// Patch inputs commaseparated domains, path to TLS secret file & the producti

1.  
2. // Patch inputs commaseparated domains, path to TLS secret file & the production Service struct
3. // These should be sufficient to patch the annotations and create/update the secret in production
4. func Patch(domains string, certSecretPath string, service utils.Service) bool {
5.  
6.     //////////////////////////
7.     // Create or Update Secret
8.     //////////////////////////
9.     secret := utils.GetLocalSecret(certSecretPath)
10.  
11.     log.Printf("Searching for existing secret Name:[%s] Namespace:[%s] in kubernetes...\n", secret.Metadata.Name, secret.Metadata.Namespace)
12.     secretExists := FindSecret(secret.Metadata.Name, secret.Metadata.Namespace)
13.  
14.     if secret.Kind == "Secret" {
15.         log.Printf("Local secret is of kind Secret\n")
16.         if !secretExists {
17.             log.Printf("Creating secret...\n")
18.             CreateSecret(certSecretPath)
19.         } else {
20.             log.Printf("Replacing existing secret...\n")
21.             ReplaceSecret(certSecretPath)
22.         }
23.     } else {
24.         panic("Certificate-secret not of Kind=Secret, Panicking.")
25.     }
26.  
27.     log.Printf("Secret successfully created/updated\n")
28.  
29.     ///////////////////////////////////////////
30.     // Create or Update Certificate Annotations
31.     ///////////////////////////////////////////
32.  
33.     // 1. The secrets holds the primary domain in the certificate name, strip "-cert" from it
34.     certificateReference := strings.Replace(secret.Metadata.Name, "-cert", "", -1)
35.  
36.     // 2. The certificateReference holds the primary domain, replace - with .
37.     primaryDomain := strings.Replace(certificateReference, "-", ".", -1)
38.  
39.     log.Printf("Certificate reference [%s]\n", certificateReference)
40.     log.Printf("Primary domain [%s]\n", primaryDomain)
41.  
42.     // 3. Concatenate the strings to build the reference
43.     domainCertificateReference := fmt.Sprintf("%s:%s", primaryDomain, certificateReference)
44.  
45.     // 4. Check if reference is present, if it is we EXIT
46.     certificateReferencePresent := strings.Contains(service.Metadata.Annotations.RouterDeisIoCertificates, domainCertificateReference)
47.     if certificateReferencePresent {
48.         return true
49.     }
50.  
51.     // 5. It's not present, is there any certificates present?
52.     if len(strings.TrimSpace(service.Metadata.Annotations.RouterDeisIoCertificates)) == 0 {
53.         // No, begin patching in Annotation Certificate without prefixing (,)
54.         PatchCertificateAnnotation(service, primaryDomain, domainCertificateReference, false)
55.     } else {
56.         // Yes begin patching in Annotation Certificate with prefixing (,)
57.         PatchCertificateAnnotation(service, primaryDomain, domainCertificateReference, true)
58.     }
59.  
60.     return false
61. }
62.  
63. // PatchCertificateAnnotation the *(/&-dangerous-&\)* function
64. func PatchCertificateAnnotation(service utils.Service, primaryDomain string, domainCertificateReference string, prefix bool) {
65.     log.Printf("Kubectl starting patch for annotations...\n")
66.     finalAnnotationString := ""
67.     if prefix {
68.         finalAnnotationString = service.Metadata.Annotations.RouterDeisIoCertificates + "," + domainCertificateReference
69.     } else {
70.         finalAnnotationString = domainCertificateReference
71.     }
72.  
73.     log.Printf("Annotation string: [%s]", finalAnnotationString)
74.     // kubectl annotate --overwrite services service.Metadata.Name -n service.Metadata.Namespace router.deis.io/certificates=finalAnnotationString
75. }