Add secret scopes

tomasz-sadura · RafalKorepta · commit 0123b37cdeeb · 2024-11-27T08:38:44.000+01:00
diff --git a/operator/api/vectorized/v1alpha1/console_enterprise_types.go b/operator/api/vectorized/v1alpha1/console_enterprise_types.go
@@ -179,6 +179,8 @@ type SecretStore struct {
 	GCPSecretManager *SecretManagerGCP        `json:"gcpSecretManager,omitempty"`
 	AWSSecretManager *SecretManagerAWS        `json:"awsSecretManager,omitempty"`
 	KafkaConnect     *SecretStoreKafkaConnect `json:"kafkaConnect,omitempty"`
+	// Scopes is a list of supported secret scopes
+	Scopes []string `json:"scopes,omitempty"`
 }
 
 // SecretManagerGCP is the configuration object for using Google Cloud's secret manager.
diff --git a/operator/api/vectorized/v1alpha1/zz_generated.deepcopy.go b/operator/api/vectorized/v1alpha1/zz_generated.deepcopy.go
diff --git a/operator/config/crd/bases/redpanda.vectorized.io_consoles.yaml b/operator/config/crd/bases/redpanda.vectorized.io_consoles.yaml
@@ -896,6 +896,11 @@ spec:
                     - clusters
                     - enabled
                     type: object
+                  scopes:
+                    description: Scopes is a list of supported secret scopes
+                    items:
+                      type: string
+                    type: array
                   secretNamePrefix:
                     description: |-
                       SecretNamePrefix is the prefix that shall be used for each secret name
diff --git a/operator/pkg/console/configmap.go b/operator/pkg/console/configmap.go
@@ -432,12 +432,19 @@ func (cm *ConfigMap) genSecretStore() EnterpriseSecretStore {
 			})
 		}
 	}
+	s := EnterpriseSecretStoreScopes{}
+	if ss.Scopes != nil {
+		s = EnterpriseSecretStoreScopes{
+			Scopes: ss.Scopes,
+		}
+	}
 	return EnterpriseSecretStore{
 		Enabled:          ss.Enabled,
 		SecretNamePrefix: ss.SecretNamePrefix,
 		GCPSecretManager: smGCP,
 		AWSSecretManager: smAWS,
 		KafkaConnect:     kc,
+		Scopes:           s,
 	}
 }
 
diff --git a/operator/pkg/console/console.go b/operator/pkg/console/console.go
@@ -165,6 +165,7 @@ type EnterpriseSecretStore struct {
 	GCPSecretManager EnterpriseSecretManagerGCP        `json:"gcpSecretManager" yaml:"gcpSecretManager"`
 	AWSSecretManager EnterpriseSecretManagerAWS        `json:"awsSecretManager" yaml:"awsSecretManager"`
 	KafkaConnect     EnterpriseSecretStoreKafkaConnect `json:"kafkaConnect" yaml:"kafkaConnect"`
+	Scopes           EnterpriseSecretStoreScopes       `json:"scopes" yaml:"scopes"`
 }
 
 type EnterpriseSecretManagerGCP struct {
@@ -186,6 +187,10 @@ type EnterpriseSecretStoreKafkaConnect struct {
 	Clusters []EnterpriseSecretStoreKafkaConnectCluster `json:"clusters" yaml:"clusters"`
 }
 
+type EnterpriseSecretStoreScopes struct {
+	Scopes []string `json:"scopes" yaml:"scopes"`
+}
+
 type EnterpriseSecretStoreKafkaConnectCluster struct {
 	Name                   string `json:"name" yaml:"name"`
 	SecretNamePrefixAppend string `json:"secretNamePrefixAppend" yaml:"secretNamePrefixAppend"`

Original file line number	Diff line number	Diff line change
`@@ -179,6 +179,8 @@ type SecretStore struct {`
`179`	`179`	GCPSecretManager *SecretManagerGCP `json:"gcpSecretManager,omitempty"`
`180`	`180`	AWSSecretManager *SecretManagerAWS `json:"awsSecretManager,omitempty"`
`181`	`181`	KafkaConnect *SecretStoreKafkaConnect `json:"kafkaConnect,omitempty"`
	`182`	`+ // Scopes is a list of supported secret scopes`
	`183`	+ Scopes []string `json:"scopes,omitempty"`
`182`	`184`	`}`
`183`	`185`
`184`	`186`	`// SecretManagerGCP is the configuration object for using Google Cloud's secret manager.`
Original file line number	Diff line number	Diff line change
`@@ -432,12 +432,19 @@ func (cm *ConfigMap) genSecretStore() EnterpriseSecretStore {`
`432`	`432`	`})`
`433`	`433`	`}`
`434`	`434`	`}`
	`435`	`+ s := EnterpriseSecretStoreScopes{}`
	`436`	`+ if ss.Scopes != nil {`
	`437`	`+ s = EnterpriseSecretStoreScopes{`
	`438`	`+ Scopes: ss.Scopes,`
	`439`	`+ }`
	`440`	`+ }`
`435`	`441`	`return EnterpriseSecretStore{`
`436`	`442`	`Enabled: ss.Enabled,`
`437`	`443`	`SecretNamePrefix: ss.SecretNamePrefix,`
`438`	`444`	`GCPSecretManager: smGCP,`
`439`	`445`	`AWSSecretManager: smAWS,`
`440`	`446`	`KafkaConnect: kc,`
	`447`	`+ Scopes: s,`
`441`	`448`	`}`
`442`	`449`	`}`
`443`	`450`