PeeringDialer controller (#1236)

PeeringDialer CRD and controller, not including unit tests.

charts/consul/templates/connect-inject-clusterrole.yaml

@@ -59,6 +59,24 @@ rules:
     - get
     - patch
     - update
+- apiGroups: ["consul.hashicorp.com"]
+  resources: ["peeringdialers"]
+  verbs:
+    - create
+    - delete
+    - get
+    - list
+    - patch
+    - update
+    - watch
+- apiGroups:
+    - consul.hashicorp.com
+  resources:
+    - peeringdialers/status
+  verbs:
+    - get
+    - patch
+    - update
 {{- if .Values.global.enablePodSecurityPolicies }}
 - apiGroups: [ "policy" ]
   resources: [ "podsecuritypolicies" ]

charts/consul/templates/crd-peeringacceptors.yaml

@@ -85,8 +85,7 @@ spec:
                     type: string
                 type: object
               secret:
-                description: Secret shows any errors during the last reconciliation
-                  of this resource.
+                description: SecretRef shows the status of the secret.
                 properties:
                   backend:
                     description: 'Backend is where the generated secret is stored.
@@ -96,7 +95,7 @@ spec:
                     description: Key is the key of the secret generated.
                     type: string
                   latestHash:
-                    description: LatestHash is the SHA256 sum of the secret generated.
+                    description: ResourceVersion is the resource version for the secret.
                     type: string
                   name:
                     description: Name is the name of the secret generated.

charts/consul/templates/crd-peeringdialers.yaml

@@ -0,0 +1,116 @@
+{{- if .Values.connectInject.enabled }}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.8.0
+  creationTimestamp: null
+  name: peeringdialers.consul.hashicorp.com
+  labels:
+    app: {{ template "consul.name" . }}
+    chart: {{ template "consul.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+    component: crd
+spec:
+  group: consul.hashicorp.com
+  names:
+    kind: PeeringDialer
+    listKind: PeeringDialerList
+    plural: peeringdialers
+    singular: peeringdialer
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: PeeringDialer is the Schema for the peeringdialers API.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: PeeringDialerSpec defines the desired state of PeeringDialer.
+            properties:
+              peer:
+                description: Peer describes the information needed to create a peering.
+                properties:
+                  secret:
+                    description: Secret describes how to store the generated peering
+                      token.
+                    properties:
+                      backend:
+                        description: 'Backend is where the generated secret is stored.
+                          Currently supports the value: "kubernetes".'
+                        type: string
+                      key:
+                        description: Key is the key of the secret generated.
+                        type: string
+                      name:
+                        description: Name is the name of the secret generated.
+                        type: string
+                    type: object
+                type: object
+            required:
+            - peer
+            type: object
+          status:
+            description: PeeringDialerStatus defines the observed state of PeeringDialer.
+            properties:
+              lastReconcileTime:
+                description: LastReconcileTime is the last time the resource was reconciled.
+                format: date-time
+                type: string
+              reconcileError:
+                description: ReconcileError shows any errors during the last reconciliation
+                  of this resource.
+                properties:
+                  error:
+                    description: Error is a boolean indicating if there was an error
+                      during the last reconcile of this resource.
+                    type: boolean
+                  message:
+                    description: Message displays the error message from the last
+                      reconcile.
+                    type: string
+                type: object
+              secret:
+                description: SecretRef shows the status of the secret.
+                properties:
+                  backend:
+                    description: 'Backend is where the generated secret is stored.
+                      Currently supports the value: "kubernetes".'
+                    type: string
+                  key:
+                    description: Key is the key of the secret generated.
+                    type: string
+                  latestHash:
+                    description: ResourceVersion is the resource version for the secret.
+                    type: string
+                  name:
+                    description: Name is the name of the secret generated.
+                    type: string
+                type: object
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []
+{{- end }}

control-plane/PROJECT

@@ -68,4 +68,13 @@ resources:
   kind: PeeringAcceptor
   path: github.com/hashicorp/consul-k8s/control-plane/api/v1alpha1
   version: v1alpha1
+- api:
+    crdVersion: v1beta1
+    namespaced: true
+  controller: true
+  domain: hashicorp.com
+  group: consul
+  kind: PeeringDialer
+  path: github.com/hashicorp/consul-k8s/control-plane/api/v1alpha1
+  version: v1alpha1
 version: "3"

control-plane/api/v1alpha1/peeringdialer_types.go

@@ -0,0 +1,55 @@
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
+
+func init() {
+	SchemeBuilder.Register(&PeeringDialer{}, &PeeringDialerList{})
+}
+
+//+kubebuilder:object:root=true
+//+kubebuilder:subresource:status
+
+// PeeringDialer is the Schema for the peeringdialers API.
+type PeeringDialer struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   PeeringDialerSpec   `json:"spec,omitempty"`
+	Status PeeringDialerStatus `json:"status,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+
+// PeeringDialerList contains a list of PeeringDialer.
+type PeeringDialerList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []PeeringDialer `json:"items"`
+}
+
+// PeeringDialerSpec defines the desired state of PeeringDialer.
+type PeeringDialerSpec struct {
+	// Important: Run "make" to regenerate code after modifying this file
+
+	// Peer describes the information needed to create a peering.
+	Peer *Peer `json:"peer"`
+}
+
+// PeeringDialerStatus defines the observed state of PeeringDialer.
+type PeeringDialerStatus struct {
+	// Important: Run "make" to regenerate code after modifying this file
+
+	// LastReconcileTime is the last time the resource was reconciled.
+	// +optional
+	LastReconcileTime *metav1.Time `json:"lastReconcileTime,omitempty" description:"last time the resource was reconciled"`
+	// ReconcileError shows any errors during the last reconciliation of this resource.
+	// +optional
+	ReconcileError *ReconcileErrorStatus `json:"reconcileError,omitempty"`
+	// SecretRef shows the status of the secret.
+	// +optional
+	SecretRef *SecretRefStatus `json:"secret,omitempty"`
+}

control-plane/config/crd/bases/consul.hashicorp.com_peeringacceptors.yaml

@@ -78,8 +78,7 @@ spec:
                     type: string
                 type: object
               secret:
-                description: Secret shows any errors during the last reconciliation
-                  of this resource.
+                description: SecretRef shows the status of the secret.
                 properties:
                   backend:
                     description: 'Backend is where the generated secret is stored.
@@ -89,7 +88,7 @@ spec:
                     description: Key is the key of the secret generated.
                     type: string
                   latestHash:
-                    description: LatestHash is the SHA256 sum of the secret generated.
+                    description: ResourceVersion is the resource version for the secret.
                     type: string
                   name:
                     description: Name is the name of the secret generated.