mirror of
https://github.com/external-secrets/external-secrets.git
synced 2024-12-14 11:57:59 +00:00
fix: issues with generators (#4163)
* fix: issues with generators Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com> * fix generator RBAC permissions for controller Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com> * fix docs for UUID generator Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com> * update tilt to 0.33.10 Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com> * explicitly specify generator RBAC roles Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com> * update helm test with new entries Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com> Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
This commit is contained in:
Mathew Wicks
GitHub
parent
1be7daedbc
commit
0656bf33c5
40 changed files with 1916 additions and 640 deletions
2
Makefile
2
Makefile
|
|
@ -334,7 +334,7 @@ GOLANGCI_LINT ?= $(LOCALBIN)/golangci-lint
|
|||
## Tool Versions
|
||||
GOLANGCI_VERSION := 1.61.0
|
||||
KUBERNETES_VERSION := 1.30.x
|
||||
TILT_VERSION := 0.33.10
|
||||
TILT_VERSION := 0.33.21
|
||||
|
||||
.PHONY: envtest
|
||||
envtest: $(ENVTEST) ## Download envtest-setup locally if necessary.
|
||||
|
|
|
|||
|
|
@ -391,6 +391,7 @@ type ExternalSecretSpec struct {
|
|||
// from which the secret will be pulled from.
|
||||
// You can define at maximum one property.
|
||||
// +kubebuilder:validation:MaxProperties=1
|
||||
// +kubebuilder:validation:MinProperties=1
|
||||
type StoreSourceRef struct {
|
||||
// +optional
|
||||
SecretStoreRef SecretStoreRef `json:"storeRef,omitempty"`
|
||||
|
|
@ -406,6 +407,7 @@ type StoreSourceRef struct {
|
|||
// from which the secret will be pulled from.
|
||||
// You can define at maximum one property.
|
||||
// +kubebuilder:validation:MaxProperties=1
|
||||
// +kubebuilder:validation:MinProperties=1
|
||||
type StoreGeneratorSourceRef struct {
|
||||
// +optional
|
||||
SecretStoreRef *SecretStoreRef `json:"storeRef,omitempty"`
|
||||
|
|
@ -420,7 +422,9 @@ type GeneratorRef struct {
|
|||
// Specify the apiVersion of the generator resource
|
||||
// +kubebuilder:default="generators.external-secrets.io/v1alpha1"
|
||||
APIVersion string `json:"apiVersion,omitempty"`
|
||||
// Specify the Kind of the resource, e.g. Password, ACRAccessToken, ClusterGenerator etc.
|
||||
|
||||
// Specify the Kind of the generator resource
|
||||
// +kubebuilder:validation:Enum=ACRAccessToken;ClusterGenerator;ECRAuthorizationToken;Fake;GCRAccessToken;GithubAccessToken;Password;STSSessionToken;UUID;VaultDynamicSecret;Webhook
|
||||
Kind string `json:"kind"`
|
||||
|
||||
// Specify the name of the generator resource
|
||||
|
|
|
|||
|
|
@ -25,6 +25,8 @@ import (
|
|||
// +kubebuilder:object:generate:false
|
||||
// +k8s:deepcopy-gen:interfaces=nil
|
||||
// +k8s:deepcopy-gen=nil
|
||||
|
||||
// Generator is the common interface for all generators that is actually used to generate whatever is needed.
|
||||
type Generator interface {
|
||||
Generate(
|
||||
ctx context.Context,
|
||||
|
|
@ -14,69 +14,8 @@ limitations under the License.
|
|||
|
||||
package v1alpha1
|
||||
|
||||
import (
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
)
|
||||
|
||||
// A couple of constants to define the generator's keys for accessing via Resource map values.
|
||||
const (
|
||||
GeneratorGeneratorKey = "generator"
|
||||
GeneratorKindKey = "kind"
|
||||
GeneratorSpecKey = "spec"
|
||||
)
|
||||
|
||||
type ControllerClassResource struct {
|
||||
Spec struct {
|
||||
ControllerClass string `json:"controller"`
|
||||
} `json:"spec"`
|
||||
}
|
||||
|
||||
type GeneratorSpec struct {
|
||||
// NOTE: when adding new supported generators, make sure to also update
|
||||
// clusterGeneratorToVirtual() function in pkg/utils/resolvers/generator.go
|
||||
// so they can be unpacked correctly.
|
||||
|
||||
ACRAccessTokenSpec *ACRAccessTokenSpec `json:"acrAccessTokenSpec,omitempty"`
|
||||
ECRAuthorizationTokenSpec *ECRAuthorizationTokenSpec `json:"ecrRAuthorizationTokenSpec,omitempty"`
|
||||
FakeSpec *FakeSpec `json:"fakeSpec,omitempty"`
|
||||
GCRAccessTokenSpec *GCRAccessTokenSpec `json:"gcrAccessTokenSpec,omitempty"`
|
||||
GithubAccessTokenSpec *GithubAccessTokenSpec `json:"githubAccessTokenSpec,omitempty"`
|
||||
PasswordSpec *PasswordSpec `json:"passwordSpec,omitempty"`
|
||||
STSSessionTokenSpec *STSSessionTokenSpec `json:"stsSessionTokenSpec,omitempty"`
|
||||
UUIDSpec *UUIDSpec `json:"uuidSpec,omitempty"`
|
||||
VaultDynamicSecretSpec *VaultDynamicSecretSpec `json:"vaultDynamicSecretSpec,omitempty"`
|
||||
WebhookSpec *WebhookSpec `json:"webhookSpec,omitempty"`
|
||||
}
|
||||
|
||||
type ClusterGeneratorSpec struct {
|
||||
Kind string `json:"kind"`
|
||||
Generator GeneratorSpec `json:"generator"`
|
||||
}
|
||||
|
||||
type ClusterGeneratorStatus struct{}
|
||||
|
||||
// +kubebuilder:object:root=true
|
||||
// +kubebuilder:storageversion
|
||||
|
||||
// ClusterGenerator represents a cluster-wide generator which can be referenced as part of `generatorRef` fields.
|
||||
// +kubebuilder:object:root=true
|
||||
// +kubebuilder:storageversion
|
||||
// +kubebuilder:subresource:status
|
||||
// +kubebuilder:metadata:labels="external-secrets.io/component=controller"
|
||||
// +kubebuilder:resource:scope=Cluster,categories={external-secrets, external-secrets-generators},shortName=cg
|
||||
type ClusterGenerator struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||
|
||||
Spec ClusterGeneratorSpec `json:"spec,omitempty"`
|
||||
Status ClusterGeneratorStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +kubebuilder:object:root=true
|
||||
|
||||
// ClusterGeneratorList contains a list of ClusterGenerator resources.
|
||||
type ClusterGeneratorList struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ListMeta `json:"metadata,omitempty"`
|
||||
Items []ClusterGenerator `json:"items"`
|
||||
}
|
||||
|
|
|
|||
|
|
@ -125,13 +125,30 @@ var (
|
|||
)
|
||||
|
||||
func init() {
|
||||
/*
|
||||
===============================================================================
|
||||
NOTE: when adding support for new kinds of generators:
|
||||
1. register the struct types in `SchemeBuilder` (right below this note)
|
||||
2. update the `kubebuilder:validation:Enum` annotation for GeneratorRef.Kind (apis/externalsecrets/v1beta1/externalsecret_types.go)
|
||||
3. add it to the imports of (pkg/generator/register/register.go)
|
||||
4. add it to the ClusterRole called "*-controller" (deploy/charts/external-secrets/templates/rbac.yaml)
|
||||
5. support it in ClusterGenerator:
|
||||
- add a new GeneratorKind enum value (apis/generators/v1alpha1/types_cluster.go)
|
||||
- update the `kubebuilder:validation:Enum` annotation for the GeneratorKind enum
|
||||
- add a spec field to GeneratorSpec (apis/generators/v1alpha1/types_cluster.go)
|
||||
- update the clusterGeneratorToVirtual() function (pkg/utils/resolvers/generator.go)
|
||||
===============================================================================
|
||||
*/
|
||||
|
||||
SchemeBuilder.Register(&ACRAccessToken{}, &ACRAccessTokenList{})
|
||||
SchemeBuilder.Register(&ClusterGenerator{}, &ClusterGeneratorList{})
|
||||
SchemeBuilder.Register(&ECRAuthorizationToken{}, &ECRAuthorizationTokenList{})
|
||||
SchemeBuilder.Register(&Fake{}, &FakeList{})
|
||||
SchemeBuilder.Register(&GCRAccessToken{}, &GCRAccessTokenList{})
|
||||
SchemeBuilder.Register(&GithubAccessToken{}, &GithubAccessTokenList{})
|
||||
SchemeBuilder.Register(&ACRAccessToken{}, &ACRAccessTokenList{})
|
||||
SchemeBuilder.Register(&Fake{}, &FakeList{})
|
||||
SchemeBuilder.Register(&VaultDynamicSecret{}, &VaultDynamicSecretList{})
|
||||
SchemeBuilder.Register(&Password{}, &PasswordList{})
|
||||
SchemeBuilder.Register(&STSSessionToken{}, &STSSessionTokenList{})
|
||||
SchemeBuilder.Register(&UUID{}, &UUIDList{})
|
||||
SchemeBuilder.Register(&VaultDynamicSecret{}, &VaultDynamicSecretList{})
|
||||
SchemeBuilder.Register(&Webhook{}, &WebhookList{})
|
||||
SchemeBuilder.Register(&ClusterGenerator{}, &ClusterGeneratorList{})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -105,7 +105,7 @@ type AzureACRServicePrincipalAuthSecretRef struct {
|
|||
// +kubebuilder:storageversion
|
||||
// +kubebuilder:subresource:status
|
||||
// +kubebuilder:metadata:labels="external-secrets.io/component=controller"
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators},shortName=acraccesstoken
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators}
|
||||
type ACRAccessToken struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||
81
apis/generators/v1alpha1/types_cluster.go
Normal file
81
apis/generators/v1alpha1/types_cluster.go
Normal file
|
|
@ -0,0 +1,81 @@
|
|||
/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
package v1alpha1
|
||||
|
||||
import (
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
)
|
||||
|
||||
type ClusterGeneratorSpec struct {
|
||||
// Kind the kind of this generator.
|
||||
Kind GeneratorKind `json:"kind"`
|
||||
|
||||
// Generator the spec for this generator, must match the kind.
|
||||
Generator GeneratorSpec `json:"generator"`
|
||||
}
|
||||
|
||||
// GeneratorKind represents a kind of generator.
|
||||
// +kubebuilder:validation:Enum=ACRAccessToken;ECRAuthorizationToken;Fake;GCRAccessToken;GithubAccessToken;Password;STSSessionToken;UUID;VaultDynamicSecret;Webhook
|
||||
type GeneratorKind string
|
||||
|
||||
const (
|
||||
GeneratorKindACRAccessToken GeneratorKind = "ACRAccessToken"
|
||||
GeneratorKindECRAuthorizationToken GeneratorKind = "ECRAuthorizationToken"
|
||||
GeneratorKindFake GeneratorKind = "Fake"
|
||||
GeneratorKindGCRAccessToken GeneratorKind = "GCRAccessToken"
|
||||
GeneratorKindGithubAccessToken GeneratorKind = "GithubAccessToken"
|
||||
GeneratorKindPassword GeneratorKind = "Password"
|
||||
GeneratorKindSTSSessionToken GeneratorKind = "STSSessionToken"
|
||||
GeneratorKindUUID GeneratorKind = "UUID"
|
||||
GeneratorKindVaultDynamicSecret GeneratorKind = "VaultDynamicSecret"
|
||||
GeneratorKindWebhook GeneratorKind = "Webhook"
|
||||
)
|
||||
|
||||
// +kubebuilder:validation:MaxProperties=1
|
||||
// +kubebuilder:validation:MinProperties=1
|
||||
type GeneratorSpec struct {
|
||||
ACRAccessTokenSpec *ACRAccessTokenSpec `json:"acrAccessTokenSpec,omitempty"`
|
||||
ECRAuthorizationTokenSpec *ECRAuthorizationTokenSpec `json:"ecrRAuthorizationTokenSpec,omitempty"`
|
||||
FakeSpec *FakeSpec `json:"fakeSpec,omitempty"`
|
||||
GCRAccessTokenSpec *GCRAccessTokenSpec `json:"gcrAccessTokenSpec,omitempty"`
|
||||
GithubAccessTokenSpec *GithubAccessTokenSpec `json:"githubAccessTokenSpec,omitempty"`
|
||||
PasswordSpec *PasswordSpec `json:"passwordSpec,omitempty"`
|
||||
STSSessionTokenSpec *STSSessionTokenSpec `json:"stsSessionTokenSpec,omitempty"`
|
||||
UUIDSpec *UUIDSpec `json:"uuidSpec,omitempty"`
|
||||
VaultDynamicSecretSpec *VaultDynamicSecretSpec `json:"vaultDynamicSecretSpec,omitempty"`
|
||||
WebhookSpec *WebhookSpec `json:"webhookSpec,omitempty"`
|
||||
}
|
||||
|
||||
// ClusterGenerator represents a cluster-wide generator which can be referenced as part of `generatorRef` fields.
|
||||
// +kubebuilder:object:root=true
|
||||
// +kubebuilder:storageversion
|
||||
// +kubebuilder:subresource:status
|
||||
// +kubebuilder:metadata:labels="external-secrets.io/component=controller"
|
||||
// +kubebuilder:resource:scope=Cluster,categories={external-secrets, external-secrets-generators}
|
||||
type ClusterGenerator struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||
|
||||
Spec ClusterGeneratorSpec `json:"spec,omitempty"`
|
||||
}
|
||||
|
||||
// +kubebuilder:object:root=true
|
||||
|
||||
// ClusterGeneratorList contains a list of ClusterGenerator resources.
|
||||
type ClusterGeneratorList struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ListMeta `json:"metadata,omitempty"`
|
||||
Items []ClusterGenerator `json:"items"`
|
||||
}
|
||||
|
|
@ -75,7 +75,7 @@ type AWSJWTAuth struct {
|
|||
// +kubebuilder:storageversion
|
||||
// +kubebuilder:subresource:status
|
||||
// +kubebuilder:metadata:labels="external-secrets.io/component=controller"
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators},shortName=ecrauthorizationtoken
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators}
|
||||
type ECRAuthorizationToken struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||
|
|
@ -36,7 +36,7 @@ type FakeSpec struct {
|
|||
// +kubebuilder:storageversion
|
||||
// +kubebuilder:subresource:status
|
||||
// +kubebuilder:metadata:labels="external-secrets.io/component=controller"
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators},shortName=fake
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators}
|
||||
type Fake struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||
|
|
@ -53,7 +53,7 @@ type GCPWorkloadIdentity struct {
|
|||
// +kubebuilder:storageversion
|
||||
// +kubebuilder:subresource:status
|
||||
// +kubebuilder:metadata:labels="external-secrets.io/component=controller"
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators},shortName=gcraccesstoken
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators}
|
||||
type GCRAccessToken struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||
|
|
@ -47,7 +47,7 @@ type GithubSecretRef struct {
|
|||
// +kubebuilder:storageversion
|
||||
// +kubebuilder:subresource:status
|
||||
// +kubebuilder:metadata:labels="external-secrets.io/component=controller"
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators},shortName=githubaccesstoken
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators}
|
||||
type GithubAccessToken struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||
|
|
@ -53,7 +53,7 @@ type PasswordSpec struct {
|
|||
// +kubebuilder:storageversion
|
||||
// +kubebuilder:subresource:status
|
||||
// +kubebuilder:metadata:labels="external-secrets.io/component=controller"
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators},shortName=password
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators}
|
||||
type Password struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||
|
|
@ -62,7 +62,7 @@ type STSSessionTokenSpec struct {
|
|||
// +kubebuilder:storageversion
|
||||
// +kubebuilder:subresource:status
|
||||
// +kubebuilder:metadata:labels="external-secrets.io/component=controller"
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators},shortName=stssessiontoken
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators}
|
||||
type STSSessionToken struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||
|
|
@ -26,7 +26,7 @@ type UUIDSpec struct{}
|
|||
// +kubebuilder:storageversion
|
||||
// +kubebuilder:subresource:status
|
||||
// +kubebuilder:metadata:labels="external-secrets.io/component=controller"
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators},shortName=uuids
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators}
|
||||
type UUID struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||
|
|
@ -40,5 +40,5 @@ type UUID struct {
|
|||
type UUIDList struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ListMeta `json:"metadata,omitempty"`
|
||||
Items []Password `json:"items"`
|
||||
Items []UUID `json:"items"`
|
||||
}
|
||||
|
|
@ -64,7 +64,7 @@ const (
|
|||
// +kubebuilder:storageversion
|
||||
// +kubebuilder:subresource:status
|
||||
// +kubebuilder:metadata:labels="external-secrets.io/component=controller"
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators},shortName=vaultdynamicsecret
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators}
|
||||
type VaultDynamicSecret struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||
|
|
@ -129,7 +129,7 @@ type SecretKeySelector struct {
|
|||
// +kubebuilder:storageversion
|
||||
// +kubebuilder:subresource:status
|
||||
// +kubebuilder:metadata:labels="external-secrets.io/component=controller"
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators},shortName=webhookl
|
||||
// +kubebuilder:resource:scope=Namespaced,categories={external-secrets, external-secrets-generators}
|
||||
type Webhook struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||
|
|
@ -271,7 +271,6 @@ func (in *ClusterGenerator) DeepCopyInto(out *ClusterGenerator) {
|
|||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
out.Status = in.Status
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterGenerator.
|
||||
|
|
@ -340,21 +339,6 @@ func (in *ClusterGeneratorSpec) DeepCopy() *ClusterGeneratorSpec {
|
|||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ClusterGeneratorStatus) DeepCopyInto(out *ClusterGeneratorStatus) {
|
||||
*out = *in
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterGeneratorStatus.
|
||||
func (in *ClusterGeneratorStatus) DeepCopy() *ClusterGeneratorStatus {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(ClusterGeneratorStatus)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ControllerClassResource) DeepCopyInto(out *ControllerClassResource) {
|
||||
*out = *in
|
||||
|
|
@ -1084,7 +1068,7 @@ func (in *UUIDList) DeepCopyInto(out *UUIDList) {
|
|||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
in, out := &in.Items, &out.Items
|
||||
*out = make([]Password, len(*in))
|
||||
*out = make([]UUID, len(*in))
|
||||
for i := range *in {
|
||||
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||
}
|
||||
|
|
|
|||
|
|
@ -142,6 +142,7 @@ spec:
|
|||
SourceRef allows you to override the source
|
||||
from which the value will be pulled.
|
||||
maxProperties: 1
|
||||
minProperties: 1
|
||||
properties:
|
||||
generatorRef:
|
||||
description: |-
|
||||
|
|
@ -156,8 +157,19 @@ spec:
|
|||
resource
|
||||
type: string
|
||||
kind:
|
||||
description: Specify the Kind of the resource, e.g.
|
||||
Password, ACRAccessToken, ClusterGenerator etc.
|
||||
description: Specify the Kind of the generator resource
|
||||
enum:
|
||||
- ACRAccessToken
|
||||
- ClusterGenerator
|
||||
- ECRAuthorizationToken
|
||||
- Fake
|
||||
- GCRAccessToken
|
||||
- GithubAccessToken
|
||||
- Password
|
||||
- STSSessionToken
|
||||
- UUID
|
||||
- VaultDynamicSecret
|
||||
- Webhook
|
||||
type: string
|
||||
name:
|
||||
description: Specify the name of the generator resource
|
||||
|
|
@ -328,6 +340,7 @@ spec:
|
|||
When sourceRef points to a generator Extract or Find is not supported.
|
||||
The generator returns a static map of values
|
||||
maxProperties: 1
|
||||
minProperties: 1
|
||||
properties:
|
||||
generatorRef:
|
||||
description: GeneratorRef points to a generator custom
|
||||
|
|
@ -339,8 +352,19 @@ spec:
|
|||
resource
|
||||
type: string
|
||||
kind:
|
||||
description: Specify the Kind of the resource, e.g.
|
||||
Password, ACRAccessToken, ClusterGenerator etc.
|
||||
description: Specify the Kind of the generator resource
|
||||
enum:
|
||||
- ACRAccessToken
|
||||
- ClusterGenerator
|
||||
- ECRAuthorizationToken
|
||||
- Fake
|
||||
- GCRAccessToken
|
||||
- GithubAccessToken
|
||||
- Password
|
||||
- STSSessionToken
|
||||
- UUID
|
||||
- VaultDynamicSecret
|
||||
- Webhook
|
||||
type: string
|
||||
name:
|
||||
description: Specify the name of the generator resource
|
||||
|
|
|
|||
|
|
@ -432,6 +432,7 @@ spec:
|
|||
SourceRef allows you to override the source
|
||||
from which the value will be pulled.
|
||||
maxProperties: 1
|
||||
minProperties: 1
|
||||
properties:
|
||||
generatorRef:
|
||||
description: |-
|
||||
|
|
@ -446,8 +447,19 @@ spec:
|
|||
resource
|
||||
type: string
|
||||
kind:
|
||||
description: Specify the Kind of the resource, e.g.
|
||||
Password, ACRAccessToken, ClusterGenerator etc.
|
||||
description: Specify the Kind of the generator resource
|
||||
enum:
|
||||
- ACRAccessToken
|
||||
- ClusterGenerator
|
||||
- ECRAuthorizationToken
|
||||
- Fake
|
||||
- GCRAccessToken
|
||||
- GithubAccessToken
|
||||
- Password
|
||||
- STSSessionToken
|
||||
- UUID
|
||||
- VaultDynamicSecret
|
||||
- Webhook
|
||||
type: string
|
||||
name:
|
||||
description: Specify the name of the generator resource
|
||||
|
|
@ -618,6 +630,7 @@ spec:
|
|||
When sourceRef points to a generator Extract or Find is not supported.
|
||||
The generator returns a static map of values
|
||||
maxProperties: 1
|
||||
minProperties: 1
|
||||
properties:
|
||||
generatorRef:
|
||||
description: GeneratorRef points to a generator custom resource.
|
||||
|
|
@ -628,8 +641,19 @@ spec:
|
|||
resource
|
||||
type: string
|
||||
kind:
|
||||
description: Specify the Kind of the resource, e.g.
|
||||
Password, ACRAccessToken, ClusterGenerator etc.
|
||||
description: Specify the Kind of the generator resource
|
||||
enum:
|
||||
- ACRAccessToken
|
||||
- ClusterGenerator
|
||||
- ECRAuthorizationToken
|
||||
- Fake
|
||||
- GCRAccessToken
|
||||
- GithubAccessToken
|
||||
- Password
|
||||
- STSSessionToken
|
||||
- UUID
|
||||
- VaultDynamicSecret
|
||||
- Webhook
|
||||
type: string
|
||||
name:
|
||||
description: Specify the name of the generator resource
|
||||
|
|
|
|||
|
|
@ -180,8 +180,19 @@ spec:
|
|||
description: Specify the apiVersion of the generator resource
|
||||
type: string
|
||||
kind:
|
||||
description: Specify the Kind of the resource, e.g. Password,
|
||||
ACRAccessToken, ClusterGenerator etc.
|
||||
description: Specify the Kind of the generator resource
|
||||
enum:
|
||||
- ACRAccessToken
|
||||
- ClusterGenerator
|
||||
- ECRAuthorizationToken
|
||||
- Fake
|
||||
- GCRAccessToken
|
||||
- GithubAccessToken
|
||||
- Password
|
||||
- STSSessionToken
|
||||
- UUID
|
||||
- VaultDynamicSecret
|
||||
- Webhook
|
||||
type: string
|
||||
name:
|
||||
description: Specify the name of the generator resource
|
||||
|
|
|
|||
|
|
@ -15,8 +15,6 @@ spec:
|
|||
kind: ACRAccessToken
|
||||
listKind: ACRAccessTokenList
|
||||
plural: acraccesstokens
|
||||
shortNames:
|
||||
- acraccesstoken
|
||||
singular: acraccesstoken
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
|
|||
|
|
@ -15,8 +15,6 @@ spec:
|
|||
kind: ClusterGenerator
|
||||
listKind: ClusterGeneratorList
|
||||
plural: clustergenerators
|
||||
shortNames:
|
||||
- cg
|
||||
singular: clustergenerator
|
||||
scope: Cluster
|
||||
versions:
|
||||
|
|
@ -46,6 +44,10 @@ spec:
|
|||
spec:
|
||||
properties:
|
||||
generator:
|
||||
description: Generator the spec for this generator, must match the
|
||||
kind.
|
||||
maxProperties: 1
|
||||
minProperties: 1
|
||||
properties:
|
||||
acrAccessTokenSpec:
|
||||
description: |-
|
||||
|
|
@ -1676,13 +1678,23 @@ spec:
|
|||
type: object
|
||||
type: object
|
||||
kind:
|
||||
description: Kind the kind of this generator.
|
||||
enum:
|
||||
- ACRAccessToken
|
||||
- ECRAuthorizationToken
|
||||
- Fake
|
||||
- GCRAccessToken
|
||||
- GithubAccessToken
|
||||
- Password
|
||||
- STSSessionToken
|
||||
- UUID
|
||||
- VaultDynamicSecret
|
||||
- Webhook
|
||||
type: string
|
||||
required:
|
||||
- generator
|
||||
- kind
|
||||
type: object
|
||||
status:
|
||||
type: object
|
||||
type: object
|
||||
served: true
|
||||
storage: true
|
||||
|
|
|
|||
|
|
@ -15,8 +15,6 @@ spec:
|
|||
kind: ECRAuthorizationToken
|
||||
listKind: ECRAuthorizationTokenList
|
||||
plural: ecrauthorizationtokens
|
||||
shortNames:
|
||||
- ecrauthorizationtoken
|
||||
singular: ecrauthorizationtoken
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
|
|||
|
|
@ -15,8 +15,6 @@ spec:
|
|||
kind: Fake
|
||||
listKind: FakeList
|
||||
plural: fakes
|
||||
shortNames:
|
||||
- fake
|
||||
singular: fake
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
|
|||
|
|
@ -15,8 +15,6 @@ spec:
|
|||
kind: GCRAccessToken
|
||||
listKind: GCRAccessTokenList
|
||||
plural: gcraccesstokens
|
||||
shortNames:
|
||||
- gcraccesstoken
|
||||
singular: gcraccesstoken
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
|
|||
|
|
@ -15,8 +15,6 @@ spec:
|
|||
kind: GithubAccessToken
|
||||
listKind: GithubAccessTokenList
|
||||
plural: githubaccesstokens
|
||||
shortNames:
|
||||
- githubaccesstoken
|
||||
singular: githubaccesstoken
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
|
|||
|
|
@ -15,8 +15,6 @@ spec:
|
|||
kind: Password
|
||||
listKind: PasswordList
|
||||
plural: passwords
|
||||
shortNames:
|
||||
- password
|
||||
singular: password
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
|
|||
|
|
@ -15,8 +15,6 @@ spec:
|
|||
kind: STSSessionToken
|
||||
listKind: STSSessionTokenList
|
||||
plural: stssessiontokens
|
||||
shortNames:
|
||||
- stssessiontoken
|
||||
singular: stssessiontoken
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
|
|||
|
|
@ -15,8 +15,6 @@ spec:
|
|||
kind: UUID
|
||||
listKind: UUIDList
|
||||
plural: uuids
|
||||
shortNames:
|
||||
- uuids
|
||||
singular: uuid
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
|
|||
|
|
@ -15,8 +15,6 @@ spec:
|
|||
kind: VaultDynamicSecret
|
||||
listKind: VaultDynamicSecretList
|
||||
plural: vaultdynamicsecrets
|
||||
shortNames:
|
||||
- vaultdynamicsecret
|
||||
singular: vaultdynamicsecret
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
|
|||
|
|
@ -15,8 +15,6 @@ spec:
|
|||
kind: Webhook
|
||||
listKind: WebhookList
|
||||
plural: webhooks
|
||||
shortNames:
|
||||
- webhookl
|
||||
singular: webhook
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
|
|||
|
|
@ -57,6 +57,8 @@ rules:
|
|||
- "gcraccesstokens"
|
||||
- "githubaccesstokens"
|
||||
- "passwords"
|
||||
- "stssessiontokens"
|
||||
- "uuids"
|
||||
- "vaultdynamicsecrets"
|
||||
- "webhooks"
|
||||
verbs:
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
|
|
@ -133,6 +133,7 @@ spec:
|
|||
SourceRef allows you to override the source
|
||||
from which the value will be pulled.
|
||||
maxProperties: 1
|
||||
minProperties: 1
|
||||
properties:
|
||||
generatorRef:
|
||||
description: |-
|
||||
|
|
@ -146,7 +147,19 @@ spec:
|
|||
description: Specify the apiVersion of the generator resource
|
||||
type: string
|
||||
kind:
|
||||
description: Specify the Kind of the resource, e.g. Password, ACRAccessToken, ClusterGenerator etc.
|
||||
description: Specify the Kind of the generator resource
|
||||
enum:
|
||||
- ACRAccessToken
|
||||
- ClusterGenerator
|
||||
- ECRAuthorizationToken
|
||||
- Fake
|
||||
- GCRAccessToken
|
||||
- GithubAccessToken
|
||||
- Password
|
||||
- STSSessionToken
|
||||
- UUID
|
||||
- VaultDynamicSecret
|
||||
- Webhook
|
||||
type: string
|
||||
name:
|
||||
description: Specify the name of the generator resource
|
||||
|
|
@ -310,6 +323,7 @@ spec:
|
|||
When sourceRef points to a generator Extract or Find is not supported.
|
||||
The generator returns a static map of values
|
||||
maxProperties: 1
|
||||
minProperties: 1
|
||||
properties:
|
||||
generatorRef:
|
||||
description: GeneratorRef points to a generator custom resource.
|
||||
|
|
@ -319,7 +333,19 @@ spec:
|
|||
description: Specify the apiVersion of the generator resource
|
||||
type: string
|
||||
kind:
|
||||
description: Specify the Kind of the resource, e.g. Password, ACRAccessToken, ClusterGenerator etc.
|
||||
description: Specify the Kind of the generator resource
|
||||
enum:
|
||||
- ACRAccessToken
|
||||
- ClusterGenerator
|
||||
- ECRAuthorizationToken
|
||||
- Fake
|
||||
- GCRAccessToken
|
||||
- GithubAccessToken
|
||||
- Password
|
||||
- STSSessionToken
|
||||
- UUID
|
||||
- VaultDynamicSecret
|
||||
- Webhook
|
||||
type: string
|
||||
name:
|
||||
description: Specify the name of the generator resource
|
||||
|
|
@ -6891,6 +6917,7 @@ spec:
|
|||
SourceRef allows you to override the source
|
||||
from which the value will be pulled.
|
||||
maxProperties: 1
|
||||
minProperties: 1
|
||||
properties:
|
||||
generatorRef:
|
||||
description: |-
|
||||
|
|
@ -6904,7 +6931,19 @@ spec:
|
|||
description: Specify the apiVersion of the generator resource
|
||||
type: string
|
||||
kind:
|
||||
description: Specify the Kind of the resource, e.g. Password, ACRAccessToken, ClusterGenerator etc.
|
||||
description: Specify the Kind of the generator resource
|
||||
enum:
|
||||
- ACRAccessToken
|
||||
- ClusterGenerator
|
||||
- ECRAuthorizationToken
|
||||
- Fake
|
||||
- GCRAccessToken
|
||||
- GithubAccessToken
|
||||
- Password
|
||||
- STSSessionToken
|
||||
- UUID
|
||||
- VaultDynamicSecret
|
||||
- Webhook
|
||||
type: string
|
||||
name:
|
||||
description: Specify the name of the generator resource
|
||||
|
|
@ -7068,6 +7107,7 @@ spec:
|
|||
When sourceRef points to a generator Extract or Find is not supported.
|
||||
The generator returns a static map of values
|
||||
maxProperties: 1
|
||||
minProperties: 1
|
||||
properties:
|
||||
generatorRef:
|
||||
description: GeneratorRef points to a generator custom resource.
|
||||
|
|
@ -7077,7 +7117,19 @@ spec:
|
|||
description: Specify the apiVersion of the generator resource
|
||||
type: string
|
||||
kind:
|
||||
description: Specify the Kind of the resource, e.g. Password, ACRAccessToken, ClusterGenerator etc.
|
||||
description: Specify the Kind of the generator resource
|
||||
enum:
|
||||
- ACRAccessToken
|
||||
- ClusterGenerator
|
||||
- ECRAuthorizationToken
|
||||
- Fake
|
||||
- GCRAccessToken
|
||||
- GithubAccessToken
|
||||
- Password
|
||||
- STSSessionToken
|
||||
- UUID
|
||||
- VaultDynamicSecret
|
||||
- Webhook
|
||||
type: string
|
||||
name:
|
||||
description: Specify the name of the generator resource
|
||||
|
|
@ -7533,7 +7585,19 @@ spec:
|
|||
description: Specify the apiVersion of the generator resource
|
||||
type: string
|
||||
kind:
|
||||
description: Specify the Kind of the resource, e.g. Password, ACRAccessToken, ClusterGenerator etc.
|
||||
description: Specify the Kind of the generator resource
|
||||
enum:
|
||||
- ACRAccessToken
|
||||
- ClusterGenerator
|
||||
- ECRAuthorizationToken
|
||||
- Fake
|
||||
- GCRAccessToken
|
||||
- GithubAccessToken
|
||||
- Password
|
||||
- STSSessionToken
|
||||
- UUID
|
||||
- VaultDynamicSecret
|
||||
- Webhook
|
||||
type: string
|
||||
name:
|
||||
description: Specify the name of the generator resource
|
||||
|
|
@ -13573,8 +13637,6 @@ spec:
|
|||
kind: ACRAccessToken
|
||||
listKind: ACRAccessTokenList
|
||||
plural: acraccesstokens
|
||||
shortNames:
|
||||
- acraccesstoken
|
||||
singular: acraccesstoken
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
@ -13792,8 +13854,6 @@ spec:
|
|||
kind: ClusterGenerator
|
||||
listKind: ClusterGeneratorList
|
||||
plural: clustergenerators
|
||||
shortNames:
|
||||
- cg
|
||||
singular: clustergenerator
|
||||
scope: Cluster
|
||||
versions:
|
||||
|
|
@ -13822,6 +13882,9 @@ spec:
|
|||
spec:
|
||||
properties:
|
||||
generator:
|
||||
description: Generator the spec for this generator, must match the kind.
|
||||
maxProperties: 1
|
||||
minProperties: 1
|
||||
properties:
|
||||
acrAccessTokenSpec:
|
||||
description: |-
|
||||
|
|
@ -15375,13 +15438,23 @@ spec:
|
|||
type: object
|
||||
type: object
|
||||
kind:
|
||||
description: Kind the kind of this generator.
|
||||
enum:
|
||||
- ACRAccessToken
|
||||
- ECRAuthorizationToken
|
||||
- Fake
|
||||
- GCRAccessToken
|
||||
- GithubAccessToken
|
||||
- Password
|
||||
- STSSessionToken
|
||||
- UUID
|
||||
- VaultDynamicSecret
|
||||
- Webhook
|
||||
type: string
|
||||
required:
|
||||
- generator
|
||||
- kind
|
||||
type: object
|
||||
status:
|
||||
type: object
|
||||
type: object
|
||||
served: true
|
||||
storage: true
|
||||
|
|
@ -15415,8 +15488,6 @@ spec:
|
|||
kind: ECRAuthorizationToken
|
||||
listKind: ECRAuthorizationTokenList
|
||||
plural: ecrauthorizationtokens
|
||||
shortNames:
|
||||
- ecrauthorizationtoken
|
||||
singular: ecrauthorizationtoken
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
@ -15617,8 +15688,6 @@ spec:
|
|||
kind: Fake
|
||||
listKind: FakeList
|
||||
plural: fakes
|
||||
shortNames:
|
||||
- fake
|
||||
singular: fake
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
@ -15695,8 +15764,6 @@ spec:
|
|||
kind: GCRAccessToken
|
||||
listKind: GCRAccessTokenList
|
||||
plural: gcraccesstokens
|
||||
shortNames:
|
||||
- gcraccesstoken
|
||||
singular: gcraccesstoken
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
@ -15840,8 +15907,6 @@ spec:
|
|||
kind: GithubAccessToken
|
||||
listKind: GithubAccessTokenList
|
||||
plural: githubaccesstokens
|
||||
shortNames:
|
||||
- githubaccesstoken
|
||||
singular: githubaccesstoken
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
@ -15965,8 +16030,6 @@ spec:
|
|||
kind: Password
|
||||
listKind: PasswordList
|
||||
plural: passwords
|
||||
shortNames:
|
||||
- password
|
||||
singular: password
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
@ -16065,8 +16128,6 @@ spec:
|
|||
kind: STSSessionToken
|
||||
listKind: STSSessionTokenList
|
||||
plural: stssessiontokens
|
||||
shortNames:
|
||||
- stssessiontoken
|
||||
singular: stssessiontoken
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
@ -16286,8 +16347,6 @@ spec:
|
|||
kind: UUID
|
||||
listKind: UUIDList
|
||||
plural: uuids
|
||||
shortNames:
|
||||
- uuids
|
||||
singular: uuid
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
@ -16349,8 +16408,6 @@ spec:
|
|||
kind: VaultDynamicSecret
|
||||
listKind: VaultDynamicSecretList
|
||||
plural: vaultdynamicsecrets
|
||||
shortNames:
|
||||
- vaultdynamicsecret
|
||||
singular: vaultdynamicsecret
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
@ -17210,8 +17267,6 @@ spec:
|
|||
kind: Webhook
|
||||
listKind: WebhookList
|
||||
plural: webhooks
|
||||
shortNames:
|
||||
- webhookl
|
||||
singular: webhook
|
||||
scope: Namespaced
|
||||
versions:
|
||||
|
|
|
|||
|
|
@ -4584,7 +4584,7 @@ string
|
|||
</em>
|
||||
</td>
|
||||
<td>
|
||||
<p>Specify the Kind of the resource, e.g. Password, ACRAccessToken, ClusterGenerator etc.</p>
|
||||
<p>Specify the Kind of the generator resource</p>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
|
|
|
|||
|
|
@ -10,5 +10,5 @@ spec:
|
|||
- sourceRef:
|
||||
generatorRef:
|
||||
apiVersion: generators.external-secrets.io/v1alpha1
|
||||
kind: Uuid
|
||||
kind: UUID
|
||||
name: "my-uuid"
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: generators.external-secrets.io/v1alpha1
|
||||
kind: Uuid
|
||||
kind: UUID
|
||||
metadata:
|
||||
name: my-uuid
|
||||
spec: {}
|
||||
|
|
|
|||
|
|
@ -23,6 +23,8 @@ import (
|
|||
_ "github.com/external-secrets/external-secrets/pkg/generator/gcr"
|
||||
_ "github.com/external-secrets/external-secrets/pkg/generator/github"
|
||||
_ "github.com/external-secrets/external-secrets/pkg/generator/password"
|
||||
_ "github.com/external-secrets/external-secrets/pkg/generator/sts"
|
||||
_ "github.com/external-secrets/external-secrets/pkg/generator/uuid"
|
||||
_ "github.com/external-secrets/external-secrets/pkg/generator/vault"
|
||||
_ "github.com/external-secrets/external-secrets/pkg/generator/webhook"
|
||||
)
|
||||
|
|
|
|||
|
|
@ -110,5 +110,5 @@ func parseSpec(data []byte) (*genv1alpha1.STSSessionToken, error) {
|
|||
}
|
||||
|
||||
func init() {
|
||||
genv1alpha1.Register(genv1alpha1.STSSessionTokenGroupKind, &Generator{})
|
||||
genv1alpha1.Register(genv1alpha1.STSSessionTokenKind, &Generator{})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -94,7 +94,7 @@ func getGenerator(ctx context.Context, cl client.Client, scheme *runtime.Scheme,
|
|||
|
||||
// get the generator interface
|
||||
var ok bool
|
||||
generator, ok = genv1alpha1.GetGeneratorByName(clusterGenerator.Spec.Kind)
|
||||
generator, ok = genv1alpha1.GetGeneratorByName(string(clusterGenerator.Spec.Kind))
|
||||
if !ok {
|
||||
return nil, nil, reconcile.TerminalError(fmt.Errorf("ClusterGenerator has unknown kind %s", clusterGenerator.Spec.Kind))
|
||||
}
|
||||
|
|
@ -138,70 +138,70 @@ func getGenerator(ctx context.Context, cl client.Client, scheme *runtime.Scheme,
|
|||
// clusterGeneratorToVirtual converts a ClusterGenerator to a "virtual" namespaced generator that doesn't actually exist in the API.
|
||||
func clusterGeneratorToVirtual(gen *genv1alpha1.ClusterGenerator) (client.Object, error) {
|
||||
switch gen.Spec.Kind {
|
||||
case genv1alpha1.ACRAccessTokenKind:
|
||||
case genv1alpha1.GeneratorKindACRAccessToken:
|
||||
if gen.Spec.Generator.ACRAccessTokenSpec == nil {
|
||||
return nil, fmt.Errorf("when kind is %s, ACRAccessTokenSpec must be set", gen.Spec.Kind)
|
||||
}
|
||||
return &genv1alpha1.ACRAccessToken{
|
||||
Spec: *gen.Spec.Generator.ACRAccessTokenSpec,
|
||||
}, nil
|
||||
case genv1alpha1.ECRAuthorizationTokenKind:
|
||||
case genv1alpha1.GeneratorKindECRAuthorizationToken:
|
||||
if gen.Spec.Generator.ECRAuthorizationTokenSpec == nil {
|
||||
return nil, fmt.Errorf("when kind is %s, ECRAuthorizationTokenSpec must be set", gen.Spec.Kind)
|
||||
}
|
||||
return &genv1alpha1.ECRAuthorizationToken{
|
||||
Spec: *gen.Spec.Generator.ECRAuthorizationTokenSpec,
|
||||
}, nil
|
||||
case genv1alpha1.FakeKind:
|
||||
case genv1alpha1.GeneratorKindFake:
|
||||
if gen.Spec.Generator.FakeSpec == nil {
|
||||
return nil, fmt.Errorf("when kind is %s, FakeSpec must be set", gen.Spec.Kind)
|
||||
}
|
||||
return &genv1alpha1.Fake{
|
||||
Spec: *gen.Spec.Generator.FakeSpec,
|
||||
}, nil
|
||||
case genv1alpha1.GCRAccessTokenKind:
|
||||
case genv1alpha1.GeneratorKindGCRAccessToken:
|
||||
if gen.Spec.Generator.GCRAccessTokenSpec == nil {
|
||||
return nil, fmt.Errorf("when kind is %s, GCRAccessTokenSpec must be set", gen.Spec.Kind)
|
||||
}
|
||||
return &genv1alpha1.GCRAccessToken{
|
||||
Spec: *gen.Spec.Generator.GCRAccessTokenSpec,
|
||||
}, nil
|
||||
case genv1alpha1.GithubAccessTokenKind:
|
||||
case genv1alpha1.GeneratorKindGithubAccessToken:
|
||||
if gen.Spec.Generator.GithubAccessTokenSpec == nil {
|
||||
return nil, fmt.Errorf("when kind is %s, GithubAccessTokenSpec must be set", gen.Spec.Kind)
|
||||
}
|
||||
return &genv1alpha1.GithubAccessToken{
|
||||
Spec: *gen.Spec.Generator.GithubAccessTokenSpec,
|
||||
}, nil
|
||||
case genv1alpha1.PasswordKind:
|
||||
case genv1alpha1.GeneratorKindPassword:
|
||||
if gen.Spec.Generator.PasswordSpec == nil {
|
||||
return nil, fmt.Errorf("when kind is %s, PasswordSpec must be set", gen.Spec.Kind)
|
||||
}
|
||||
return &genv1alpha1.Password{
|
||||
Spec: *gen.Spec.Generator.PasswordSpec,
|
||||
}, nil
|
||||
case genv1alpha1.STSSessionTokenKind:
|
||||
case genv1alpha1.GeneratorKindSTSSessionToken:
|
||||
if gen.Spec.Generator.STSSessionTokenSpec == nil {
|
||||
return nil, fmt.Errorf("when kind is %s, STSSessionTokenSpec must be set", gen.Spec.Kind)
|
||||
}
|
||||
return &genv1alpha1.STSSessionToken{
|
||||
Spec: *gen.Spec.Generator.STSSessionTokenSpec,
|
||||
}, nil
|
||||
case genv1alpha1.UUIDKind:
|
||||
case genv1alpha1.GeneratorKindUUID:
|
||||
if gen.Spec.Generator.UUIDSpec == nil {
|
||||
return nil, fmt.Errorf("when kind is %s, UUIDSpec must be set", gen.Spec.Kind)
|
||||
}
|
||||
return &genv1alpha1.UUID{
|
||||
Spec: *gen.Spec.Generator.UUIDSpec,
|
||||
}, nil
|
||||
case genv1alpha1.VaultDynamicSecretKind:
|
||||
case genv1alpha1.GeneratorKindVaultDynamicSecret:
|
||||
if gen.Spec.Generator.VaultDynamicSecretSpec == nil {
|
||||
return nil, fmt.Errorf("when kind is %s, VaultDynamicSecretSpec must be set", gen.Spec.Kind)
|
||||
}
|
||||
return &genv1alpha1.VaultDynamicSecret{
|
||||
Spec: *gen.Spec.Generator.VaultDynamicSecretSpec,
|
||||
}, nil
|
||||
case genv1alpha1.WebhookKind:
|
||||
case genv1alpha1.GeneratorKindWebhook:
|
||||
if gen.Spec.Generator.WebhookSpec == nil {
|
||||
return nil, fmt.Errorf("when kind is %s, WebhookSpec must be set", gen.Spec.Kind)
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue