feat: add extra field for console API

Add extra fields for enabling or disabling console API endpoints

Signed-off-by: Santiago Jimenez Giraldo <santiago@redpanda.com>

Author: sago2k8

src/go/k8s/api/vectorized/v1alpha1/console_types.go

@@ -82,6 +82,11 @@ type ConsoleSpec struct {
 
 	// The name of the ServiceAccount to be used by the Redpanda pods
 	ServiceAccount *string `json:"serviceAccount,omitempty"`
+
+	// +optional
+	// Console contains all configuration options for features that are generic,
+	// such as enabling API endpoints.
+	Console *ConsoleConfigField `json:"console,omitempty"`
 }
 
 // Server is the Console app HTTP server config
@@ -265,6 +270,28 @@ type Connectivity struct {
 	External string `json:"external,omitempty"`
 }
 
+type ConsoleConfigField struct {
+	// +optional
+	// ConsoleAPI declares the configuration properties for managing the
+	// connect/grpc/grpc-gateway API endpoints.
+	API ConsoleAPI `json:"api" yaml:"api"`
+}
+
+type ConsoleAPI struct {
+	// +kubebuilder:default=true
+	// Enabled determines whether any of the connect/grpc/grpc-gateway endpoints
+	// will be mounted to the server.
+	Enabled bool `json:"enabled"`
+	// +kubebuilder:default={"*"}
+	// EnabledProcedures is a list of procedure names that shall be allowed.
+	// If a procedure is called that is not on this list a descriptive error
+	// will be returned. A procedure name has the following format, regardless
+	// whether it's called via connect, gRPC or the HTTP interface:
+	// "/redpanda.api.dataplane.v1alpha1.UserService/ListUsers".
+	// You can use "*" to enable all procedures.
+	EnabledProcedures []string `json:"enabledProcedures"`
+}
+
 //+kubebuilder:object:root=true
 //+kubebuilder:subresource:status
 

src/go/k8s/api/vectorized/v1alpha1/zz_generated.deepcopy.go

@@ -303,6 +303,36 @@ spec:
                     format: duration
                     type: string
                 type: object
+              console:
+                description: Console contains all configuration options for features
+                  that are generic, such as enabling API endpoints.
+                properties:
+                  api:
+                    description: ConsoleAPI declares the configuration properties
+                      for managing the connect/grpc/grpc-gateway API endpoints.
+                    properties:
+                      enabled:
+                        default: true
+                        description: Enabled determines whether any of the connect/grpc/grpc-gateway
+                          endpoints will be mounted to the server.
+                        type: boolean
+                      enabledProcedures:
+                        default:
+                        - '*'
+                        description: 'EnabledProcedures is a list of procedure names
+                          that shall be allowed. If a procedure is called that is
+                          not on this list a descriptive error will be returned. A
+                          procedure name has the following format, regardless whether
+                          it''s called via connect, gRPC or the HTTP interface: "/redpanda.api.dataplane.v1alpha1.UserService/ListUsers".
+                          You can use "*" to enable all procedures.'
+                        items:
+                          type: string
+                        type: array
+                    required:
+                    - enabled
+                    - enabledProcedures
+                    type: object
+                type: object
               deployment:
                 description: Deployment defines configurable fields for the Console
                   Deployment resource

src/go/k8s/config/crd/bases/redpanda.vectorized.io_consoles.yaml

@@ -149,6 +149,7 @@ func (cm *ConfigMap) generateConsoleConfig(
 		Kafka:            cm.genKafka(username),
 		Enterprise:       cm.genEnterprise(),
 		Redpanda:         cm.genRedpanda(),
+		Console:          cm.genConsoleConfigField(),
 	}
 
 	consoleConfig.Connect, err = cm.genConnect(ctx)
@@ -225,6 +226,18 @@ func (cm *ConfigMap) genEnterprise() (e Enterprise) {
 	return e
 }
 
+func (cm *ConfigMap) genConsoleConfigField() (c vectorizedv1alpha1.ConsoleConfigField) {
+	if console := cm.consoleobj.Spec.Console; console != nil {
+		return vectorizedv1alpha1.ConsoleConfigField{
+			API: vectorizedv1alpha1.ConsoleAPI{
+				Enabled:           console.API.Enabled,
+				EnabledProcedures: console.API.EnabledProcedures,
+			},
+		}
+	}
+	return c
+}
+
 func (cm *ConfigMap) genCloud() CloudConfig {
 	if cm.consoleobj.Spec.Cloud == nil ||
 		cm.consoleobj.Spec.Cloud.PrometheusEndpoint == nil {

src/go/k8s/pkg/console/configmap.go

@@ -30,12 +30,13 @@ type ConsoleConfig struct {
 	Kafka   config.Kafka   `json:"kafka" yaml:"kafka"`
 	Connect config.Connect `json:"connect" yaml:"connect"`
 
-	License     string                `json:"license,omitempty" yaml:"license,omitempty"`
-	Enterprise  Enterprise            `json:"enterprise,omitempty" yaml:"enterprise,omitempty"`
-	Login       EnterpriseLogin       `json:"login,omitempty" yaml:"login,omitempty"`
-	Cloud       CloudConfig           `json:"cloud,omitempty" yaml:"cloud,omitempty"`
-	Redpanda    Redpanda              `json:"redpanda,omitempty" yaml:"redpanda,omitempty"`
-	SecretStore EnterpriseSecretStore `json:"secretStore,omitempty" yaml:"secretStore,omitempty"`
+	License     string                                `json:"license,omitempty" yaml:"license,omitempty"`
+	Enterprise  Enterprise                            `json:"enterprise,omitempty" yaml:"enterprise,omitempty"`
+	Login       EnterpriseLogin                       `json:"login,omitempty" yaml:"login,omitempty"`
+	Cloud       CloudConfig                           `json:"cloud,omitempty" yaml:"cloud,omitempty"`
+	Redpanda    Redpanda                              `json:"redpanda,omitempty" yaml:"redpanda,omitempty"`
+	SecretStore EnterpriseSecretStore                 `json:"secretStore,omitempty" yaml:"secretStore,omitempty"`
+	Console     vectorizedv1alpha1.ConsoleConfigField `json:"console,omitempty" yaml:"console,omitempty"`
 }
 
 // SetDefaults sets sane defaults