secret",
    "generic",
    name,
  ]

  if namespace:
    args.extend(["-n", namespace])

  generator = False
  if from_file:
    if type(from_file) == "string":
      args.extend(["--from-file", from_file])
      generator = True
    elif type(from_file) == "list":
      for f in from_file:
        args.extend(["--from-file", f])
      generator = True
    else:
      fail("Bad from_file argument: %s" % from_file)

  if from_env_file:
    if type(from_env_file) != "string":
      fail("from_env_file only accepts strings")

    args.extend(["--from-env-file", from_env_file])
    generator = True

  if not generator:
    fail("No secret generator specified")

  if secret_type:
    if type(secret_type) == "string":
      args.extend(["--type", secret_type])
    else:
      fail("Bad secret_type argument: %s" % secret_type)

  args.extend(["-o=yaml", "--dry-run=client"])
  return local(args)

def secret_create_generic(name, namespace="", from_file=None, secret_type=None, from_env_file=None):
  """Creates a secret in the current Kubernetes cluster.

  Args:
    name: The secret name.
    namespace: The namespace.
    from_file: Use the from-file secret generator. May be a string or a list of strings.
      Example: ["ssh--privatekey=path/to/id_rsa", "ssh-publickey=path/to/id_rsa.pub"]
    from_env_file: Specify the path to a file to read lines of key=val pairs to create a secret
      (i.e. a Docker .env file)
    secret_type (optional): Specify the type of the secret
      Example: 'kubernetes.io/dockerconfigjson'
  """
  k8s_yaml(secret_yaml_generic(name, namespace, from_file, secret_type, from_env_file))