Fix SealedSecrets regression

Unfortunately PR #596 by @heyts appears to have not been tested
end-to-end and caused an outage for OpenFaaS Cloud users when
upgrading.

This change encodes the secret data value correctly for use
with the latest SealedSecrets version.

Ref: bitnami-labs/sealed-secrets#206

Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>

import-secrets/handler.go

@@ -59,7 +59,7 @@ func Handle(req []byte) string {
 	err = yaml.Unmarshal(req, &userSecret)
 
 	if err != nil {
-		fmt.Println("couldn't unmarshall secrets.yml\n", err)
+		fmt.Println("couldn't unmarshal secrets.yml\n", err)
 		os.Exit(-1)
 	}
 
@@ -128,7 +128,7 @@ func updateEncryptedData(ss *ssv1alpha1.SealedSecret, userSecret *SealedSecret)
 			return fmt.Errorf("can't decode base64 string (%s) - error: %s", k, err)
 		}
 
-		ss.Spec.EncryptedData[k] = string(encodedBytes)
+		ss.Spec.EncryptedData[k] = base64.StdEncoding.EncodeToString(encodedBytes)
 	}
 
 	return nil
@@ -146,13 +146,13 @@ type eventInfo struct {
 	owner string
 }
 
-type SealedSecretSpec struct {
-	EncryptedData map[string]string `yaml:"encryptedData"`
-}
-
 type SealedSecret struct {
 	ApiVersion string             `yaml:"apiVersion"`
 	Kind       string             `yaml:"kind"`
 	Metadata   *metav1.ObjectMeta `yaml:"metadata"`
 	Spec       SealedSecretSpec   `yaml:"spec"`
 }
+
+type SealedSecretSpec struct {
+	EncryptedData map[string]string `yaml:"encryptedData"`
+}

stack.yml

@@ -136,7 +136,7 @@ functions:
   import-secrets:
     lang: go
     handler: ./import-secrets
-    image: functions/import-secrets:0.6.1
+    image: functions/import-secrets:0.6.2
     labels:
       openfaas-cloud: "1"
       role: openfaas-system