-
Notifications
You must be signed in to change notification settings - Fork 37
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat:Including import credentials for project via secretRef
- Loading branch information
Frank Kouokam
committed
May 8, 2024
1 parent
bc056bb
commit 53872da
Showing
4 changed files
with
118 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -21,6 +21,7 @@ import ( | |
"strconv" | ||
|
||
"github.com/xanzy/go-gitlab" | ||
"k8s.io/apimachinery/pkg/types" | ||
|
||
"github.com/google/go-cmp/cmp" | ||
"github.com/google/go-cmp/cmp/cmpopts" | ||
|
@@ -41,6 +42,10 @@ import ( | |
"github.com/crossplane-contrib/provider-gitlab/pkg/clients" | ||
"github.com/crossplane-contrib/provider-gitlab/pkg/clients/projects" | ||
"github.com/crossplane-contrib/provider-gitlab/pkg/features" | ||
|
||
"net/url" | ||
|
||
corev1 "k8s.io/api/core/v1" | ||
) | ||
|
||
const ( | ||
|
@@ -50,6 +55,10 @@ const ( | |
errUpdateFailed = "cannot update Gitlab project" | ||
errDeleteFailed = "cannot delete Gitlab project" | ||
errGetFailed = "cannot retrieve Gitlab project with" | ||
errNoImportSecret = "cannot retrieve secret for import" | ||
errUsernameNotFound = "No username in secret for import project" | ||
errPasswordNotFound = "No password in secret for import project" | ||
errParseUrlFailed = "Could not parse the provided importUrl" | ||
) | ||
|
||
// SetupProject adds a controller that reconciles Projects. | ||
|
@@ -150,6 +159,57 @@ func (e *external) Create(ctx context.Context, mg resource.Managed) (managed.Ext | |
return managed.ExternalCreation{}, errors.New(errNotProject) | ||
} | ||
|
||
keySecretRef := cr.Spec.ForProvider.ImportUrlSecretRef | ||
importUrl := cr.Spec.ForProvider.ImportURL | ||
|
||
// User has provided secret for the import | ||
secretRefIsNotEmpty := keySecretRef != nil && keySecretRef.Namespace != "" && keySecretRef.Name != "" | ||
keysAreNotEmpty := keySecretRef != nil && keySecretRef.PasswordKey != "" && keySecretRef.UsernameKey != "" | ||
importUrlIsNotEmpty := importUrl != nil && *importUrl != "" | ||
|
||
if secretRefIsNotEmpty && keysAreNotEmpty && importUrlIsNotEmpty { | ||
// Retrieve secret from k8s | ||
namespacedName := types.NamespacedName{ | ||
Namespace: keySecretRef.Namespace, | ||
Name: keySecretRef.Name, | ||
} | ||
|
||
secret := &corev1.Secret{} | ||
|
||
err := e.kube.Get(ctx, namespacedName, secret) | ||
|
||
if err != nil { | ||
return managed.ExternalCreation{}, errors.Wrap(err, errNoImportSecret) | ||
} | ||
|
||
// Obtain the password from the secret. | ||
password := string(secret.Data[keySecretRef.PasswordKey]) | ||
if password == "" { | ||
return managed.ExternalCreation{}, errors.Wrap(err, errPasswordNotFound) | ||
} | ||
|
||
// Obtain the username from the secret. | ||
username := string(secret.Data[keySecretRef.UsernameKey]) | ||
if username == "" { | ||
return managed.ExternalCreation{}, errors.Wrap(err, errUsernameNotFound) | ||
} | ||
|
||
// manipulate url to add the secret. If secret is already in the url, it should be overridden | ||
// https://username:[email protected] | ||
parsedUrl, err := url.Parse(*importUrl) | ||
|
||
if err != nil { | ||
return managed.ExternalCreation{}, errors.Wrap(err, errParseUrlFailed) | ||
} | ||
|
||
userInfo := url.UserPassword(username, password) | ||
|
||
parsedUrl.User = userInfo | ||
|
||
// Override importUrl with the manipulated URL containing the credentials found in ImportSecretRef. | ||
*importUrl = parsedUrl.String() | ||
} | ||
|
||
prj, _, err := e.client.CreateProject( | ||
projects.GenerateCreateProjectOptions(cr.Name, &cr.Spec.ForProvider), | ||
gitlab.WithContext(ctx), | ||
|