cmd/containerboot: don't attempt to patch a Secret field without permissions (#14365)

Signed-off-by: Irbe Krumina <irbe@tailscale.com>
2024-12-11 14:58:44 +00:00
parent f1ccdcc713
commit 6e552f66a0
3 changed files with 3 additions and 1 deletions
--- a/cmd/containerboot/kube.go
+++ b/cmd/containerboot/kube.go
@ -24,6 +24,7 @@ import (
 type kubeClient struct {
 	kubeclient.Client
 	stateSecret string
+	canPatch    bool // whether the client has permissions to patch Kubernetes Secrets
 }

 func newKubeClient(root string, stateSecret string) (*kubeClient, error) {