From 18fb67ce94432148bc2b8cb3a8f749a678582b46 Mon Sep 17 00:00:00 2001 From: Elie CHARRA Date: Thu, 20 Jun 2024 16:07:56 +0200 Subject: [PATCH] feat: allow to dynamically reload spacelift credentials from secret (#49) --- internal/spacelift/client/client.go | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/internal/spacelift/client/client.go b/internal/spacelift/client/client.go index 69ea0fc..ff08345 100644 --- a/internal/spacelift/client/client.go +++ b/internal/spacelift/client/client.go @@ -21,6 +21,10 @@ import ( // spaceliftClient is the authenticated client that can be used to interact with Spacelift var spaceliftClient Client +// secretVersion stores the version of the secret currently in use by the client +// This allows to recreate the spaceliftClient if the secret has been changed in the cluster +var secretVersion string + const ( SecretName = "spacelift-credentials" //nolint:gosec SpaceliftApiKeyEndpointKey = "SPACELIFT_API_KEY_ENDPOINT" //nolint:gosec @@ -31,12 +35,7 @@ const ( var DefaultClient = GetSpaceliftClient func GetSpaceliftClient(ctx context.Context, client k8sclient.Client, namespace string) (Client, error) { - if spaceliftClient != nil { - return spaceliftClient, nil - } - var secret v1.Secret - if err := client.Get( ctx, k8sclient.ObjectKey{ @@ -52,6 +51,11 @@ func GetSpaceliftClient(ctx context.Context, client k8sclient.Client, namespace apiKeyID := string(secret.Data[SpaceliftApiKeyIDKey]) apiKeySecret := string(secret.Data[SpaceliftApiKeySecretKey]) + currentSecretVersion := secret.GetResourceVersion() + if spaceliftClient != nil && currentSecretVersion == secretVersion { + return spaceliftClient, nil + } + session, err := func() (session.Session, error) { sessionCtx, cancel := context.WithTimeout(ctx, time.Second*5) defer cancel() @@ -62,6 +66,7 @@ func GetSpaceliftClient(ctx context.Context, client k8sclient.Client, namespace } spaceliftClient = New(http.DefaultClient, session) + secretVersion = currentSecretVersion return spaceliftClient, nil }