Migrate sourcesecret package to runtime/secrets APIs

cappyzawa · cappyzawa · commit 8b95a093191e · 2025-07-29T22:50:56.000+09:00
The sourcesecret package now uses pkg/runtime/secrets factory
functions instead of the previous monolithic approach. This
provides standardized secret generation with consistent
validation and error handling across all authentication types.

Signed-off-by: cappyzawa &lt;cappyzawa@gmail.com&gt;
diff --git a/cmd/flux/create_secret_git.go b/cmd/flux/create_secret_git.go
@@ -172,7 +172,7 @@ func createSecretGitCmdRun(cmd *cobra.Command, args []string) error {
 		return fmt.Errorf("git URL scheme '%s' not supported, can be: ssh, http and https", u.Scheme)
 	}
 
-	secret, err := sourcesecret.Generate(opts)
+	secret, err := sourcesecret.GenerateGit(opts)
 	if err != nil {
 		return err
 	}
diff --git a/cmd/flux/create_secret_github_app.go b/cmd/flux/create_secret_github_app.go
@@ -99,7 +99,7 @@ func createSecretGitHubAppCmdRun(cmd *cobra.Command, args []string) error {
 		opts.GitHubAppBaseURL = secretGitHubAppArgs.baseURL
 	}
 
-	secret, err := sourcesecret.Generate(opts)
+	secret, err := sourcesecret.GenerateGitHubApp(opts)
 	if err != nil {
 		return err
 	}
diff --git a/cmd/flux/create_secret_helm.go b/cmd/flux/create_secret_helm.go
@@ -83,10 +83,12 @@ func createSecretHelmCmdRun(cmd *cobra.Command, args []string) error {
 	}
 
 	var certFile, keyFile []byte
-	if secretHelmArgs.tlsCrtFile != "" && secretHelmArgs.tlsKeyFile != "" {
+	if secretHelmArgs.tlsCrtFile != "" {
 		if certFile, err = os.ReadFile(secretHelmArgs.tlsCrtFile); err != nil {
 			return fmt.Errorf("failed to read cert file: %w", err)
 		}
+	}
+	if secretHelmArgs.tlsKeyFile != "" {
 		if keyFile, err = os.ReadFile(secretHelmArgs.tlsKeyFile); err != nil {
 			return fmt.Errorf("failed to read key file: %w", err)
 		}
@@ -102,7 +104,7 @@ func createSecretHelmCmdRun(cmd *cobra.Command, args []string) error {
 		TLSCrt:    certFile,
 		TLSKey:    keyFile,
 	}
-	secret, err := sourcesecret.Generate(opts)
+	secret, err := sourcesecret.GenerateHelm(opts)
 	if err != nil {
 		return err
 	}
diff --git a/cmd/flux/create_secret_notation.go b/cmd/flux/create_secret_notation.go
@@ -132,7 +132,7 @@ func createSecretNotationCmdRun(cmd *cobra.Command, args []string) error {
 		VerificationCrts: caCerts,
 		TrustPolicy:      policy,
 	}
-	secret, err := sourcesecret.Generate(opts)
+	secret, err := sourcesecret.GenerateNotation(opts)
 	if err != nil {
 		return err
 	}
diff --git a/cmd/flux/create_secret_oci.go b/cmd/flux/create_secret_oci.go
@@ -92,7 +92,7 @@ func createSecretOCICmdRun(cmd *cobra.Command, args []string) error {
 		Username:  secretOCIArgs.username,
 	}
 
-	secret, err := sourcesecret.Generate(opts)
+	secret, err := sourcesecret.GenerateOCI(opts)
 	if err != nil {
 		return err
 	}
diff --git a/cmd/flux/create_secret_proxy.go b/cmd/flux/create_secret_proxy.go
@@ -83,7 +83,7 @@ func createSecretProxyCmdRun(cmd *cobra.Command, args []string) error {
 		Username:  secretProxyArgs.username,
 		Password:  secretProxyArgs.password,
 	}
-	secret, err := sourcesecret.Generate(opts)
+	secret, err := sourcesecret.GenerateProxy(opts)
 	if err != nil {
 		return err
 	}
diff --git a/cmd/flux/create_secret_tls.go b/cmd/flux/create_secret_tls.go
@@ -84,16 +84,18 @@ func createSecretTLSCmdRun(cmd *cobra.Command, args []string) error {
 		}
 	}
 
-	if secretTLSArgs.tlsCrtFile != "" && secretTLSArgs.tlsKeyFile != "" {
+	if secretTLSArgs.tlsCrtFile != "" {
 		if opts.TLSCrt, err = os.ReadFile(secretTLSArgs.tlsCrtFile); err != nil {
 			return fmt.Errorf("failed to read cert file: %w", err)
 		}
+	}
+	if secretTLSArgs.tlsKeyFile != "" {
 		if opts.TLSKey, err = os.ReadFile(secretTLSArgs.tlsKeyFile); err != nil {
 			return fmt.Errorf("failed to read key file: %w", err)
 		}
 	}
 
-	secret, err := sourcesecret.Generate(opts)
+	secret, err := sourcesecret.GenerateTLS(opts)
 	if err != nil {
 		return err
 	}
diff --git a/cmd/flux/create_source_git.go b/cmd/flux/create_source_git.go
@@ -305,7 +305,7 @@ func createSourceGitCmdRun(cmd *cobra.Command, args []string) error {
 			secretOpts.Username = sourceGitArgs.username
 			secretOpts.Password = sourceGitArgs.password
 		}
-		secret, err := sourcesecret.Generate(secretOpts)
+		secret, err := sourcesecret.GenerateGit(secretOpts)
 		if err != nil {
 			return err
 		}
diff --git a/cmd/flux/create_source_helm.go b/cmd/flux/create_source_helm.go
@@ -202,7 +202,7 @@ func createSourceHelmCmdRun(cmd *cobra.Command, args []string) error {
 			TLSKey:       keyFile,
 			ManifestFile: sourcesecret.MakeDefaultOptions().ManifestFile,
 		}
-		secret, err := sourcesecret.Generate(secretOpts)
+		secret, err := sourcesecret.GenerateHelm(secretOpts)
 		if err != nil {
 			return err
 		}
diff --git a/cmd/flux/install.go b/cmd/flux/install.go
@@ -250,7 +250,7 @@ func installCmdRun(cmd *cobra.Command, args []string) error {
 			Username:  credentials[0],
 			Password:  credentials[1],
 		}
-		imagePullSecret, err := sourcesecret.Generate(secretOpts)
+		imagePullSecret, err := sourcesecret.GenerateOCI(secretOpts)
 		if err != nil {
 			return fmt.Errorf("install failed: %w", err)
 		}
diff --git a/cmd/flux/testdata/create_secret/githubapp/secret-with-baseurl.yaml b/cmd/flux/testdata/create_secret/githubapp/secret-with-baseurl.yaml
@@ -36,4 +36,5 @@ stringData:
     lbD102oXw9lUefVI0McyQIN9J58ewDC79AG7gU/fTSt6F75OeFLOJmoedQo33Y+s
     bUytJtOhHbLRNxwgalhjBUNWICrDktqJmumNOEOOPBqVz7RGwUg=
     -----END RSA PRIVATE KEY-----
+type: Opaque
 
diff --git a/cmd/flux/testdata/create_secret/githubapp/secret.yaml b/cmd/flux/testdata/create_secret/githubapp/secret.yaml
@@ -35,4 +35,5 @@ stringData:
     lbD102oXw9lUefVI0McyQIN9J58ewDC79AG7gU/fTSt6F75OeFLOJmoedQo33Y+s
     bUytJtOhHbLRNxwgalhjBUNWICrDktqJmumNOEOOPBqVz7RGwUg=
     -----END RSA PRIVATE KEY-----
+type: Opaque
 
diff --git a/cmd/flux/testdata/create_secret/helm/secret-helm.yaml b/cmd/flux/testdata/create_secret/helm/secret-helm.yaml
@@ -7,4 +7,5 @@ metadata:
 stringData:
   password: my-password
   username: my-username
+type: kubernetes.io/basic-auth
 
diff --git a/cmd/flux/testdata/create_secret/oci/create-secret.yaml b/cmd/flux/testdata/create_secret/oci/create-secret.yaml
@@ -5,6 +5,15 @@ metadata:
   name: ghcr
   namespace: my-namespace
 stringData:
-  .dockerconfigjson: '{"auths":{"ghcr.io":{"username":"stefanprodan","password":"password","auth":"c3RlZmFucHJvZGFuOnBhc3N3b3Jk"}}}'
+  .dockerconfigjson: |-
+    {
+      "auths": {
+        "ghcr.io": {
+          "username": "stefanprodan",
+          "password": "password",
+          "auth": "c3RlZmFucHJvZGFuOnBhc3N3b3Jk"
+        }
+      }
+    }
 type: kubernetes.io/dockerconfigjson
 
diff --git a/cmd/flux/testdata/create_secret/proxy/secret-proxy.yaml b/cmd/flux/testdata/create_secret/proxy/secret-proxy.yaml
@@ -8,4 +8,5 @@ stringData:
   address: https://my-proxy.com
   password: my-password
   username: my-username
+type: Opaque
 
diff --git a/go.mod b/go.mod
@@ -18,15 +18,15 @@ require (
 	github.com/fluxcd/kustomize-controller/api v1.6.1
 	github.com/fluxcd/notification-controller/api v1.6.0
 	github.com/fluxcd/pkg/apis/event v0.18.0
-	github.com/fluxcd/pkg/apis/meta v1.17.0
+	github.com/fluxcd/pkg/apis/meta v1.18.0
 	github.com/fluxcd/pkg/auth v0.21.0
 	github.com/fluxcd/pkg/chartutil v1.7.0
 	github.com/fluxcd/pkg/envsubst v1.4.0
 	github.com/fluxcd/pkg/git v0.34.0
 	github.com/fluxcd/pkg/git/gogit v0.37.0
 	github.com/fluxcd/pkg/kustomize v1.19.0
 	github.com/fluxcd/pkg/oci v0.51.0
-	github.com/fluxcd/pkg/runtime v0.69.0
+	github.com/fluxcd/pkg/runtime v0.75.0
 	github.com/fluxcd/pkg/sourceignore v0.13.0
 	github.com/fluxcd/pkg/ssa v0.51.0
 	github.com/fluxcd/pkg/ssh v0.20.0
@@ -101,7 +101,6 @@ require (
 	github.com/aws/smithy-go v1.22.4 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/blang/semver/v4 v4.0.0 // indirect
-	github.com/bradleyfalzon/ghinstallation/v2 v2.16.0 // indirect
 	github.com/bshuster-repo/logrus-logstash-hook v1.0.0 // indirect
 	github.com/carapace-sh/carapace-shlex v1.0.1 // indirect
 	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
@@ -143,7 +142,6 @@ require (
 	github.com/go-openapi/jsonreference v0.21.0 // indirect
 	github.com/go-openapi/swag v0.23.1 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
-	github.com/golang-jwt/jwt/v4 v4.5.2 // indirect
 	github.com/golang-jwt/jwt/v5 v5.2.2 // indirect
 	github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
 	github.com/gonvenience/idem v0.0.1 // indirect
@@ -153,7 +151,6 @@ require (
 	github.com/google/btree v1.1.3 // indirect
 	github.com/google/gnostic-models v0.7.0 // indirect
 	github.com/google/go-github/v71 v71.0.0 // indirect
-	github.com/google/go-github/v72 v72.0.0 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/s2a-go v0.1.9 // indirect
 	github.com/google/uuid v1.6.0 // indirect
diff --git a/go.sum b/go.sum
@@ -89,8 +89,6 @@ github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
 github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
 github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM=
 github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ=
-github.com/bradleyfalzon/ghinstallation/v2 v2.16.0 h1:B91r9bHtXp/+XRgS5aZm6ZzTdz3ahgJYmkt4xZkgDz8=
-github.com/bradleyfalzon/ghinstallation/v2 v2.16.0/go.mod h1:OeVe5ggFzoBnmgitZe/A+BqGOnv1DvU/0uiLQi1wutM=
 github.com/bshuster-repo/logrus-logstash-hook v1.0.0 h1:e+C0SB5R1pu//O4MQ3f9cFuPGoOVeF2fE4Og9otCc70=
 github.com/bshuster-repo/logrus-logstash-hook v1.0.0/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk=
 github.com/bsm/ginkgo/v2 v2.7.0/go.mod h1:AiKlXPm7ItEHNc/2+OkrNG4E0ITzojb9/xWzvQ9XZ9w=
@@ -192,8 +190,8 @@ github.com/fluxcd/pkg/apis/event v0.18.0 h1:PNbWk9gvX8gMIi6VsJapnuDO+giLEeY+6olL
 github.com/fluxcd/pkg/apis/event v0.18.0/go.mod h1:7S/DGboLolfbZ6stO6dcDhG1SfkPWQ9foCULvbiYpiA=
 github.com/fluxcd/pkg/apis/kustomize v1.11.0 h1:0IzDgxZkc4v+5SDNCvgZhfwfkdkQLPXCner7TNaJFWE=
 github.com/fluxcd/pkg/apis/kustomize v1.11.0/go.mod h1:j302mJGDww8cn9qvMsRQ0LJ1HPAPs/IlX7CSsoJV7BI=
-github.com/fluxcd/pkg/apis/meta v1.17.0 h1:KVMDyJQj1NYCsppsFUkbJGMnKxsqJVpnKBFolHf/q8E=
-github.com/fluxcd/pkg/apis/meta v1.17.0/go.mod h1:97l3hTwBpJbXBY+wetNbqrUsvES8B1jGioKcBUxmqd8=
+github.com/fluxcd/pkg/apis/meta v1.18.0 h1:ACHrMIjlcioE9GKS7NGk62KX4NshqNewr8sBwMcXABs=
+github.com/fluxcd/pkg/apis/meta v1.18.0/go.mod h1:97l3hTwBpJbXBY+wetNbqrUsvES8B1jGioKcBUxmqd8=
 github.com/fluxcd/pkg/auth v0.21.0 h1:ckAQqP12wuptXEkMY18SQKWEY09m9e6yI0mEMsDV15M=
 github.com/fluxcd/pkg/auth v0.21.0/go.mod h1:MXmpsXT97c874HCw5hnfqFUP7TsG8/Ss1vFrk8JccfM=
 github.com/fluxcd/pkg/cache v0.10.0 h1:M+OGDM4da1cnz7q+sZSBtkBJHpiJsLnKVmR9OdMWxEY=
@@ -212,8 +210,8 @@ github.com/fluxcd/pkg/kustomize v1.19.0 h1:2eO8lMx0/H/Yyq35LMTAMhxEElOzMW0Yi9zUN
 github.com/fluxcd/pkg/kustomize v1.19.0/go.mod h1:OCCW9vU3lStDh3jyg9MM/a29MSdNAVk2wjl0lDos5Fs=
 github.com/fluxcd/pkg/oci v0.51.0 h1:9oYnm+T4SCVSBif9gn80ALJkMGSERabVMDJiaMIdr7Y=
 github.com/fluxcd/pkg/oci v0.51.0/go.mod h1:5J6IhHoDVYCVeBEC+4E3nPeKh7d0kjJ8IEL6NVCiTx4=
-github.com/fluxcd/pkg/runtime v0.69.0 h1:5gPY95NSFI34GlQTj0+NHjOFpirSwviCUb9bM09b5nA=
-github.com/fluxcd/pkg/runtime v0.69.0/go.mod h1:ug+pat+I4wfOBuCy2E/pLmBNd3kOOo4cP2jxnxefPwY=
+github.com/fluxcd/pkg/runtime v0.75.0 h1:wIaODmU5D54nyrehTqA9oQDFoi6BbBj/24adLStXc0I=
+github.com/fluxcd/pkg/runtime v0.75.0/go.mod h1:iGhdaEq+lMJQTJNAFEPOU4gUJ7kt3yeDcJPZy7O9IUw=
 github.com/fluxcd/pkg/sourceignore v0.13.0 h1:ZvkzX2WsmyZK9cjlqOFFW1onHVzhPZIqDbCh96rPqbU=
 github.com/fluxcd/pkg/sourceignore v0.13.0/go.mod h1:Z9H1GoBx0ljOhptnzoV0PL6Nd/UzwKcSphP27lqb4xI=
 github.com/fluxcd/pkg/ssa v0.51.0 h1:sFarxKZcS0J8sjq9qvs/r+1XiJqNgRodEiPjV75F8R4=
@@ -275,8 +273,6 @@ github.com/gofrs/uuid v4.4.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRx
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
 github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
-github.com/golang-jwt/jwt/v4 v4.5.2 h1:YtQM7lnr8iZ+j5q71MGKkNw9Mn7AjHM68uc9g5fXeUI=
-github.com/golang-jwt/jwt/v4 v4.5.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
 github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8=
 github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
 github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 h1:f+oWsMOmNPc8JmEHVZIycC7hBoQxHH9pNKQORJNozsQ=
@@ -312,8 +308,6 @@ github.com/google/go-containerregistry v0.20.6 h1:cvWX87UxxLgaH76b4hIvya6Dzz9qHB
 github.com/google/go-containerregistry v0.20.6/go.mod h1:T0x8MuoAoKX/873bkeSfLD2FAkwCDf9/HZgsFJ02E2Y=
 github.com/google/go-github/v71 v71.0.0 h1:Zi16OymGKZZMm8ZliffVVJ/Q9YZreDKONCr+WUd0Z30=
 github.com/google/go-github/v71 v71.0.0/go.mod h1:URZXObp2BLlMjwu0O8g4y6VBneUj2bCHgnI8FfgZ51M=
-github.com/google/go-github/v72 v72.0.0 h1:FcIO37BLoVPBO9igQQ6tStsv2asG4IPcYFi655PPvBM=
-github.com/google/go-github/v72 v72.0.0/go.mod h1:WWtw8GMRiL62mvIquf1kO3onRHeWWKmK01qdCY8c5fg=
 github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
 github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
diff --git a/pkg/bootstrap/bootstrap_plain_git.go b/pkg/bootstrap/bootstrap_plain_git.go
@@ -236,7 +236,7 @@ func (b *PlainGitBootstrapper) ReconcileSourceSecret(ctx context.Context, option
 
 	// Generate source secret
 	b.logger.Actionf("generating source secret")
-	manifest, err := sourcesecret.Generate(options)
+	manifest, err := sourcesecret.GenerateGit(options)
 	if err != nil {
 		return err
 	}
diff --git a/pkg/manifestgen/sourcesecret/sourcesecret.go b/pkg/manifestgen/sourcesecret/sourcesecret.go

Original file line number	Diff line number	Diff line change
`@@ -172,7 +172,7 @@ func createSecretGitCmdRun(cmd *cobra.Command, args []string) error {`
`172`	`172`	`return fmt.Errorf("git URL scheme '%s' not supported, can be: ssh, http and https", u.Scheme)`
`173`	`173`	`}`
`174`	`174`
`175`		`- secret, err := sourcesecret.Generate(opts)`
	`175`	`+ secret, err := sourcesecret.GenerateGit(opts)`
`176`	`176`	`if err != nil {`
`177`	`177`	`return err`
`178`	`178`	`}`
Original file line number	Diff line number	Diff line change
`@@ -99,7 +99,7 @@ func createSecretGitHubAppCmdRun(cmd *cobra.Command, args []string) error {`
`99`	`99`	`opts.GitHubAppBaseURL = secretGitHubAppArgs.baseURL`
`100`	`100`	`}`
`101`	`101`
`102`		`- secret, err := sourcesecret.Generate(opts)`
	`102`	`+ secret, err := sourcesecret.GenerateGitHubApp(opts)`
`103`	`103`	`if err != nil {`
`104`	`104`	`return err`
`105`	`105`	`}`
Original file line number	Diff line number	Diff line change
`@@ -83,10 +83,12 @@ func createSecretHelmCmdRun(cmd *cobra.Command, args []string) error {`
`83`	`83`	`}`
`84`	`84`
`85`	`85`	`var certFile, keyFile []byte`
`86`		`- if secretHelmArgs.tlsCrtFile != "" && secretHelmArgs.tlsKeyFile != "" {`
	`86`	`+ if secretHelmArgs.tlsCrtFile != "" {`
`87`	`87`	`if certFile, err = os.ReadFile(secretHelmArgs.tlsCrtFile); err != nil {`
`88`	`88`	`return fmt.Errorf("failed to read cert file: %w", err)`
`89`	`89`	`}`
	`90`	`+ }`
	`91`	`+ if secretHelmArgs.tlsKeyFile != "" {`
`90`	`92`	`if keyFile, err = os.ReadFile(secretHelmArgs.tlsKeyFile); err != nil {`
`91`	`93`	`return fmt.Errorf("failed to read key file: %w", err)`
`92`	`94`	`}`
`@@ -102,7 +104,7 @@ func createSecretHelmCmdRun(cmd *cobra.Command, args []string) error {`
`102`	`104`	`TLSCrt: certFile,`
`103`	`105`	`TLSKey: keyFile,`
`104`	`106`	`}`
`105`		`- secret, err := sourcesecret.Generate(opts)`
	`107`	`+ secret, err := sourcesecret.GenerateHelm(opts)`
`106`	`108`	`if err != nil {`
`107`	`109`	`return err`
`108`	`110`	`}`
Original file line number	Diff line number	Diff line change
`@@ -132,7 +132,7 @@ func createSecretNotationCmdRun(cmd *cobra.Command, args []string) error {`
`132`	`132`	`VerificationCrts: caCerts,`
`133`	`133`	`TrustPolicy: policy,`
`134`	`134`	`}`
`135`		`- secret, err := sourcesecret.Generate(opts)`
	`135`	`+ secret, err := sourcesecret.GenerateNotation(opts)`
`136`	`136`	`if err != nil {`
`137`	`137`	`return err`
`138`	`138`	`}`
Original file line number	Diff line number	Diff line change
`@@ -92,7 +92,7 @@ func createSecretOCICmdRun(cmd *cobra.Command, args []string) error {`
`92`	`92`	`Username: secretOCIArgs.username,`
`93`	`93`	`}`
`94`	`94`
`95`		`- secret, err := sourcesecret.Generate(opts)`
	`95`	`+ secret, err := sourcesecret.GenerateOCI(opts)`
`96`	`96`	`if err != nil {`
`97`	`97`	`return err`
`98`	`98`	`}`
Original file line number	Diff line number	Diff line change
`@@ -83,7 +83,7 @@ func createSecretProxyCmdRun(cmd *cobra.Command, args []string) error {`
`83`	`83`	`Username: secretProxyArgs.username,`
`84`	`84`	`Password: secretProxyArgs.password,`
`85`	`85`	`}`
`86`		`- secret, err := sourcesecret.Generate(opts)`
	`86`	`+ secret, err := sourcesecret.GenerateProxy(opts)`
`87`	`87`	`if err != nil {`
`88`	`88`	`return err`
`89`	`89`	`}`
Original file line number	Diff line number	Diff line change
`@@ -84,16 +84,18 @@ func createSecretTLSCmdRun(cmd *cobra.Command, args []string) error {`
`84`	`84`	`}`
`85`	`85`	`}`
`86`	`86`
`87`		`- if secretTLSArgs.tlsCrtFile != "" && secretTLSArgs.tlsKeyFile != "" {`
	`87`	`+ if secretTLSArgs.tlsCrtFile != "" {`
`88`	`88`	`if opts.TLSCrt, err = os.ReadFile(secretTLSArgs.tlsCrtFile); err != nil {`
`89`	`89`	`return fmt.Errorf("failed to read cert file: %w", err)`
`90`	`90`	`}`
	`91`	`+ }`
	`92`	`+ if secretTLSArgs.tlsKeyFile != "" {`
`91`	`93`	`if opts.TLSKey, err = os.ReadFile(secretTLSArgs.tlsKeyFile); err != nil {`
`92`	`94`	`return fmt.Errorf("failed to read key file: %w", err)`
`93`	`95`	`}`
`94`	`96`	`}`
`95`	`97`
`96`		`- secret, err := sourcesecret.Generate(opts)`
	`98`	`+ secret, err := sourcesecret.GenerateTLS(opts)`
`97`	`99`	`if err != nil {`
`98`	`100`	`return err`
`99`	`101`	`}`
Original file line number	Diff line number	Diff line change
`@@ -305,7 +305,7 @@ func createSourceGitCmdRun(cmd *cobra.Command, args []string) error {`
`305`	`305`	`secretOpts.Username = sourceGitArgs.username`
`306`	`306`	`secretOpts.Password = sourceGitArgs.password`
`307`	`307`	`}`
`308`		`- secret, err := sourcesecret.Generate(secretOpts)`
	`308`	`+ secret, err := sourcesecret.GenerateGit(secretOpts)`
`309`	`309`	`if err != nil {`
`310`	`310`	`return err`
`311`	`311`	`}`
Original file line number	Diff line number	Diff line change
`@@ -202,7 +202,7 @@ func createSourceHelmCmdRun(cmd *cobra.Command, args []string) error {`
`202`	`202`	`TLSKey: keyFile,`
`203`	`203`	`ManifestFile: sourcesecret.MakeDefaultOptions().ManifestFile,`
`204`	`204`	`}`
`205`		`- secret, err := sourcesecret.Generate(secretOpts)`
	`205`	`+ secret, err := sourcesecret.GenerateHelm(secretOpts)`
`206`	`206`	`if err != nil {`
`207`	`207`	`return err`
`208`	`208`	`}`
Original file line number	Diff line number	Diff line change
`@@ -250,7 +250,7 @@ func installCmdRun(cmd *cobra.Command, args []string) error {`
`250`	`250`	`Username: credentials[0],`
`251`	`251`	`Password: credentials[1],`
`252`	`252`	`}`
`253`		`- imagePullSecret, err := sourcesecret.Generate(secretOpts)`
	`253`	`+ imagePullSecret, err := sourcesecret.GenerateOCI(secretOpts)`
`254`	`254`	`if err != nil {`
`255`	`255`	`return fmt.Errorf("install failed: %w", err)`
`256`	`256`	`}`