Skip to content

Commit

Permalink
feat: support labels and annotations for secrets
Browse files Browse the repository at this point in the history
Added the ability to define labels and annotations for secrets created or managed by requests. This enhancement allows users to specify metadata directly in the secretInjectionConfigs field, simplifying secret management and reducing external resource dependencies.

Signed-off-by: Ariel Septon <[email protected]>
  • Loading branch information
Ariel Septon authored and Ariel Septon committed Nov 29, 2024
1 parent 6ebb631 commit 04fe7ac
Show file tree
Hide file tree
Showing 20 changed files with 1,162 additions and 243 deletions.
16 changes: 16 additions & 0 deletions apis/common/common.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
/*
Copyright 2023 The Crossplane Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

// Package common contains shared types that are used in multiple CRDs.
// +kubebuilder:object:generate=true
package common
51 changes: 51 additions & 0 deletions apis/common/secrets_injections.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
package common

// SecretRef contains the name and namespace of a Kubernetes secret.
type SecretRef struct {
// Name is the name of the Kubernetes secret.
Name string `json:"name"`

// Namespace is the namespace of the Kubernetes secret.
Namespace string `json:"namespace"`
}

// SecretInjectionConfig represents the configuration for injecting secret data into a Kubernetes secret.
type SecretInjectionConfig struct {
// SecretRef contains the name and namespace of the Kubernetes secret where the data will be injected.
SecretRef SecretRef `json:"secretRef"`

// SecretKey is the key within the Kubernetes secret where the data will be injected.
// Deprecated: Use KeyMappings for injecting single or multiple keys.
SecretKey string `json:"secretKey,omitempty"`

// ResponsePath is a jq filter expression representing the path in the response where the secret value will be extracted from.
// Deprecated: Use KeyMappings for injecting single or multiple keys.
ResponsePath string `json:"responsePath,omitempty"`

// KeyMappings allows injecting data into single or multiple keys within the same Kubernetes secret.
KeyMappings []KeyInjection `json:"keyMappings,omitempty"`

// Metadata contains labels and annotations to apply to the Kubernetes secret.
Metadata Metadata `json:"metadata,omitempty"`

// SetOwnerReference determines whether to set the owner reference on the Kubernetes secret.
SetOwnerReference bool `json:"setOwnerReference,omitempty"`
}

// KeyInjection represents the configuration for injecting data into a specific key in a Kubernetes secret.
type KeyInjection struct {
// SecretKey is the key within the Kubernetes secret where the data will be injected.
SecretKey string `json:"secretKey"`

// ResponseJQ is a jq filter expression representing the path in the response where the secret value will be extracted from.
ResponseJQ string `json:"responseJQ"`
}

// Metadata contains labels and annotations to apply to a Kubernetes secret.
type Metadata struct {
// Labels contains key-value pairs to apply as labels to the Kubernetes secret.
Labels map[string]string `json:"labels,omitempty"`

// Annotations contains key-value pairs to apply as annotations to the Kubernetes secret.
Annotations map[string]string `json:"annotations,omitempty"`
}
104 changes: 104 additions & 0 deletions apis/common/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

27 changes: 2 additions & 25 deletions apis/disposablerequest/v1alpha2/disposablerequest_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime/schema"

"github.com/crossplane-contrib/provider-http/apis/common"
xpv1 "github.com/crossplane/crossplane-runtime/apis/common/v1"
)

Expand Down Expand Up @@ -57,7 +58,7 @@ type DisposableRequestParameters struct {
ShouldLoopInfinitely bool `json:"shouldLoopInfinitely,omitempty"`

// SecretInjectionConfig specifies the secrets receiving patches from response data.
SecretInjectionConfigs []SecretInjectionConfig `json:"secretInjectionConfigs,omitempty"`
SecretInjectionConfigs []common.SecretInjectionConfig `json:"secretInjectionConfigs,omitempty"`
}

// A DisposableRequestSpec defines the desired state of a DisposableRequest.
Expand All @@ -66,30 +67,6 @@ type DisposableRequestSpec struct {
ForProvider DisposableRequestParameters `json:"forProvider"`
}

// SecretInjectionConfig represents the configuration for injecting secret data into a Kubernetes secret.
type SecretInjectionConfig struct {
// SecretRef contains the name and namespace of the Kubernetes secret where the data will be injected.
SecretRef SecretRef `json:"secretRef"`

// SecretKey is the key within the Kubernetes secret where the data will be injected.
SecretKey string `json:"secretKey"`

// ResponsePath is is a jq filter expression represents the path in the response where the secret value will be extracted from.
ResponsePath string `json:"responsePath"`

// SetOwnerReference determines whether to set the owner reference on the Kubernetes secret.
SetOwnerReference bool `json:"setOwnerReference,omitempty"`
}

// SecretRef contains the name and namespace of a Kubernetes secret.
type SecretRef struct {
// Name is the name of the Kubernetes secret.
Name string `json:"name"`

// Namespace is the namespace of the Kubernetes secret.
Namespace string `json:"namespace"`
}

type Response struct {
StatusCode int `json:"statusCode,omitempty"`
Body string `json:"body,omitempty"`
Expand Down
38 changes: 5 additions & 33 deletions apis/disposablerequest/v1alpha2/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

27 changes: 2 additions & 25 deletions apis/request/v1alpha2/request_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime/schema"

"github.com/crossplane-contrib/provider-http/apis/common"
xpv1 "github.com/crossplane/crossplane-runtime/apis/common/v1"
)

Expand Down Expand Up @@ -55,7 +56,7 @@ type RequestParameters struct {
InsecureSkipTLSVerify bool `json:"insecureSkipTLSVerify,omitempty"`

// SecretInjectionConfig specifies the secrets receiving patches for response data.
SecretInjectionConfigs []SecretInjectionConfig `json:"secretInjectionConfigs,omitempty"`
SecretInjectionConfigs []common.SecretInjectionConfig `json:"secretInjectionConfigs,omitempty"`

// ExpectedResponseCheck specifies the mechanism to validate the OBSERVE response against expected value.
ExpectedResponseCheck ExpectedResponseCheck `json:"expectedResponseCheck,omitempty"`
Expand Down Expand Up @@ -107,30 +108,6 @@ type RequestSpec struct {
ForProvider RequestParameters `json:"forProvider"`
}

// SecretInjectionConfig represents the configuration for injecting secret data into a Kubernetes secret.
type SecretInjectionConfig struct {
// SecretRef contains the name and namespace of the Kubernetes secret where the data will be injected.
SecretRef SecretRef `json:"secretRef"`

// SecretKey is the key within the Kubernetes secret where the data will be injected.
SecretKey string `json:"secretKey"`

// ResponsePath is is a jq filter expression represents the path in the response where the secret value will be extracted from.
ResponsePath string `json:"responsePath"`

// SetOwnerReference determines whether to set the owner reference on the Kubernetes secret.
SetOwnerReference bool `json:"setOwnerReference,omitempty"`
}

// SecretRef contains the name and namespace of a Kubernetes secret.
type SecretRef struct {
// Name is the name of the Kubernetes secret.
Name string `json:"name"`

// Namespace is the namespace of the Kubernetes secret.
Namespace string `json:"namespace"`
}

// RequestObservation are the observable fields of a Request.
type Response struct {
StatusCode int `json:"statusCode,omitempty"`
Expand Down
38 changes: 5 additions & 33 deletions apis/request/v1alpha2/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 04fe7ac

Please sign in to comment.