Merge pull request #25285 from ingvagabund/extend-secrets-volumes-with-path-control

Automatic merge from submit-queue Extend secrets volumes with path control As per [1] this PR extends secrets mapped into volume with: * key-to-path mapping the same way as is for configmap. E.g. ``` { "apiVersion": "v1", "kind": "Pod", "metadata": { "name": "mypod", "namespace": "default" }, "spec": { "containers": [{ "name": "mypod", "image": "redis", "volumeMounts": [{ "name": "foo", "mountPath": "/etc/foo", "readOnly": true }] }], "volumes": [{ "name": "foo", "secret": { "secretName": "mysecret", "items": [{ "key": "username", "path": "my-username" }] } }] } } ``` Here the ``spec.volumes[0].secret.items`` added changing original target ``/etc/foo/username`` to ``/etc/foo/my-username``. * secondly, refactoring ``pkg/volumes/secrets/secrets.go`` volume plugin to use ``AtomicWritter`` to project a secret into file. [1] https://github.com/kubernetes/kubernetes/blob/master/docs/design/configmap.md#changes-to-secret
2016-05-21 03:55:13 -07:00
parent 62a8394eb4 e3aa900d52
commit eb733cbf45
20 changed files with 737 additions and 337 deletions
--- a/pkg/api/deep_copy_generated.go
+++ b/pkg/api/deep_copy_generated.go
@@ -2748,6 +2748,17 @@ func DeepCopy_api_SecretList(in SecretList, out *SecretList, c *conversion.Clone

 func DeepCopy_api_SecretVolumeSource(in SecretVolumeSource, out *SecretVolumeSource, c *conversion.Cloner) error {
 	out.SecretName = in.SecretName
+	if in.Items != nil {
+		in, out := in.Items, &out.Items
+		*out = make([]KeyToPath, len(in))
+		for i := range in {
+			if err := DeepCopy_api_KeyToPath(in[i], &(*out)[i], c); err != nil {
+				return err
+			}
+		}
+	} else {
+		out.Items = nil
+	}
 	return nil
 }