@@ -320,6 +320,20 @@ echo "templates: ok"

 [ "$(openshift admin TYPO; echo $? | grep '1')" ]

 [ "$(openshift cli TYPO; echo $? | grep '1')" ]

 [ "$(oc policy TYPO; echo $? | grep '1')" ]

+[ "$(oc secrets TYPO; echo $? | grep '1')" ]

+

+

+oc secrets new-dockercfg dockercfg --docker-username=sample-user --docker-password=sample-password --docker-email=fake@example.org

+# can't use a go template here because the output needs to be base64 decoded.  base64 isn't installed by default in all distros

+oc describe secrets/dockercfg | grep "dockercfg:" | awk '{print $2}' > ${HOME}/.dockercfg

+oc secrets new from-file ${HOME}/.dockercfg

+# check to make sure the type was correctly auto-detected

+[ "$(oc get secret/from-file -t "{{ .type }}" | grep "kubernetes.io/dockercfg")" ]

+# make sure the -o works correctly

+[ "$(oc secrets new-dockercfg dockercfg --docker-username=sample-user --docker-password=sample-password --docker-email=fake@example.org -o yaml | grep "kubernetes.io/dockercfg")" ]

+[ "$(oc secrets new from-file ${HOME}/.dockercfg -o yaml | grep "kubernetes.io/dockercfg")" ]

+echo "secrets: ok"

+

 oc get pods --match-server-version

 oc create -f examples/hello-openshift/hello-pod.json

@@ -42,7 +42,7 @@ func NewCommandAdmin(name, fullName string, out io.Writer) *cobra.Command {

 	f := clientcmd.New(cmds.PersistentFlags())

 	cmds.AddCommand(project.NewCmdNewProject(project.NewProjectRecommendedName, fullName+" "+project.NewProjectRecommendedName, f, out))

-	cmds.AddCommand(policy.NewCommandPolicy(policy.PolicyRecommendedName, fullName+" "+policy.PolicyRecommendedName, f, out))

+	cmds.AddCommand(policy.NewCmdPolicy(policy.PolicyRecommendedName, fullName+" "+policy.PolicyRecommendedName, f, out))

 	cmds.AddCommand(exipfailover.NewCmdIPFailoverConfig(f, fullName, "ipfailover", out))

 	cmds.AddCommand(router.NewCmdRouter(f, fullName, "router", out))

 	cmds.AddCommand(registry.NewCmdRegistry(f, fullName, "registry", out))

@@ -20,8 +20,8 @@ import (

 const PolicyRecommendedName = "policy"

-// NewCommandPolicy implements the OpenShift cli policy command

-func NewCommandPolicy(name, fullName string, f *clientcmd.Factory, out io.Writer) *cobra.Command {

+// NewCmdPolicy implements the OpenShift cli policy command

+func NewCmdPolicy(name, fullName string, f *clientcmd.Factory, out io.Writer) *cobra.Command {

 	// Parent command to which all subcommands are added.

 	cmds := &cobra.Command{

 		Use:   name,

@@ -13,6 +13,7 @@ import (

 	"github.com/openshift/origin/pkg/cmd/cli/cmd"

 	"github.com/openshift/origin/pkg/cmd/cli/policy"

+	"github.com/openshift/origin/pkg/cmd/cli/secrets"

 	"github.com/openshift/origin/pkg/cmd/templates"

 	cmdutil "github.com/openshift/origin/pkg/cmd/util"

 	"github.com/openshift/origin/pkg/cmd/util/clientcmd"

@@ -117,7 +118,8 @@ func NewCommandCLI(name, fullName string) *cobra.Command {

 				cmd.NewCmdUpdate(fullName, f, out),

 				cmd.NewCmdProcess(fullName, f, out),

 				cmd.NewCmdExport(fullName, f, os.Stdin, out),

-				policy.NewCommandPolicy(policy.PolicyRecommendedName, fullName+" "+policy.PolicyRecommendedName, f, out),

+				policy.NewCmdPolicy(policy.PolicyRecommendedName, fullName+" "+policy.PolicyRecommendedName, f, out),

+				secrets.NewCmdSecrets(secrets.SecretsRecommendedName, fullName+" "+secrets.SecretsRecommendedName, f, out, fullName+" edit"),

 			},

 		},

 		{

@@ -2,7 +2,6 @@ package policy

 import (

 	"io"

-	"os"

 	"github.com/spf13/cobra"

@@ -13,7 +12,7 @@ import (

 const PolicyRecommendedName = "policy"

-func NewCommandPolicy(name, fullName string, f *clientcmd.Factory, out io.Writer) *cobra.Command {

+func NewCmdPolicy(name, fullName string, f *clientcmd.Factory, out io.Writer) *cobra.Command {

 	// Parent command to which all subcommands are added.

 	cmds := &cobra.Command{

 		Use:   name,

@@ -33,10 +32,3 @@ func NewCommandPolicy(name, fullName string, f *clientcmd.Factory, out io.Writer

 	return cmds

 }

-

-func runHelp(cmd *cobra.Command, args []string) {

-	cmd.Help()

-

-	// make sure that we exit with non-zero status so that typoed commands don't look like they were successful

-	os.Exit(1)

-}

new file mode 120000

@@ -0,0 +1 @@

+.

\ No newline at end of file

new file mode 100644

@@ -0,0 +1 @@

+this is a test file

new file mode 100644

@@ -0,0 +1 @@

+this is a file in a directory

new file mode 100644

@@ -0,0 +1 @@

+this filename is invalid DNS Subdomain

new file mode 100644

new file mode 100644

@@ -0,0 +1 @@

+this is a multiple file named www.google.com 

new file mode 100644

@@ -0,0 +1 @@

+this is a valid file

new file mode 100644

@@ -0,0 +1,125 @@

+package secrets

+

+import (

+	"io/ioutil"

+	"testing"

+

+	kapi "github.com/GoogleCloudPlatform/kubernetes/pkg/api"

+	"github.com/GoogleCloudPlatform/kubernetes/pkg/util"

+)

+

+func TestValidate(t *testing.T) {

+	tests := []struct {

+		testName string

+		args     []string

+		expErr   bool

+	}{

+		{

+			testName: "validArgs",

+			args:     []string{"testSecret", "./bsFixtures/www.google.com"},

+		},

+		{

+			testName: "noName",

+			args:     []string{"./bsFixtures/www.google.com"},

+			expErr:   true, //"Secret name is required"

+		},

+		{

+			testName: "noFilesPassed",

+			args:     []string{"testSecret"},

+			expErr:   true, //"At least one source file or directory must be specified"

+		},

+	}

+

+	for _, test := range tests {

+		options := NewCreateSecretOptions()

+		options.Complete(test.args, nil)

+		err := options.Validate()

+		if err != nil && !test.expErr {

+			t.Errorf("%s: unexpected error: %v", test.testName, err)

+		}

+	}

+}

+

+func TestCreateSecret(t *testing.T) {

+	tests := []struct {

+		testName string

+		args     []string

+		expErr   bool

+		quiet    bool

+	}{

+		{

+			testName: "validSources",

+			args:     []string{"testSecret", "./bsFixtures/www.google.com", "./bsFixtures/dirNoSubdir"},

+		},

+		{

+			testName: "invalidDNS",

+			args:     []string{"testSecret", "./bsFixtures/invalid/invalid-DNS"},

+			expErr:   true, // "/bsFixtures/invalid-DNS cannot be used as a key in a secret"

+		},

+		{

+			testName: "leadingDotsAllowed",

+			args:     []string{"testSecret", "./bsFixtures/leadingdot/.dockercfg"},

+		},

+		{

+			testName: "filesSameName",

+			args:     []string{"testSecret", "./bsFixtures/www.google.com", "./bsFixtures/multiple/www.google.com"},

+			expErr:   true, // "Multiple files with the same name (www.google.com) cannot be included a secret"

+		},

+		{

+			testName: "testQuietTrue",

+			args:     []string{"testSecret", "./bsFixtures/dir"},

+			quiet:    true,

+		},

+		{

+			testName: "testQuietFalse",

+			args:     []string{"testSecret", "./bsFixtures/dir"},

+			expErr:   true, // "Skipping resource <resource path>"

+		},

+	}

+	for _, test := range tests {

+		options := NewCreateSecretOptions()

+		options.Complete(test.args, nil)

+		options.Quiet = test.quiet

+

+		err := options.Validate()

+		if err != nil {

+			t.Errorf("unexpected error")

+		}

+		_, err = options.BundleSecret()

+		if err != nil && !test.expErr {

+			t.Errorf("%s: unexpected error: %s", test.testName, err)

+		}

+	}

+}

+

+func TestSecretTypeSpecified(t *testing.T) {

+	options := CreateSecretOptions{

+		Name:           "any",

+		SecretTypeName: string(kapi.SecretTypeDockercfg),

+		Sources:        util.StringList([]string{"./bsFixtures/www.google.com"}),

+		Stderr:         ioutil.Discard,

+	}

+

+	secret, err := options.BundleSecret()

+	if err != nil {

+		t.Errorf("unexpected error: %v", err)

+	}

+	if secret.Type != kapi.SecretTypeDockercfg {

+		t.Errorf("expected %v, got %v", kapi.SecretTypeDockercfg, secret.Type)

+	}

+}

+func TestSecretTypeDiscovered(t *testing.T) {

+	options := CreateSecretOptions{

+		Name:    "any",

+		Sources: util.StringList([]string{"./bsFixtures/leadingdot/.dockercfg"}),

+		Stderr:  ioutil.Discard,

+	}

+

+	secret, err := options.BundleSecret()

+	if err != nil {

+		t.Errorf("unexpected error: %v", err)

+	}

+	if secret.Type != kapi.SecretTypeDockercfg {

+		t.Errorf("expected %v, got %v", kapi.SecretTypeDockercfg, secret.Type)

+	}

+}

new file mode 100644

@@ -0,0 +1,197 @@

+package secrets

+

+import (

+	"encoding/json"

+	"errors"

+	"fmt"

+	"io"

+	"io/ioutil"

+	"strings"

+

+	"github.com/GoogleCloudPlatform/kubernetes/pkg/api"

+	"github.com/GoogleCloudPlatform/kubernetes/pkg/client"

+	"github.com/GoogleCloudPlatform/kubernetes/pkg/credentialprovider"

+	cmdutil "github.com/GoogleCloudPlatform/kubernetes/pkg/kubectl/cmd/util"

+

+	"github.com/spf13/cobra"

+)

+

+const (

+	CreateDockerConfigSecretRecommendedName = "new-dockercfg"

+

+	createDockercfgLong = `Create a new dockercfg secret

+

+Dockercfg secrets are used to authenticate against Docker registries.

+

+When using the Docker command line to push images, you can authenticate to a given registry by running 

+  'docker login DOCKER_REGISTRY_SERVER --username=DOCKER_USER --password=DOCKER_PASSWORD --email=DOCKER_EMAIL'.

+That produces a ~/.dockercfg file that is used by subsequent 'docker push' and 'docker pull' commands to authenticate to the registry.

+

+When using OpenShift, you may have a Docker registry that requires authentication.  In order for the nodes to pull images on your behalf, they have to have the credentials.  You can provide this information by creating a dockercfg secret and attaching it to your service account.

+

+If you don't already have a .dockercfg file, you can create a dockercfg secret directly by using:

+

+  $ %s SECRET_NAME --docker-server=DOCKER_REGISTRY_SERVER --docker-username=DOCKER_USER --docker-password=DOCKER_PASSWORD --docker-email=DOCKER_EMAIL

+

+If you do already have a .dockercfg file, you can create a dockercfg secret by using:

+

+  $ %s SECRET_NAME path/to/.dockercfg

+

+You can then use '%s SERVICE_ACCOUNT' to add the new secret to 'imagePullSecrets' for the node to use or 'secrets' for builds to use.

+`

+)

+

+type CreateDockerConfigOptions struct {

+	SecretNamespace  string

+	SecretName       string

+	RegistryLocation string

+	Username         string

+	Password         string

+	EmailAddress     string

+

+	SecretsInterface client.SecretsInterface

+

+	Out io.Writer

+}

+

+// NewCmdCreateDockerConfigSecret creates a command object for making a dockercfg secret

+func NewCmdCreateDockerConfigSecret(name, fullName string, f *cmdutil.Factory, out io.Writer, newSecretFullName, ocEditFullName string) *cobra.Command {

+	o := &CreateDockerConfigOptions{Out: out}

+

+	cmd := &cobra.Command{

+		Use:   fmt.Sprintf("%s SECRET_NAME --docker-server=DOCKER_REGISTRY_SERVER --docker-username=DOCKER_USER --docker-password=DOCKER_PASSWORD --docker-email=DOCKER_EMAIL", name),

+		Short: "Create a new dockercfg secret",

+		Long:  fmt.Sprintf(createDockercfgLong, fullName, newSecretFullName, ocEditFullName),

+		Run: func(c *cobra.Command, args []string) {

+			if err := o.Complete(f, args); err != nil {

+				cmdutil.CheckErr(err)

+			}

+

+			if err := o.Validate(); err != nil {

+				cmdutil.CheckErr(err)

+			}

+

+			if len(cmdutil.GetFlagString(c, "output")) != 0 {

+				secret, err := o.MakeDockerSecret()

+				cmdutil.CheckErr(err)

+

+				cmdutil.CheckErr(f.PrintObject(c, secret, out))

+				return

+			}

+

+			if err := o.CreateDockerSecret(); err != nil {

+				cmdutil.CheckErr(err)

+			}

+

+		},

+	}

+

+	cmd.Flags().StringVar(&o.Username, "docker-username", "", "username for Docker registry authentication")

+	cmd.Flags().StringVar(&o.Password, "docker-password", "", "password for Docker registry authentication")

+	cmd.Flags().StringVar(&o.EmailAddress, "docker-email", "", "email for Docker registry")

+	cmd.Flags().StringVar(&o.RegistryLocation, "docker-server", "https://index.docker.io/v1/", "server location for Docker registry")

+	cmdutil.AddPrinterFlags(cmd)

+

+	return cmd

+}

+

+func (o CreateDockerConfigOptions) CreateDockerSecret() error {

+	secret, err := o.MakeDockerSecret()

+	if err != nil {

+		return err

+	}

+

+	if _, err := o.SecretsInterface.Create(secret); err != nil {

+		return err

+	}

+

+	fmt.Fprintf(o.GetOut(), "secret/%s\n", secret.Name)

+

+	return nil

+}

+

+func (o CreateDockerConfigOptions) MakeDockerSecret() (*api.Secret, error) {

+	if err := o.Validate(); err != nil {

+		return nil, err

+	}

+

+	dockercfgAuth := credentialprovider.DockerConfigEntry{

+		Username: o.Username,

+		Password: o.Password,

+		Email:    o.EmailAddress,

+	}

+

+	dockerCfg := map[string]credentialprovider.DockerConfigEntry{o.RegistryLocation: dockercfgAuth}

+

+	dockercfgContent, err := json.Marshal(dockerCfg)

+	if err != nil {

+		return nil, err

+	}

+

+	secret := &api.Secret{}

+	secret.Namespace = o.SecretNamespace

+	secret.Name = o.SecretName

+	secret.Type = api.SecretTypeDockercfg

+	secret.Data = map[string][]byte{}

+	secret.Data[api.DockerConfigKey] = dockercfgContent

+

+	return secret, nil

+}

+

+func (o *CreateDockerConfigOptions) Complete(f *cmdutil.Factory, args []string) error {

+	if len(args) != 1 {

+		return errors.New("must have exactly one argument: secret name")

+	}

+	o.SecretName = args[0]

+

+	client, err := f.Client()

+	if err != nil {

+		return err

+	}

+	o.SecretNamespace, err = f.DefaultNamespace()

+	if err != nil {

+		return err

+	}

+

+	o.SecretsInterface = client.Secrets(o.SecretNamespace)

+

+	return nil

+}

+

+func (o CreateDockerConfigOptions) Validate() error {

+	if len(o.SecretNamespace) == 0 {

+		return errors.New("SecretNamespace must be present")

+	}

+	if len(o.SecretName) == 0 {

+		return errors.New("secret name must be present")

+	}

+	if len(o.RegistryLocation) == 0 {

+		return errors.New("docker-server must be present")

+	}

+	if len(o.Username) == 0 {

+		return errors.New("docker-username must be present")

+	}

+	if len(o.Password) == 0 {

+		return errors.New("docker-password must be present")

+	}

+	if len(o.EmailAddress) == 0 {

+		return errors.New("docker-email must be present")

+	}

+	if o.SecretsInterface == nil {

+		return errors.New("SecretsInterface must be present")

+	}

+

+	if strings.Contains(o.Username, ":") {

+		return fmt.Errorf("username '%v' is illegal because it contains a ':'", o.Username)

+	}

+

+	return nil

+}

+

+func (o CreateDockerConfigOptions) GetOut() io.Writer {

+	if o.Out == nil {

+		return ioutil.Discard

+	}

+

+	return o.Out

+}

new file mode 100644

@@ -0,0 +1,28 @@

+package secrets

+

+import (

+	"reflect"

+

+	kapi "github.com/GoogleCloudPlatform/kubernetes/pkg/api"

+	"github.com/GoogleCloudPlatform/kubernetes/pkg/util"

+)

+

+type KnownSecretType struct {

+	Type             kapi.SecretType

+	RequiredContents util.StringSet

+}

+

+func (ks KnownSecretType) Matches(secretContent map[string][]byte) bool {

+	if secretContent == nil {

+		return false

+	}

+

+	secretKeys := util.KeySet(reflect.ValueOf(secretContent))

+	return reflect.DeepEqual(ks.RequiredContents.List(), secretKeys.List())

+}

+

+var (

+	KnownSecretTypes = []KnownSecretType{

+		{kapi.SecretTypeDockercfg, util.NewStringSet(kapi.DockerConfigKey)},

+	}

+)

new file mode 100644

@@ -0,0 +1,230 @@

+package secrets

+

+import (

+	"errors"

+	"fmt"

+	"io"

+	"io/ioutil"

+	"os"

+	"path"

+

+	kapi "github.com/GoogleCloudPlatform/kubernetes/pkg/api"

+	kvalidation "github.com/GoogleCloudPlatform/kubernetes/pkg/api/validation"

+	kclient "github.com/GoogleCloudPlatform/kubernetes/pkg/client"

+	cmdutil "github.com/GoogleCloudPlatform/kubernetes/pkg/kubectl/cmd/util"

+	"github.com/GoogleCloudPlatform/kubernetes/pkg/util"

+

+	"github.com/openshift/origin/pkg/cmd/util/clientcmd"

+	"github.com/spf13/cobra"

+)

+

+const NewSecretRecommendedCommandName = "new"

+

+type CreateSecretOptions struct {

+	// Name of the resulting secret

+	Name string

+

+	// SecretTypeName is the type to use when creating the secret.  It is checked against known types.

+	SecretTypeName string

+

+	// Files/Directories to read from.

+	// Directory sources are listed and any direct file children included (but subfolders are not traversed)

+	Sources util.StringList

+

+	SecretsInterface kclient.SecretsInterface

+

+	// Writer to write warnings to

+	Stderr io.Writer

+

+	Out io.Writer

+

+	// Controls whether to output warnings

+	Quiet bool

+}

+

+func NewCmdCreateSecret(name, fullName string, f *clientcmd.Factory, out io.Writer) *cobra.Command {

+	options := NewCreateSecretOptions()

+	options.Out = out

+

+	cmd := &cobra.Command{

+		Use:   fmt.Sprintf("%s NAME SOURCE [SOURCE ...]", name),

+		Short: "Create a new secret based on a file or files within a directory",

+		Long: fmt.Sprintf(`Create a new secret based on a file or files within a directory.

+

+  $ %s <secret-name> <source> [<source>...]

+		`, fullName),

+		Run: func(c *cobra.Command, args []string) {

+			cmdutil.CheckErr(options.Complete(args, f))

+

+			cmdutil.CheckErr(options.Validate())

+

+			if len(cmdutil.GetFlagString(c, "output")) != 0 {

+				secret, err := options.BundleSecret()

+				cmdutil.CheckErr(err)

+

+				cmdutil.CheckErr(f.Factory.PrintObject(c, secret, out))

+				return

+			}

+			_, err := options.CreateSecret()

+			cmdutil.CheckErr(err)

+		},

+	}

+

+	cmd.Flags().BoolVarP(&options.Quiet, "quiet", "q", options.Quiet, "Suppress warnings")

+	cmd.Flags().VarP(&options.Sources, "source", "f", "List of filenames or directories to populate the data elements in a secret")

+	cmd.Flags().StringVar(&options.SecretTypeName, "type", "", "The type of secret")

+	cmdutil.AddPrinterFlags(cmd)

+

+	return cmd

+}

+

+func NewCreateSecretOptions() *CreateSecretOptions {

+	return &CreateSecretOptions{

+		Stderr:  os.Stderr,

+		Sources: util.StringList{},

+	}

+}

+

+func (o *CreateSecretOptions) Complete(args []string, f *clientcmd.Factory) error {

+	// Fill name from args[0]

+	if len(args) > 0 {

+		o.Name = args[0]

+	}

+

+	// Add sources from args[1:...] in addition to -f

+	if len(args) > 1 {

+		o.Sources = append(o.Sources, args[1:]...)

+	}

+

+	if f != nil {

+		_, kubeClient, err := f.Clients()

+		if err != nil {

+			return err

+		}

+		namespace, err := f.Factory.DefaultNamespace()

+		if err != nil {

+			return err

+		}

+		o.SecretsInterface = kubeClient.Secrets(namespace)

+	}

+

+	return nil

+}

+

+func (o *CreateSecretOptions) Validate() error {

+	if len(o.Name) == 0 {

+		return errors.New("Secret name is required")

+	}

+	if len(o.Sources) == 0 {

+		return errors.New("At least one source file or directory must be specified")

+	}

+

+nameCheck:

+	switch o.SecretTypeName {

+	case string(kapi.SecretTypeOpaque), "":

+		// this is ok

+	default:

+		// TODO this probably isn't a good idea.  It limits the power of this command.  Maybe allow unknown names with a force?

+		for _, secretType := range KnownSecretTypes {

+			if o.SecretTypeName == string(secretType.Type) {

+				break nameCheck

+			}

+		}

+		return fmt.Errorf("unknown secret type: %v", o.SecretTypeName)

+	}

+

+	return nil

+}

+

+func (o *CreateSecretOptions) CreateSecret() (*kapi.Secret, error) {

+	secret, err := o.BundleSecret()

+	if err != nil {

+		return nil, err

+	}

+

+	persistedSecret, err := o.SecretsInterface.Create(secret)

+	if err == nil {

+		fmt.Fprintf(o.Out, "secret/%s\n", persistedSecret.Name)

+	}

+

+	return persistedSecret, err

+}

+

+func (o *CreateSecretOptions) BundleSecret() (*kapi.Secret, error) {

+	secretData := make(map[string][]byte)

+

+	for _, source := range o.Sources {

+		info, err := os.Stat(source)

+		if err != nil {

+			switch err := err.(type) {

+			case *os.PathError:

+				return nil, fmt.Errorf("Error reading %s: %v", source, err.Err)

+			default:

+				return nil, fmt.Errorf("Error reading %s: %v", source, err)

+			}

+		}

+

+		if info.IsDir() {

+			fileList, err := ioutil.ReadDir(source)

+			if err != nil {

+				return nil, fmt.Errorf("Error listing files in %s: %v", source, err)

+			}

+

+			for _, item := range fileList {

+				itemPath := path.Join(source, item.Name())

+				if !item.Mode().IsRegular() {

+					if o.Stderr != nil && o.Quiet != true {

+						fmt.Fprintf(o.Stderr, "Skipping resource %s\n", itemPath)

+					}

+				} else {

+					if err := readFile(itemPath, secretData); err != nil {

+						return nil, err

+					}

+				}

+			}

+		} else if err := readFile(source, secretData); err != nil {

+			return nil, err

+		}

+	}

+

+	if len(secretData) == 0 {

+		return nil, errors.New("No files selected")

+	}

+

+	// if the secret type isn't specified, attempt to auto-detect likely hit

+	secretType := kapi.SecretType(o.SecretTypeName)

+	if len(o.SecretTypeName) == 0 {

+		secretType = kapi.SecretTypeOpaque

+

+		for _, knownSecretType := range KnownSecretTypes {

+			if knownSecretType.Matches(secretData) {

+				secretType = knownSecretType.Type

+			}

+		}

+	}

+

+	secret := &kapi.Secret{

+		ObjectMeta: kapi.ObjectMeta{Name: o.Name},

+		Type:       secretType,

+		Data:       secretData,

+	}

+

+	return secret, nil

+}

+

+func readFile(filePath string, dataMap map[string][]byte) error {

+	fileName := path.Base(filePath)

+	if !kvalidation.IsSecretKey(fileName) {

+		return fmt.Errorf("%s cannot be used as a key in a secret", filePath)

+	}

+	if _, exists := dataMap[fileName]; exists {

+		return fmt.Errorf("Multiple files with the same name (%s) cannot be included in a secret", fileName)

+	}

+

+	data, err := ioutil.ReadFile(filePath)

+	if err != nil {

+		return err

+	}

+	dataMap[fileName] = data

+	return nil

+}

new file mode 100644

@@ -0,0 +1,36 @@

+package secrets

+

+import (

+	"io"

+

+	"github.com/spf13/cobra"

+

+	cmdutil "github.com/openshift/origin/pkg/cmd/util"

+	"github.com/openshift/origin/pkg/cmd/util/clientcmd"

+)

+

+const SecretsRecommendedName = "secrets"

+

+const (

+	secretsLong = `Manage secrets in your project.

+

+Secrets are used to store confidential information that should not be contained inside of an image.

+They are commonly used to hold things like keys for authentication to other internal systems like 

+Docker registries.`

+)

+

+func NewCmdSecrets(name, fullName string, f *clientcmd.Factory, out io.Writer, ocEditFullName string) *cobra.Command {

+	// Parent command to which all subcommands are added.

+	cmds := &cobra.Command{

+		Use:   name,

+		Short: "Manage secrets",

+		Long:  secretsLong,

+		Run:   cmdutil.DefaultSubCommandRun(out),

+	}

+

+	newSecretFullName := fullName + " " + NewSecretRecommendedCommandName

+	cmds.AddCommand(NewCmdCreateSecret(NewSecretRecommendedCommandName, newSecretFullName, f, out))

+	cmds.AddCommand(NewCmdCreateDockerConfigSecret(CreateDockerConfigSecretRecommendedName, fullName+" "+CreateDockerConfigSecretRecommendedName, f.Factory, out, newSecretFullName, ocEditFullName))

+

+	return cmds

+}

deleted file mode 120000

@@ -1 +0,0 @@

-.

\ No newline at end of file

deleted file mode 100644

@@ -1 +0,0 @@

-this is a test file

deleted file mode 100644

@@ -1 +0,0 @@

-this is a file in a directory

deleted file mode 100644

@@ -1 +0,0 @@

-this filename is invalid DNS Subdomain

deleted file mode 100644

deleted file mode 100644

@@ -1 +0,0 @@

-this is a multiple file named www.google.com 

deleted file mode 100644

@@ -1 +0,0 @@

-this is a valid file

deleted file mode 100644

@@ -1,205 +0,0 @@

-package bundlesecret

-

-import (

-	"errors"

-	"fmt"

-	"io"

-	"io/ioutil"

-	"os"

-	"path"

-

-	kapi "github.com/GoogleCloudPlatform/kubernetes/pkg/api"

-	kvalidation "github.com/GoogleCloudPlatform/kubernetes/pkg/api/validation"

-	cmdutil "github.com/GoogleCloudPlatform/kubernetes/pkg/kubectl/cmd/util"

-	"github.com/GoogleCloudPlatform/kubernetes/pkg/util"

-

-	"github.com/openshift/origin/pkg/cmd/util/clientcmd"

-	"github.com/spf13/cobra"

-)

-

-type CreateSecretOptions struct {

-	// Name of the resulting secret

-	Name string

-

-	// SecretTypeName is the type to use when creating the secret.  It is checked against known types.

-	SecretTypeName string

-

-	// Files/Directories to read from.

-	// Directory sources are listed and any direct file children included (but subfolders are not traversed)

-	Sources util.StringList

-

-	// Writer to write warnings to

-	Stderr io.Writer

-	// Controls whether to output warnings

-	Quiet bool

-}

-

-func NewCmdBundleSecret(f *clientcmd.Factory, parentName, name string, out io.Writer) *cobra.Command {

-

-	options := NewDefaultOptions()

-

-	cmd := &cobra.Command{

-		Use:   fmt.Sprintf("%s NAME SOURCE [SOURCE ...]", name),

-		Short: "Bundle files (or files within directories) into a Kubernetes secret",

-		Long: fmt.Sprintf(`Bundle files (or files within directories) into a Kubernetes secret.

-

-  $ %s %s <secret-name> <source> [<source>...]

-		`, parentName, name),

-		Run: func(c *cobra.Command, args []string) {

-			cmdutil.CheckErr(options.Complete(args))

-

-			err := options.Validate()

-			if err != nil {

-				fmt.Fprintf(c.Out(), "Error: %v\n\n", err.Error())

-				c.Help()

-				return

-			}

-

-			secret, err := options.CreateSecret()

-			if err != nil {

-				cmdutil.CheckErr(err)

-			}

-

-			err = f.Factory.PrintObject(c, secret, out)

-			if err != nil {

-				cmdutil.CheckErr(err)

-			}

-		},

-	}

-

-	cmd.Flags().BoolVarP(&options.Quiet, "quiet", "q", options.Quiet, "Suppress warnings")

-	cmd.Flags().VarP(&options.Sources, "source", "f", "List of filenames or directories to use as sources of Kubernetes Secret.Data")

-	cmd.Flags().StringVar(&options.SecretTypeName, "type", "", "The type of secret")

-	cmdutil.AddPrinterFlags(cmd)

-

-	// Default to JSON

-	if flag := cmd.Flags().Lookup("output"); flag != nil {

-		flag.Value.Set("json")

-	}

-

-	return cmd

-}

-

-func NewDefaultOptions() *CreateSecretOptions {

-	return &CreateSecretOptions{

-		Stderr:  os.Stderr,

-		Sources: util.StringList{},

-	}

-}

-

-func (o *CreateSecretOptions) Complete(args []string) error {