-
Notifications
You must be signed in to change notification settings - Fork 15
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: support labels and annotations for secrets
Added the ability to define labels and annotations for secrets created or managed by requests. This enhancement allows users to specify metadata directly in the secretInjectionConfigs field, simplifying secret management and reducing external resource dependencies. Signed-off-by: Ariel Septon <[email protected]>
- Loading branch information
Ariel Septon
authored and
Ariel Septon
committed
Nov 29, 2024
1 parent
6ebb631
commit 04fe7ac
Showing
20 changed files
with
1,162 additions
and
243 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
/* | ||
Copyright 2023 The Crossplane Authors. | ||
Licensed under the Apache License, Version 2.0 (the "License"); | ||
you may not use this file except in compliance with the License. | ||
You may obtain a copy of the License at | ||
http://www.apache.org/licenses/LICENSE-2.0 | ||
Unless required by applicable law or agreed to in writing, software | ||
distributed under the License is distributed on an "AS IS" BASIS, | ||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
See the License for the specific language governing permissions and | ||
limitations under the License. | ||
*/ | ||
|
||
// Package common contains shared types that are used in multiple CRDs. | ||
// +kubebuilder:object:generate=true | ||
package common |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
package common | ||
|
||
// SecretRef contains the name and namespace of a Kubernetes secret. | ||
type SecretRef struct { | ||
// Name is the name of the Kubernetes secret. | ||
Name string `json:"name"` | ||
|
||
// Namespace is the namespace of the Kubernetes secret. | ||
Namespace string `json:"namespace"` | ||
} | ||
|
||
// SecretInjectionConfig represents the configuration for injecting secret data into a Kubernetes secret. | ||
type SecretInjectionConfig struct { | ||
// SecretRef contains the name and namespace of the Kubernetes secret where the data will be injected. | ||
SecretRef SecretRef `json:"secretRef"` | ||
|
||
// SecretKey is the key within the Kubernetes secret where the data will be injected. | ||
// Deprecated: Use KeyMappings for injecting single or multiple keys. | ||
SecretKey string `json:"secretKey,omitempty"` | ||
|
||
// ResponsePath is a jq filter expression representing the path in the response where the secret value will be extracted from. | ||
// Deprecated: Use KeyMappings for injecting single or multiple keys. | ||
ResponsePath string `json:"responsePath,omitempty"` | ||
|
||
// KeyMappings allows injecting data into single or multiple keys within the same Kubernetes secret. | ||
KeyMappings []KeyInjection `json:"keyMappings,omitempty"` | ||
|
||
// Metadata contains labels and annotations to apply to the Kubernetes secret. | ||
Metadata Metadata `json:"metadata,omitempty"` | ||
|
||
// SetOwnerReference determines whether to set the owner reference on the Kubernetes secret. | ||
SetOwnerReference bool `json:"setOwnerReference,omitempty"` | ||
} | ||
|
||
// KeyInjection represents the configuration for injecting data into a specific key in a Kubernetes secret. | ||
type KeyInjection struct { | ||
// SecretKey is the key within the Kubernetes secret where the data will be injected. | ||
SecretKey string `json:"secretKey"` | ||
|
||
// ResponseJQ is a jq filter expression representing the path in the response where the secret value will be extracted from. | ||
ResponseJQ string `json:"responseJQ"` | ||
} | ||
|
||
// Metadata contains labels and annotations to apply to a Kubernetes secret. | ||
type Metadata struct { | ||
// Labels contains key-value pairs to apply as labels to the Kubernetes secret. | ||
Labels map[string]string `json:"labels,omitempty"` | ||
|
||
// Annotations contains key-value pairs to apply as annotations to the Kubernetes secret. | ||
Annotations map[string]string `json:"annotations,omitempty"` | ||
} |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Oops, something went wrong.