fix: warn if secrets not generated

See coop-cloud/organising#499
2023-10-04 15:08:59 +02:00
parent dc5d3a8dd6
commit 8078e91e52
4 changed files with 102 additions and 32 deletions
--- a/pkg/secret/secret.go
+++ b/pkg/secret/secret.go
@ -4,6 +4,7 @@
 package secret

 import (
+	"context"
 	"fmt"
 	"slices"
 	"strconv"
@ -11,9 +12,11 @@ import (
 	"sync"

 	"coopcloud.tech/abra/pkg/client"
+	"coopcloud.tech/abra/pkg/config"
 	"coopcloud.tech/abra/pkg/upstream/stack"
 	loader "coopcloud.tech/abra/pkg/upstream/stack"
 	"github.com/decentral1se/passgen"
+	"github.com/docker/docker/api/types"
 	dockerClient "github.com/docker/docker/client"
 	"github.com/sirupsen/logrus"
 )
@ -209,3 +212,66 @@ func GenerateSecrets(cl *dockerClient.Client, secretsFromConfig map[string]strin

 	return secrets, nil
 }
+
+type secretStatus struct {
+	LocalName       string
+	RemoteName      string
+	Version         string
+	CreatedOnRemote bool
+}
+
+type secretStatuses []secretStatus
+
+// PollSecretsStatus checks status of secrets by comparing the local recipe
+// config and deploymend server state.
+func PollSecretsStatus(cl *dockerClient.Client, app config.App) (secretStatuses, error) {
+	var secStats secretStatuses
+
+	composeFiles, err := config.GetComposeFiles(app.Recipe, app.Env)
+	if err != nil {
+		return secStats, err
+	}
+
+	secretsConfig, err := ReadSecretsConfig(app.Env, composeFiles, app.Recipe)
+	if err != nil {
+		return secStats, err
+	}
+
+	filters, err := app.Filters(false, false)
+	if err != nil {
+		return secStats, err
+	}
+
+	secretList, err := cl.SecretList(context.Background(), types.SecretListOptions{Filters: filters})
+	if err != nil {
+		return secStats, err
+	}
+
+	remoteSecretNames := make(map[string]bool)
+	for _, cont := range secretList {
+		remoteSecretNames[cont.Spec.Annotations.Name] = true
+	}
+
+	for secretName, secretValue := range secretsConfig {
+		createdRemote := false
+
+		val, err := ParseSecretValue(secretValue)
+		if err != nil {
+			return secStats, err
+		}
+
+		secretRemoteName := fmt.Sprintf("%s_%s_%s", app.StackName(), secretName, val.Version)
+		if _, ok := remoteSecretNames[secretRemoteName]; ok {
+			createdRemote = true
+		}
+
+		secStats = append(secStats, secretStatus{
+			LocalName:       secretName,
+			RemoteName:      secretRemoteName,
+			Version:         val.Version,
+			CreatedOnRemote: createdRemote,
+		})
+	}
+
+	return secStats, nil
+}