feat: implement pod-specific secret injection for DaemonSets with automated lifecycle management
This commit is contained in:
Pengzhan Hao
@@ -0,0 +1,51 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"flag"
|
||||
"fmt"
|
||||
"log"
|
||||
"os"
|
||||
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
"k8s.io/client-go/kubernetes"
|
||||
"k8s.io/client-go/tools/clientcmd"
|
||||
)
|
||||
|
||||
const DefaultKubeletConfigPath = "/var/lib/kubelet/kubeconfig"
|
||||
|
||||
func main() {
|
||||
var namespace string
|
||||
var secretName string
|
||||
var kubeconfig string
|
||||
flag.StringVar(&namespace, "namespace", "", "Namespace of the secret")
|
||||
flag.StringVar(&secretName, "secret", "", "Name of the secret")
|
||||
flag.StringVar(&kubeconfig, "kubeconfig", DefaultKubeletConfigPath, "Path to kubeconfig file")
|
||||
flag.Parse()
|
||||
|
||||
if namespace == "" || secretName == "" {
|
||||
fmt.Println("Usage: test-client --namespace <ns> --secret <name> [--kubeconfig <path>]")
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
config, err := clientcmd.BuildConfigFromFlags("", kubeconfig)
|
||||
if err != nil {
|
||||
log.Fatalf("Failed to get node's kubelet config: %v", err)
|
||||
}
|
||||
|
||||
clientset, err := kubernetes.NewForConfig(config)
|
||||
if err != nil {
|
||||
log.Fatalf("Failed to create clientset: %v", err)
|
||||
}
|
||||
|
||||
secret, err := clientset.CoreV1().Secrets(namespace).Get(context.TODO(), secretName, metav1.GetOptions{})
|
||||
if err != nil {
|
||||
log.Fatalf("Failed to get secret %s/%s: %v", namespace, secretName, err)
|
||||
}
|
||||
|
||||
fmt.Printf("Successfully retrieved secret %s/%s\n", namespace, secretName)
|
||||
for k, v := range secret.Data {
|
||||
fmt.Printf("Key: %s, Value: %s\n", k, string(v))
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user