Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

api: add username and host from secret #90

Merged
merged 3 commits into from
Sep 11, 2023
Merged

api: add username and host from secret #90

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
07436e9
api: add username and host from secret
datdao Sep 7, 2023
6798edd
api: add common struct for secretRef
datdao Sep 7, 2023
29df954
api: add tests for retrieving the user and host from the secret
datdao Sep 7, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
74 changes: 54 additions & 20 deletions api/v1alpha1/target.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,18 +39,30 @@ type (
Credentials struct {
Scheme string `json:"scheme,omitempty"`
User string `json:"user,omitempty"`
UserFrom UserFrom `json:"userFrom,omitempty"`
Password string `json:"password,omitempty"`
PasswordFrom PasswordFrom `json:"passwordFrom,omitempty"`
Host string `json:"host,omitempty"`
HostFrom HostFrom `json:"hostFrom,omitempty"`
Port int `json:"port,omitempty"`
Database string `json:"database,omitempty"`
Parameters map[string]string `json:"parameters,omitempty"`
}
// UserFrom references a key containing the user.
UserFrom struct {
// SecretKeyRef defines the secret key reference to use for the user.
SecretKeyRef *corev1.SecretKeySelector `json:"secretKeyRef,omitempty"`
}
// PasswordFrom references a key containing the password.
PasswordFrom struct {
// SecretKeyRef defines the secret key reference to use for the password.
SecretKeyRef *corev1.SecretKeySelector `json:"secretKeyRef,omitempty"`
}
// HostFrom references a key containing the host.
HostFrom struct {
// SecretKeyRef defines the secret key reference to use for the host.
SecretKeyRef *corev1.SecretKeySelector `json:"secretKeyRef,omitempty"`
}
// URLFrom defines a reference to a secret key that contains the Atlas URL of the
// target database schema.
URLFrom struct {
Expand All @@ -61,33 +73,41 @@ type (

// DatabaseURL returns the database url.
func (s TargetSpec) DatabaseURL(ctx context.Context, r client.Reader, ns string) (*url.URL, error) {
switch {
case s.URLFrom.SecretKeyRef != nil:
val := &corev1.Secret{}
ref := s.URLFrom.SecretKeyRef
err := r.Get(ctx, types.NamespacedName{Name: ref.Name, Namespace: ns}, val)
if s.URLFrom.SecretKeyRef != nil {
val, err := getSecrectValue(ctx, r, ns, s.URLFrom.SecretKeyRef)
if err != nil {
return nil, err
}
return url.Parse(string(val.Data[ref.Key]))
case s.URL != "":
return url.Parse(val)
}
if s.URL != "" {
return url.Parse(s.URL)
case s.Credentials.Host != "":
// Read the password from the secret if defined.
if s.Credentials.PasswordFrom.SecretKeyRef != nil {
val := &corev1.Secret{}
ref := s.Credentials.PasswordFrom.SecretKeyRef
err := r.Get(ctx, types.NamespacedName{Name: ref.Name, Namespace: ns}, val)
if err != nil {
return nil, err
}
// Set the password.
s.Credentials.Password = string(val.Data[ref.Key])
}
if s.Credentials.UserFrom.SecretKeyRef != nil {
val, err := getSecrectValue(ctx, r, ns, s.Credentials.UserFrom.SecretKeyRef)
if err != nil {
return nil, err
}
s.Credentials.User = val
}
if s.Credentials.PasswordFrom.SecretKeyRef != nil {
val, err := getSecrectValue(ctx, r, ns, s.Credentials.PasswordFrom.SecretKeyRef)
if err != nil {
return nil, err
}
s.Credentials.Password = val
}
if s.Credentials.HostFrom.SecretKeyRef != nil {
val, err := getSecrectValue(ctx, r, ns, s.Credentials.HostFrom.SecretKeyRef)
if err != nil {
return nil, err
}
s.Credentials.Host = val
}
if s.Credentials.Host != "" {
return s.Credentials.URL(), nil
default:
return nil, fmt.Errorf("no target database defined")
}
return nil, fmt.Errorf("no target database defined")
}

// URL returns the URL for the database.
Expand All @@ -113,3 +133,17 @@ func (c *Credentials) URL() *url.URL {
u.Host = host
return u
}

func getSecrectValue(
ctx context.Context,
r client.Reader,
ns string,
ref *corev1.SecretKeySelector,
) (string, error) {
val := &corev1.Secret{}
err := r.Get(ctx, types.NamespacedName{Name: ref.Name, Namespace: ns}, val)
if err != nil {
return "", err
}
return string(val.Data[ref.Key]), nil
}
42 changes: 42 additions & 0 deletions api/v1alpha1/zz_generated.deepcopy.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

96 changes: 96 additions & 0 deletions charts/atlas-operator/templates/crds/crd.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,30 @@ spec:
type: string
host:
type: string
hostFrom:
description: HostFrom references a key containing the host.
properties:
secretKeyRef:
description: SecretKeyRef defines the secret key reference
to use for the host.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
parameters:
additionalProperties:
type: string
Expand Down Expand Up @@ -117,6 +141,30 @@ spec:
type: string
user:
type: string
userFrom:
description: UserFrom references a key containing the user.
properties:
secretKeyRef:
description: SecretKeyRef defines the secret key reference
to use for the user.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
type: object
dir:
description: Dir defines the directory to use for migrations as a
Expand Down Expand Up @@ -333,6 +381,30 @@ spec:
type: string
host:
type: string
hostFrom:
description: HostFrom references a key containing the host.
properties:
secretKeyRef:
description: SecretKeyRef defines the secret key reference
to use for the host.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
parameters:
additionalProperties:
type: string
Expand Down Expand Up @@ -369,6 +441,30 @@ spec:
type: string
user:
type: string
userFrom:
description: UserFrom references a key containing the user.
properties:
secretKeyRef:
description: SecretKeyRef defines the secret key reference
to use for the user.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
type: object
devURL:
description: DevURL is the URL of the database to use for normalization
Expand Down
48 changes: 48 additions & 0 deletions config/crd/bases/db.atlasgo.io_atlasmigrations.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,30 @@ spec:
type: string
host:
type: string
hostFrom:
description: HostFrom references a key containing the host.
properties:
secretKeyRef:
description: SecretKeyRef defines the secret key reference
to use for the host.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
parameters:
additionalProperties:
type: string
Expand Down Expand Up @@ -132,6 +156,30 @@ spec:
type: string
user:
type: string
userFrom:
description: UserFrom references a key containing the user.
properties:
secretKeyRef:
description: SecretKeyRef defines the secret key reference
to use for the user.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
type: object
dir:
description: Dir defines the directory to use for migrations as a
Expand Down
Loading