@@ -17,7 +17,8 @@ import (
1717 v1 "k8s.io/api/core/v1"
1818 "sigs.k8s.io/controller-runtime/pkg/conversion"
1919
20- storage "github.com/Azure/azure-service-operator/v2/api/appconfiguration/v1api20220501/storage"
20+ storage20220501 "github.com/Azure/azure-service-operator/v2/api/appconfiguration/v1api20220501/storage"
21+ storage20240601 "github.com/Azure/azure-service-operator/v2/api/appconfiguration/v1api20240601/storage"
2122 "github.com/Azure/azure-service-operator/v2/internal/genericarmclient"
2223 "github.com/Azure/azure-service-operator/v2/internal/set"
2324 "github.com/Azure/azure-service-operator/v2/internal/util/to"
@@ -49,54 +50,73 @@ func (ext *ConfigurationStoreExtension) ExportKubernetesSecrets(
4950 armClient * genericarmclient.GenericClient ,
5051 log logr.Logger ,
5152) (* genruntime.KubernetesSecretExportResult , error ) {
52- // This has to be the current hub storage version. It will need to be updated
53- // if the hub storage version changes.
54- typedObj , ok := obj .(* storage.ConfigurationStore )
55- if ! ok {
56- return nil , eris .Errorf ("cannot run on unknown resource type %T, expected *appconfiguration.ConfigurationStore" , obj )
53+ // Check which version we're dealing with and handle accordingly
54+ if typedObj20220501 , ok := obj .(* storage20220501.ConfigurationStore ); ok {
55+ return ext .exportKubernetesSecrets20220501 (ctx , typedObj20220501 , additionalSecrets , armClient , log )
56+ }
57+ if typedObj20240601 , ok := obj .(* storage20240601.ConfigurationStore ); ok {
58+ return ext .exportKubernetesSecrets20240601 (ctx , typedObj20240601 , additionalSecrets , armClient , log )
5759 }
5860
59- // Type assert that we are the hub type. This will fail to compile if
60- // the hub type has been changed but this extension has not
61- var _ conversion.Hub = typedObj
61+ return nil , eris .Errorf ("cannot run on unknown resource type %T" , obj )
62+ }
6263
63- primarySecrets := secretsSpecified (typedObj )
64+ func (ext * ConfigurationStoreExtension ) exportKubernetesSecrets20220501 (
65+ ctx context.Context ,
66+ obj * storage20220501.ConfigurationStore ,
67+ additionalSecrets set.Set [string ],
68+ armClient * genericarmclient.GenericClient ,
69+ log logr.Logger ,
70+ ) (* genruntime.KubernetesSecretExportResult , error ) {
71+ primarySecrets := secretsSpecified20220501 (obj )
6472 requestedSecrets := set .Union (primarySecrets , additionalSecrets )
6573 if len (requestedSecrets ) == 0 {
6674 log .V (Debug ).Info ("No secrets retrieval to perform as operatorSpec is empty" )
6775 return nil , nil
6876 }
6977
70- id , err := genruntime . GetAndParseResourceID ( typedObj )
78+ keys , err := ext . getAPIKeys ( ctx , obj , armClient , log )
7179 if err != nil {
7280 return nil , err
7381 }
7482
75- keys := make (map [string ]armappconfiguration.APIKey )
76- // Only bother calling ListKeys if there are secrets to retrieve
77- if len (requestedSecrets ) > 0 {
78- subscription := id .SubscriptionID
79- // Using armClient.ClientOptions() here ensures we share the same HTTP connection, so this is not opening a new
80- // connection each time through
81- var confClient * armappconfiguration.ConfigurationStoresClient
82- confClient , err = armappconfiguration .NewConfigurationStoresClient (subscription , armClient .Creds (), armClient .ClientOptions ())
83- if err != nil {
84- return nil , eris .Wrapf (err , "failed to create new ConfigurationStoresClient" )
85- }
83+ secretSlice , err := secretsToWrite20220501 (obj , keys )
84+ if err != nil {
85+ return nil , err
86+ }
8687
87- var pager * runtime.Pager [armappconfiguration.ConfigurationStoresClientListKeysResponse ]
88- var resp armappconfiguration.ConfigurationStoresClientListKeysResponse
89- pager = confClient .NewListKeysPager (id .ResourceGroupName , typedObj .AzureName (), nil )
90- for pager .More () {
91- resp , err = pager .NextPage (ctx )
92- if err != nil {
93- return nil , eris .Wrapf (err , "failed to retreive response" )
94- }
95- addSecretsToMap (resp .Value , keys )
96- }
88+ resolvedSecrets := makeResolvedSecretsMap (keys )
89+
90+ return & genruntime.KubernetesSecretExportResult {
91+ Objs : secrets .SliceToClientObjectSlice (secretSlice ),
92+ RawSecrets : secrets .SelectSecrets (additionalSecrets , resolvedSecrets ),
93+ }, nil
94+ }
95+
96+ func (ext * ConfigurationStoreExtension ) exportKubernetesSecrets20240601 (
97+ ctx context.Context ,
98+ obj * storage20240601.ConfigurationStore ,
99+ additionalSecrets set.Set [string ],
100+ armClient * genericarmclient.GenericClient ,
101+ log logr.Logger ,
102+ ) (* genruntime.KubernetesSecretExportResult , error ) {
103+ // Type assert that we are the hub type. This will fail to compile if
104+ // the hub type has been changed but this extension has not
105+ var _ conversion.Hub = obj
106+
107+ primarySecrets := secretsSpecified20240601 (obj )
108+ requestedSecrets := set .Union (primarySecrets , additionalSecrets )
109+ if len (requestedSecrets ) == 0 {
110+ log .V (Debug ).Info ("No secrets retrieval to perform as operatorSpec is empty" )
111+ return nil , nil
112+ }
113+
114+ keys , err := ext .getAPIKeys (ctx , obj , armClient , log )
115+ if err != nil {
116+ return nil , err
97117 }
98118
99- secretSlice , err := secretsToWrite ( typedObj , keys )
119+ secretSlice , err := secretsToWrite20240601 ( obj , keys )
100120 if err != nil {
101121 return nil , err
102122 }
@@ -109,7 +129,90 @@ func (ext *ConfigurationStoreExtension) ExportKubernetesSecrets(
109129 }, nil
110130}
111131
112- func secretsSpecified (obj * storage.ConfigurationStore ) set.Set [string ] {
132+ func (ext * ConfigurationStoreExtension ) getAPIKeys (
133+ ctx context.Context ,
134+ obj genruntime.ARMMetaObject ,
135+ armClient * genericarmclient.GenericClient ,
136+ log logr.Logger ,
137+ ) (map [string ]armappconfiguration.APIKey , error ) {
138+ id , err := genruntime .GetAndParseResourceID (obj )
139+ if err != nil {
140+ return nil , err
141+ }
142+
143+ keys := make (map [string ]armappconfiguration.APIKey )
144+ subscription := id .SubscriptionID
145+ // Using armClient.ClientOptions() here ensures we share the same HTTP connection, so this is not opening a new
146+ // connection each time through
147+ var confClient * armappconfiguration.ConfigurationStoresClient
148+ confClient , err = armappconfiguration .NewConfigurationStoresClient (subscription , armClient .Creds (), armClient .ClientOptions ())
149+ if err != nil {
150+ return nil , eris .Wrapf (err , "failed to create new ConfigurationStoresClient" )
151+ }
152+
153+ var pager * runtime.Pager [armappconfiguration.ConfigurationStoresClientListKeysResponse ]
154+ var resp armappconfiguration.ConfigurationStoresClientListKeysResponse
155+
156+ pager = confClient .NewListKeysPager (id .ResourceGroupName , obj .AzureName (), nil )
157+ for pager .More () {
158+ resp , err = pager .NextPage (ctx )
159+ if err != nil {
160+ return nil , eris .Wrapf (err , "failed to retreive response" )
161+ }
162+ addSecretsToMap (resp .Value , keys )
163+ }
164+
165+ return keys , nil
166+ }
167+
168+ func secretsSpecified20220501 (obj * storage20220501.ConfigurationStore ) set.Set [string ] {
169+ if obj .Spec .OperatorSpec == nil || obj .Spec .OperatorSpec .Secrets == nil {
170+ return nil
171+ }
172+
173+ secrets := obj .Spec .OperatorSpec .Secrets
174+
175+ result := make (set.Set [string ])
176+ if secrets .PrimaryKeyID != nil {
177+ result .Add (primaryKeyID )
178+ }
179+ if secrets .SecondaryKeyID != nil {
180+ result .Add (secondaryKeyID )
181+ }
182+ if secrets .PrimaryReadOnlyKeyID != nil {
183+ result .Add (primaryReadOnlyKeyID )
184+ }
185+ if secrets .SecondaryReadOnlyKeyID != nil {
186+ result .Add (secondaryReadOnlyKeyID )
187+ }
188+ if secrets .PrimaryKey != nil {
189+ result .Add (primaryKey )
190+ }
191+ if secrets .SecondaryKey != nil {
192+ result .Add (secondaryKey )
193+ }
194+ if secrets .PrimaryReadOnlyKey != nil {
195+ result .Add (primaryReadOnlyKey )
196+ }
197+ if secrets .SecondaryReadOnlyKey != nil {
198+ result .Add (secondaryReadOnlyKey )
199+ }
200+ if secrets .PrimaryConnectionString != nil {
201+ result .Add (primaryConnectionString )
202+ }
203+ if secrets .SecondaryConnectionString != nil {
204+ result .Add (secondaryConnectionString )
205+ }
206+ if secrets .PrimaryReadOnlyConnectionString != nil {
207+ result .Add (primaryReadOnlyConnectionString )
208+ }
209+ if secrets .SecondaryReadOnlyConnectionString != nil {
210+ result .Add (secondaryReadOnlyConnectionString )
211+ }
212+ return result
213+ }
214+
215+ func secretsSpecified20240601 (obj * storage20240601.ConfigurationStore ) set.Set [string ] {
113216 if obj .Spec .OperatorSpec == nil || obj .Spec .OperatorSpec .Secrets == nil {
114217 return nil
115218 }
@@ -165,7 +268,45 @@ func addSecretsToMap(keys []*armappconfiguration.APIKey, result map[string]armap
165268 }
166269}
167270
168- func secretsToWrite (obj * storage.ConfigurationStore , keys map [string ]armappconfiguration.APIKey ) ([]* v1.Secret , error ) {
271+ func secretsToWrite20220501 (obj * storage20220501.ConfigurationStore , keys map [string ]armappconfiguration.APIKey ) ([]* v1.Secret , error ) {
272+ operatorSpecSecrets := obj .Spec .OperatorSpec .Secrets
273+ if operatorSpecSecrets == nil {
274+ return nil , nil
275+ }
276+
277+ collector := secrets .NewCollector (obj .Namespace )
278+ primary , ok := keys ["Primary" ]
279+ if ok {
280+ collector .AddValue (operatorSpecSecrets .PrimaryConnectionString , to .Value (primary .ConnectionString ))
281+ collector .AddValue (operatorSpecSecrets .PrimaryKeyID , to .Value (primary .ID ))
282+ collector .AddValue (operatorSpecSecrets .PrimaryKey , to .Value (primary .Value ))
283+ }
284+
285+ primaryReadOnly , ok := keys ["Primary Read Only" ]
286+ if ok {
287+ collector .AddValue (operatorSpecSecrets .PrimaryReadOnlyConnectionString , to .Value (primaryReadOnly .ConnectionString ))
288+ collector .AddValue (operatorSpecSecrets .PrimaryReadOnlyKeyID , to .Value (primaryReadOnly .ID ))
289+ collector .AddValue (operatorSpecSecrets .PrimaryReadOnlyKey , to .Value (primaryReadOnly .Value ))
290+ }
291+
292+ secondary , ok := keys ["Secondary" ]
293+ if ok {
294+ collector .AddValue (operatorSpecSecrets .SecondaryConnectionString , to .Value (secondary .ConnectionString ))
295+ collector .AddValue (operatorSpecSecrets .SecondaryKeyID , to .Value (secondary .ID ))
296+ collector .AddValue (operatorSpecSecrets .SecondaryKey , to .Value (secondary .Value ))
297+ }
298+
299+ secondaryReadOnly , ok := keys ["Secondary Read Only" ]
300+ if ok {
301+ collector .AddValue (operatorSpecSecrets .SecondaryReadOnlyConnectionString , to .Value (secondaryReadOnly .ConnectionString ))
302+ collector .AddValue (operatorSpecSecrets .SecondaryReadOnlyKeyID , to .Value (secondaryReadOnly .ID ))
303+ collector .AddValue (operatorSpecSecrets .SecondaryReadOnlyKey , to .Value (secondaryReadOnly .Value ))
304+ }
305+
306+ return collector .Values ()
307+ }
308+
309+ func secretsToWrite20240601 (obj * storage20240601.ConfigurationStore , keys map [string ]armappconfiguration.APIKey ) ([]* v1.Secret , error ) {
169310 operatorSpecSecrets := obj .Spec .OperatorSpec .Secrets
170311 if operatorSpecSecrets == nil {
171312 return nil , nil
0 commit comments