Add listener volume scope for secret volume builders

crates/stackable-operator/CHANGELOG.md

@@ -7,6 +7,7 @@ All notable changes to this project will be documented in this file.
 ### Added
 
 - Add `Hostname` and `KerberosRealmName` types extracted from secret-operator ([#851]).
+- Add support for listener volume scopes to `SecretOperatorVolumeSourceBuilder` ([#858]).
 
 ### Changed
 
@@ -20,6 +21,7 @@ All notable changes to this project will be documented in this file.
 [#846]: https://github.com/stackabletech/operator-rs/pull/846
 [#851]: https://github.com/stackabletech/operator-rs/pull/851
 [#855]: https://github.com/stackabletech/operator-rs/pull/855
+[#858]: https://github.com/stackabletech/operator-rs/pull/858
 
 ## [0.74.0] - 2024-08-22
 

crates/stackable-operator/src/builder/pod/volume.rs

@@ -309,6 +309,12 @@ impl SecretOperatorVolumeSourceBuilder {
         self
     }
 
+    pub fn with_listener_volume_scope(&mut self, name: impl Into<String>) -> &mut Self {
+        self.scopes
+            .push(SecretOperatorVolumeScope::ListenerVolume { name: name.into() });
+        self
+    }
+
     pub fn with_format(&mut self, format: SecretFormat) -> &mut Self {
         self.format = Some(format);
         self
@@ -394,6 +400,7 @@ pub enum SecretOperatorVolumeScope {
     Node,
     Pod,
     Service { name: String },
+    ListenerVolume { name: String },
 }
 
 /// Reference to a listener class or listener name

crates/stackable-operator/src/commons/secret_class.rs

@@ -52,6 +52,9 @@ impl SecretClassVolume {
             for service in &scope.services {
                 secret_operator_volume_builder.with_service_scope(service);
             }
+            for listener_volume in &scope.listener_volumes {
+                secret_operator_volume_builder.with_listener_volume_scope(listener_volume);
+            }
         }
 
         secret_operator_volume_builder
@@ -84,6 +87,11 @@ pub struct SecretClassVolumeScope {
     /// This should typically correspond to Service objects that the Pod participates in.
     #[serde(default)]
     pub services: Vec<String>,
+
+    /// The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners.
+    /// This must correspond to Volume names in the Pod that mount Listeners.
+    #[serde(default)]
+    pub listener_volumes: Vec<String>,
 }
 
 #[cfg(test)]
@@ -99,6 +107,7 @@ mod tests {
                 pod: true,
                 node: false,
                 services: vec!["myservice".to_string()],
+                listener_volumes: vec!["mylistener".to_string()],
             }),
         }
         .to_ephemeral_volume_source()
@@ -111,7 +120,7 @@ mod tests {
             ),
             (
                 "secrets.stackable.tech/scope".to_string(),
-                "pod,service=myservice".to_string(),
+                "pod,service=myservice,listener-volume=mylistener".to_string(),
             ),
         ]);
 

crates/stackable-operator/src/kvp/annotation/mod.rs

@@ -104,6 +104,10 @@ impl Annotation {
                     value.push_str("service=");
                     value.push_str(name);
                 }
+                SecretOperatorVolumeScope::ListenerVolume { name } => {
+                    value.push_str("listener-volume=");
+                    value.push_str(name);
+                }
             }
         }