mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-06 07:57:07 +00:00
7d8ed212a4
* feat: add image data loader to context Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: build Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: linter Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: update types Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: replace crane with remote Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: linter Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: linter Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
26 lines
930 B
Go
26 lines
930 B
Go
package imagedataloader
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/google/go-containerregistry/pkg/authn"
|
|
kauth "github.com/google/go-containerregistry/pkg/authn/kubernetes"
|
|
corev1 "k8s.io/api/core/v1"
|
|
k8serrors "k8s.io/apimachinery/pkg/api/errors"
|
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
|
k8scorev1 "k8s.io/client-go/kubernetes/typed/core/v1"
|
|
)
|
|
|
|
// generateKeychainForPullSecrets generates keychain by fetching secrets data from imagePullSecrets.
|
|
func generateKeychainForPullSecrets(ctx context.Context, lister k8scorev1.SecretInterface, imagePullSecrets ...string) (authn.Keychain, error) {
|
|
var secrets []corev1.Secret
|
|
for _, imagePullSecret := range imagePullSecrets {
|
|
secret, err := lister.Get(ctx, imagePullSecret, metav1.GetOptions{})
|
|
if err == nil {
|
|
secrets = append(secrets, *secret)
|
|
} else if !k8serrors.IsNotFound(err) {
|
|
return nil, err
|
|
}
|
|
}
|
|
return kauth.NewFromPullSecrets(context.TODO(), secrets)
|
|
}
|