1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00

convert to multi-api

This commit is contained in:
Kellin McAvoy 2020-12-29 12:25:08 -05:00
parent 6ac4860f23
commit 2e0a6effbe
25 changed files with 260 additions and 92 deletions

View file

@ -1,4 +1,5 @@
domain: io
multigroup: true
repo: github.com/external-secrets/external-secrets
resources:
- group: external-secrets

View file

@ -1,42 +0,0 @@
/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Package v1alpha1 contains API Schema definitions for the external-secrets v1alpha1 API group
// +kubebuilder:object:generate=true
// +groupName=external-secrets.io
package v1alpha1
import (
"reflect"
"k8s.io/apimachinery/pkg/runtime/schema"
"sigs.k8s.io/controller-runtime/pkg/scheme"
)
var (
// GroupVersion is group version used to register these objects.
GroupVersion = schema.GroupVersion{Group: "external-secrets.io", Version: "v1alpha1"}
// SchemeBuilder is used to add go types to the GroupVersionKind scheme.
SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}
// AddToScheme adds the types in this group-version to the given scheme.
AddToScheme = SchemeBuilder.AddToScheme
)
// SecretStore type metadata.
var (
SecretStoreKind = reflect.TypeOf(SecretStore{}).Name()
SecretStoreKindAPIVersion = SecretStoreKind + "." + GroupVersion.String()
)

18
apis/doc.go Normal file
View file

@ -0,0 +1,18 @@
/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
//
// +domain=external-secrets.io
package apis

View file

@ -0,0 +1,17 @@
/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// +groupName=external-secrets.io
package externalsecrets

View file

@ -12,13 +12,8 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
// Package v1alpha1 contains resources for external-secrets
// +kubebuilder:object:generate=true
// +groupName=external-secrets.io
// +versionName=v1alpha1
package v1alpha1
// Refers to a Secret in Kubernetes.
type SecretKeySelector struct {
Name string `json:"name"`
Key string `json:"key"`
// +optional
Namespace *string `json:"namespace,omitempty"`
}

View file

@ -191,7 +191,3 @@ type ExternalSecretList struct {
metav1.ListMeta `json:"metadata,omitempty"`
Items []ExternalSecret `json:"items"`
}
func init() {
SchemeBuilder.Register(&ExternalSecret{}, &ExternalSecretList{})
}

View file

@ -0,0 +1,58 @@
/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package v1alpha1
import (
"reflect"
"k8s.io/apimachinery/pkg/runtime/schema"
"sigs.k8s.io/controller-runtime/pkg/scheme"
)
// Package type metadata.
const (
Group = "external-secrets.io"
Version = "v1alpha1"
)
var (
// SchemeGroupVersion is group version used to register these objects.
SchemeGroupVersion = schema.GroupVersion{Group: Group, Version: Version}
// SchemeBuilder is used to add go types to the GroupVersionKind scheme.
SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}
AddToScheme = SchemeBuilder.AddToScheme
)
// ExternalSecret type metadata.
var (
ExtSecretKind = reflect.TypeOf(ExternalSecret{}).Name()
ExtSecretGroupKind = schema.GroupKind{Group: Group, Kind: ExtSecretKind}.String()
ExtSecretKindAPIVersion = ExtSecretKind + "." + SchemeGroupVersion.String()
ExtSecretGroupVersionKind = SchemeGroupVersion.WithKind(ExtSecretKind)
)
// SecretStore type metadata.
var (
SecretStoreKind = reflect.TypeOf(SecretStore{}).Name()
SecretStoreGroupKind = schema.GroupKind{Group: Group, Kind: SecretStoreKind}.String()
SecretStoreKindAPIVersion = SecretStoreKind + "." + SchemeGroupVersion.String()
SecretStoreGroupVersionKind = SchemeGroupVersion.WithKind(SecretStoreKind)
)
func init() {
SchemeBuilder.Register(&ExternalSecret{}, &ExternalSecretList{})
SchemeBuilder.Register(&SecretStore{}, &SecretStoreList{})
}

View file

@ -14,6 +14,10 @@ limitations under the License.
package v1alpha1
import (
esmeta "github.com/external-secrets/external-secrets/apis/meta/v1"
)
type AWSSMAuth struct {
SecretRef AWSSMAuthSecretRef `json:"secretRef"`
}
@ -21,11 +25,11 @@ type AWSSMAuth struct {
type AWSSMAuthSecretRef struct {
// The AccessKeyID is used for authentication
// +optional
AccessKeyID SecretKeySelector `json:"accessKeyIDSecretRef,omitempty"`
AccessKeyID esmeta.SecretKeySelector `json:"accessKeyIDSecretRef,omitempty"`
// The SecretAccessKey is used for authentication
// +optional
SecretAccessKey SecretKeySelector `json:"secretAccessKeySecretRef,omitempty"`
SecretAccessKey esmeta.SecretKeySelector `json:"secretAccessKeySecretRef,omitempty"`
}
// Configures a store to sync secrets using the AWS Secret Manager provider.

View file

@ -105,7 +105,3 @@ type SecretStoreList struct {
metav1.ListMeta `json:"metadata,omitempty"`
Items []SecretStore `json:"items"`
}
func init() {
SchemeBuilder.Register(&SecretStore{}, &SecretStoreList{})
}

View file

@ -287,26 +287,6 @@ func (in *ExternalSecretTemplateMetadata) DeepCopy() *ExternalSecretTemplateMeta
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *SecretKeySelector) DeepCopyInto(out *SecretKeySelector) {
*out = *in
if in.Namespace != nil {
in, out := &in.Namespace, &out.Namespace
*out = new(string)
**out = **in
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretKeySelector.
func (in *SecretKeySelector) DeepCopy() *SecretKeySelector {
if in == nil {
return nil
}
out := new(SecretKeySelector)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *SecretStore) DeepCopyInto(out *SecretStore) {
*out = *in

16
apis/meta/doc.go Normal file
View file

@ -0,0 +1,16 @@
/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Package meta contains meta types for external-secret APIs.
package meta

17
apis/meta/v1/doc.go Normal file
View file

@ -0,0 +1,17 @@
/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Package meta contains meta types for external-secrets APIs
// +kubebuilder:object:generate=true
package v1

37
apis/meta/v1/types.go Normal file
View file

@ -0,0 +1,37 @@
/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package v1
// A reference to an object in the same namespace as the referent.
type LocalObjectReference struct {
// Name of the resource being referred to.
// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
Name string `json:"name"`
}
// A reference to a specific 'key' within a Secret resource,
// In some instances, `key` is a required field.
type SecretKeySelector struct {
// The name of the Secret resource being referred to.
LocalObjectReference `json:",inline"`
// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
// to the namespace of the referent.
// +optional
Namespace *string `json:"namespace,omitempty"`
// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
// defaulted, in others it may be required.
// +optional
Key string `json:"key,omitempty"`
}

View file

@ -0,0 +1,57 @@
// +build !ignore_autogenerated
/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by controller-gen. DO NOT EDIT.
package v1
import ()
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *LocalObjectReference) DeepCopyInto(out *LocalObjectReference) {
*out = *in
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalObjectReference.
func (in *LocalObjectReference) DeepCopy() *LocalObjectReference {
if in == nil {
return nil
}
out := new(LocalObjectReference)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *SecretKeySelector) DeepCopyInto(out *SecretKeySelector) {
*out = *in
out.LocalObjectReference = in.LocalObjectReference
if in.Namespace != nil {
in, out := &in.Namespace, &out.Namespace
*out = new(string)
**out = **in
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretKeySelector.
func (in *SecretKeySelector) DeepCopy() *SecretKeySelector {
if in == nil {
return nil
}
out := new(SecretKeySelector)
in.DeepCopyInto(out)
return out
}

View file

@ -61,26 +61,44 @@ spec:
description: The AccessKeyID is used for authentication
properties:
key:
description: The key of the entry in the Secret
resource's `data` field to be used. Some instances
of this field may be defaulted, in others it
may be required.
type: string
name:
description: 'Name of the resource being referred
to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: Namespace of the resource being referred
to. Ignored if referent is not cluster-scoped.
cluster-scoped defaults to the namespace of
the referent.
type: string
required:
- key
- name
type: object
secretAccessKeySecretRef:
description: The SecretAccessKey is used for authentication
properties:
key:
description: The key of the entry in the Secret
resource's `data` field to be used. Some instances
of this field may be defaulted, in others it
may be required.
type: string
name:
description: 'Name of the resource being referred
to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: Namespace of the resource being referred
to. Ignored if referent is not cluster-scoped.
cluster-scoped defaults to the namespace of
the referent.
type: string
required:
- key
- name
type: object
type: object

View file

@ -22,7 +22,7 @@ import (
ctrl "sigs.k8s.io/controller-runtime"
"sigs.k8s.io/controller-runtime/pkg/client"
externalsecretsv1alpha1 "github.com/external-secrets/external-secrets/api/v1alpha1"
externalsecretsv1alpha1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1alpha1"
)
// ExternalSecretReconciler reconciles a ExternalSecret object.

View file

@ -22,7 +22,7 @@ import (
ctrl "sigs.k8s.io/controller-runtime"
"sigs.k8s.io/controller-runtime/pkg/client"
externalsecretsv1alpha1 "github.com/external-secrets/external-secrets/api/v1alpha1"
externalsecretsv1alpha1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1alpha1"
)
// SecretStoreReconciler reconciles a SecretStore object.

View file

@ -28,7 +28,7 @@ import (
logf "sigs.k8s.io/controller-runtime/pkg/log"
"sigs.k8s.io/controller-runtime/pkg/log/zap"
externalsecretsv1alpha1 "github.com/external-secrets/external-secrets/api/v1alpha1"
externalsecretsv1alpha1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1alpha1"
)
// These tests use Ginkgo (BDD-style Go testing framework). Refer to

View file

@ -25,7 +25,7 @@ import (
"sigs.k8s.io/controller-runtime/pkg/log/zap"
// +kubebuilder:scaffold:imports
externalsecretsv1alpha1 "github.com/external-secrets/external-secrets/api/v1alpha1"
externalsecretsv1alpha1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1alpha1"
"github.com/external-secrets/external-secrets/controllers"
)

View file

@ -18,7 +18,7 @@ import (
"sigs.k8s.io/controller-runtime/pkg/client"
esv1alpha1 "github.com/external-secrets/external-secrets/api/v1alpha1"
esv1alpha1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1alpha1"
"github.com/external-secrets/external-secrets/pkg/provider"
"github.com/external-secrets/external-secrets/pkg/provider/schema"
)

View file

@ -19,7 +19,7 @@ import (
"sigs.k8s.io/controller-runtime/pkg/client"
esv1alpha1 "github.com/external-secrets/external-secrets/api/v1alpha1"
esv1alpha1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1alpha1"
"github.com/external-secrets/external-secrets/pkg/provider"
"github.com/external-secrets/external-secrets/pkg/provider/schema"
)

View file

@ -19,7 +19,7 @@ import (
"sigs.k8s.io/controller-runtime/pkg/client"
esv1alpha1 "github.com/external-secrets/external-secrets/api/v1alpha1"
esv1alpha1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1alpha1"
)
// Provider is a common interface for interacting with secret backends.

View file

@ -19,7 +19,7 @@ import (
"fmt"
"sync"
esv1alpha1 "github.com/external-secrets/external-secrets/api/v1alpha1"
esv1alpha1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1alpha1"
"github.com/external-secrets/external-secrets/pkg/provider"
)

View file

@ -20,7 +20,7 @@ import (
"github.com/stretchr/testify/assert"
"sigs.k8s.io/controller-runtime/pkg/client"
esv1alpha1 "github.com/external-secrets/external-secrets/api/v1alpha1"
esv1alpha1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1alpha1"
"github.com/external-secrets/external-secrets/pkg/provider"
)