Merge pull request #25 from bharath-b-rh/eso-53

ESO-53: Adds a controller to manage ExternalSecretsManager API

Author: openshift-merge-bot[bot]

.gitignore

@@ -13,6 +13,7 @@
 
 # Output of the go coverage tool, specifically when used with LiteIDE
 *.out
+cover.html
 
 # Dependency directories (remove the comment below to include it)
 # vendor/

api/v1alpha1/external_secrets_manager_types.go

@@ -116,6 +116,45 @@ type Feature struct {
 
 // ExternalSecretsManagerStatus is the most recently observed status of the ExternalSecretsManager.
 type ExternalSecretsManagerStatus struct {
+	// controllerStatuses holds the observed conditions of the controllers part of the operator.
+	// +patchMergeKey=type
+	// +patchStrategy=merge
+	// +listType=map
+	// +listMapKey=name
+	ControllerStatuses []ControllerStatus `json:"controllerStatuses,omitempty"`
+
+	// lastTransitionTime is the last time the condition transitioned from one status to another.
+	// +kubebuilder:validation:Type=string
+	// +kubebuilder:validation:Format=date-time
+	LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"`
+}
+
+// ControllerStatus holds the observed conditions of the controllers part of the operator.
+type ControllerStatus struct {
+	// name of the controller for which the observed condition is recorded.
+	// +kubebuilder:validation:Required
+	Name string `json:"name,omitempty"`
+
 	// conditions holds information of the current state of the external-secrets-operator controllers.
-	ConditionalStatus `json:",inline,omitempty"`
+	// +patchMergeKey=type
+	// +patchStrategy=merge
+	// +listType=map
+	// +listMapKey=type
+	Conditions []Condition `json:"conditions,omitempty"`
+
+	// observedGeneration represents the .metadata.generation on the observed resource.
+	// +kubebuilder:validation:Minimum=0
+	ObservedGeneration int64 `json:"observedGeneration,omitempty"`
+}
+
+type Condition struct {
+	// type of the condition
+	// +kubebuilder:validation:Required
+	Type string `json:"type"`
+
+	// status of the condition
+	Status metav1.ConditionStatus `json:"status" `
+
+	// message provides details about the state.
+	Message string `json:"message"`
 }

api/v1alpha1/zz_generated.deepcopy.go

@@ -33,7 +33,7 @@ metadata:
     categories: Security
     console.openshift.io/disable-operand-delete: "true"
     containerImage: ""
-    createdAt: "2025-06-04T18:31:43Z"
+    createdAt: "2025-06-13T05:51:30Z"
     features.operators.openshift.io/cnf: "false"
     features.operators.openshift.io/cni: "false"
     features.operators.openshift.io/csi: "false"
@@ -343,12 +343,14 @@ spec:
           - operator.openshift.io
           resources:
           - externalsecrets/finalizers
+          - externalsecretsmanagers/finalizers
           verbs:
           - update
         - apiGroups:
           - operator.openshift.io
           resources:
           - externalsecrets/status
+          - externalsecretsmanagers/status
           verbs:
           - get
           - patch

bundle/manifests/external-secrets-operator.clusterserviceversion.yaml

@@ -1133,67 +1133,58 @@ spec:
               status is the most recently observed status of controllers used by
               External Secrets Operator.
             properties:
-              conditions:
-                description: conditions holds information of the current state of
-                  deployment.
+              controllerStatuses:
+                description: controllerStatuses holds the observed conditions of the
+                  controllers part of the operator.
                 items:
-                  description: Condition contains details for one aspect of the current
-                    state of this API Resource.
+                  description: ControllerStatus holds the observed conditions of the
+                    controllers part of the operator.
                   properties:
-                    lastTransitionTime:
-                      description: |-
-                        lastTransitionTime is the last time the condition transitioned from one status to another.
-                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
-                      format: date-time
-                      type: string
-                    message:
-                      description: |-
-                        message is a human readable message indicating details about the transition.
-                        This may be an empty string.
-                      maxLength: 32768
+                    conditions:
+                      description: conditions holds information of the current state
+                        of the external-secrets-operator controllers.
+                      items:
+                        properties:
+                          message:
+                            description: message provides details about the state.
+                            type: string
+                          status:
+                            description: status of the condition
+                            type: string
+                          type:
+                            description: type of the condition
+                            type: string
+                        required:
+                        - message
+                        - status
+                        - type
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - type
+                      x-kubernetes-list-type: map
+                    name:
+                      description: name of the controller for which the observed condition
+                        is recorded.
                       type: string
                     observedGeneration:
-                      description: |-
-                        observedGeneration represents the .metadata.generation that the condition was set based upon.
-                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
-                        with respect to the current state of the instance.
+                      description: observedGeneration represents the .metadata.generation
+                        on the observed resource.
                       format: int64
                       minimum: 0
                       type: integer
-                    reason:
-                      description: |-
-                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
-                        Producers of specific condition types may define expected values and meanings for this field,
-                        and whether the values are considered a guaranteed API.
-                        The value should be a CamelCase string.
-                        This field may not be empty.
-                      maxLength: 1024
-                      minLength: 1
-                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
-                      type: string
-                    status:
-                      description: status of the condition, one of True, False, Unknown.
-                      enum:
-                      - "True"
-                      - "False"
-                      - Unknown
-                      type: string
-                    type:
-                      description: type of condition in CamelCase or in foo.example.com/CamelCase.
-                      maxLength: 316
-                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
-                      type: string
                   required:
-                  - lastTransitionTime
-                  - message
-                  - reason
-                  - status
-                  - type
+                  - name
                   type: object
                 type: array
                 x-kubernetes-list-map-keys:
-                - type
+                - name
                 x-kubernetes-list-type: map
+              lastTransitionTime:
+                description: lastTransitionTime is the last time the condition transitioned
+                  from one status to another.
+                format: date-time
+                type: string
             type: object
         type: object
         x-kubernetes-validations:

bundle/manifests/operator.openshift.io_externalsecretsmanagers.yaml

@@ -17,6 +17,7 @@ limitations under the License.
 package main
 
 import (
+	"context"
 	"crypto/tls"
 	"flag"
 	"os"
@@ -43,6 +44,7 @@ import (
 )
 
 var (
+	ctx      = context.Background()
 	scheme   = runtime.NewScheme()
 	setupLog = ctrl.Log.WithName("setup")
 )
@@ -139,7 +141,7 @@ func main() {
 		os.Exit(1)
 	}
 
-	if err := operator.StartControllers(mgr); err != nil {
+	if err := operator.StartControllers(ctx, mgr); err != nil {
 		setupLog.Error(err, "failed to start controllers")
 		os.Exit(1)
 	}

cmd/external-secrets-operator/main.go

@@ -1133,67 +1133,58 @@ spec:
               status is the most recently observed status of controllers used by
               External Secrets Operator.
             properties:
-              conditions:
-                description: conditions holds information of the current state of
-                  deployment.
+              controllerStatuses:
+                description: controllerStatuses holds the observed conditions of the
+                  controllers part of the operator.
                 items:
-                  description: Condition contains details for one aspect of the current
-                    state of this API Resource.
+                  description: ControllerStatus holds the observed conditions of the
+                    controllers part of the operator.
                   properties:
-                    lastTransitionTime:
-                      description: |-
-                        lastTransitionTime is the last time the condition transitioned from one status to another.
-                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
-                      format: date-time
-                      type: string
-                    message:
-                      description: |-
-                        message is a human readable message indicating details about the transition.
-                        This may be an empty string.
-                      maxLength: 32768
+                    conditions:
+                      description: conditions holds information of the current state
+                        of the external-secrets-operator controllers.
+                      items:
+                        properties:
+                          message:
+                            description: message provides details about the state.
+                            type: string
+                          status:
+                            description: status of the condition
+                            type: string
+                          type:
+                            description: type of the condition
+                            type: string
+                        required:
+                        - message
+                        - status
+                        - type
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - type
+                      x-kubernetes-list-type: map
+                    name:
+                      description: name of the controller for which the observed condition
+                        is recorded.
                       type: string
                     observedGeneration:
-                      description: |-
-                        observedGeneration represents the .metadata.generation that the condition was set based upon.
-                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
-                        with respect to the current state of the instance.
+                      description: observedGeneration represents the .metadata.generation
+                        on the observed resource.
                       format: int64
                       minimum: 0
                       type: integer
-                    reason:
-                      description: |-
-                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
-                        Producers of specific condition types may define expected values and meanings for this field,
-                        and whether the values are considered a guaranteed API.
-                        The value should be a CamelCase string.
-                        This field may not be empty.
-                      maxLength: 1024
-                      minLength: 1
-                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
-                      type: string
-                    status:
-                      description: status of the condition, one of True, False, Unknown.
-                      enum:
-                      - "True"
-                      - "False"
-                      - Unknown
-                      type: string
-                    type:
-                      description: type of condition in CamelCase or in foo.example.com/CamelCase.
-                      maxLength: 316
-                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
-                      type: string
                   required:
-                  - lastTransitionTime
-                  - message
-                  - reason
-                  - status
-                  - type
+                  - name
                   type: object
                 type: array
                 x-kubernetes-list-map-keys:
-                - type
+                - name
                 x-kubernetes-list-type: map
+              lastTransitionTime:
+                description: lastTransitionTime is the last time the condition transitioned
+                  from one status to another.
+                format: date-time
+                type: string
             type: object
         type: object
         x-kubernetes-validations:

config/crd/bases/operator.openshift.io_externalsecretsmanagers.yaml

@@ -175,12 +175,14 @@ rules:
   - operator.openshift.io
   resources:
   - externalsecrets/finalizers
+  - externalsecretsmanagers/finalizers
   verbs:
   - update
 - apiGroups:
   - operator.openshift.io
   resources:
   - externalsecrets/status
+  - externalsecretsmanagers/status
   verbs:
   - get
   - patch