func()

in controllers/stage/chain/configure_secret_manager.go [242:289]

• 44 lines of code
• 3 McCabe index (conditional complexity)

func (h ConfigureSecretManager) createExternalSecret(
	ctx context.Context,
	stageTargetNamespace,
	secretStoreName string,
) (*unstructured.Unstructured, error) {
	l := ctrl.LoggerFrom(ctx)

	externalSecret := externalsecrets.NewExternalSecret(externalSecretName, stageTargetNamespace)
	externalSecret.Object["spec"] = map[string]interface{}{
		"refreshInterval": "1h",
		"secretStoreRef": map[string]interface{}{
			"kind": externalsecrets.SecretStoreKind,
			"name": secretStoreName,
		},
		"data": []interface{}{
			map[string]interface{}{
				"secretKey": "secretValue",
				"remoteRef": map[string]interface{}{
					"key":                "regcred",
					"property":           ".dockerconfigjson",
					"decodingStrategy":   "None",
					"conversionStrategy": "Default",
				},
			},
		},
		"target": map[string]interface{}{
			"creationPolicy": "Owner",
			"deletionPolicy": "Retain",
			"template": map[string]interface{}{
				"engineVersion": "v2",
				"type":          "kubernetes.io/dockerconfigjson",
				"data": map[string]interface{}{
					".dockerconfigjson": "{{ .secretValue | toString }}",
				},
			},
		},
	}

	if err := h.multiClusterClient.Create(ctx, externalSecret); err != nil {
		if !k8sErrors.IsAlreadyExists(err) {
			return nil, fmt.Errorf("failed to create %s external secret: %w", externalSecret.GetName(), err)
		}

		l.Info("External secret for external secret integration already exists")
	}

	return externalSecret, nil
}