Add --append-hash flag to kubectl create configmap/secret

Specifying this new flag will automatically hash the configmap/secret contents with sha256 and append the first 40 hex-encoded bits of the hash to the name of the configmap/secret. This is especially useful for workflows that generate configmaps/secrets from files (e.g. --from-file). Note that vowels and vowel-like characters in the hash are remapped to consonants to make it more difficult to accidentally form bad words. See this Google doc for more background: https://docs.google.com/document/d/1x1fJ3pGRx20ujR-Y89HUAw8glUL8-ygaztLkkmQeCdU/edit
2026-01-05 07:27:21 +00:00 · 2017-07-28 10:18:08 -07:00
parent b248f77722
commit 503a6a8eec
16 changed files with 727 additions and 35 deletions
--- a/pkg/kubectl/secret_for_tls_test.go
+++ b/pkg/kubectl/secret_for_tls_test.go
@@ -145,6 +145,25 @@ func TestSecretForTLSGenerate(t *testing.T) {
 			},
 			expectErr: false,
 		},
+		"test-valid-tls-secret-append-hash": {
+			params: map[string]interface{}{
+				"name":        "foo",
+				"key":         validKeyPath,
+				"cert":        validCertPath,
+				"append-hash": true,
+			},
+			expected: &api.Secret{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "foo-272h6tt825",
+				},
+				Data: map[string][]byte{
+					api.TLSCertKey:       []byte(rsaCertPEM),
+					api.TLSPrivateKeyKey: []byte(rsaKeyPEM),
+				},
+				Type: api.SecretTypeTLS,
+			},
+			expectErr: false,
+		},
 		"test-invalid-key-pair": {
 			params: map[string]interface{}{
 				"name": "foo",