func()

in controllers/stage/chain/configure_secret_manager.go [202:240]

• 35 lines of code
• 3 McCabe index (conditional complexity)

func (h ConfigureSecretManager) createSecretStore(
	ctx context.Context,
	stageNamespace,
	stageTargetNamespace,
	serviceAccountName string,
) (*unstructured.Unstructured, error) {
	l := ctrl.LoggerFrom(ctx)

	secretStore := externalsecrets.NewSecretStore(secretStoreName, stageTargetNamespace)
	secretStore.Object["spec"] = map[string]interface{}{
		"provider": map[string]interface{}{
			"kubernetes": map[string]interface{}{
				"remoteNamespace": stageNamespace,
				"auth": map[string]interface{}{
					"serviceAccount": map[string]interface{}{
						"name": serviceAccountName,
					},
				},
				"server": map[string]interface{}{
					"caProvider": map[string]interface{}{
						"type": "ConfigMap",
						"name": "kube-root-ca.crt",
						"key":  "ca.crt",
					},
				},
			},
		},
	}

	if err := h.multiClusterClient.Create(ctx, secretStore); err != nil {
		if !k8sErrors.IsAlreadyExists(err) {
			return nil, fmt.Errorf("failed to create %s secret store: %w", secretStore.GetName(), err)
		}

		l.Info("Secret store for external secret integration already exists")
	}

	return secretStore, nil
}