openmcp-project
diff --git a/‎README.md‎
Lines changed: 40 additions & 14 deletions b/‎README.md‎
Lines changed: 40 additions & 14 deletions
diff --git a/‎Taskfile.yaml‎
Lines changed: 1 addition & 0 deletions b/‎Taskfile.yaml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎VERSION‎
Lines changed: 1 addition & 1 deletion b/‎VERSION‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎api/crds/manifests/crossplane.services.openmcp.cloud_crossplanes.yaml‎
Lines changed: 1 addition & 1 deletion b/‎api/crds/manifests/crossplane.services.openmcp.cloud_crossplanes.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎api/crds/manifests/crossplane.services.openmcp.cloud_providerconfigs.yaml‎
Lines changed: 109 additions & 61 deletions b/‎api/crds/manifests/crossplane.services.openmcp.cloud_providerconfigs.yaml‎
Lines changed: 109 additions & 61 deletions
diff --git a/‎api/v1alpha1/providerconfig_types.go‎
Lines changed: 43 additions & 19 deletions b/‎api/v1alpha1/providerconfig_types.go‎
Lines changed: 43 additions & 19 deletions
@@ -49,27 +49,50 @@ spec:
 ## 📖 Usage
 
 ### Configure a `ProviderConfig`
-A `ProviderConfig` is an API where you can configure the installation of a Crossplane instance in your `ManagedControlPlane`.
+A `ProviderConfig` is an API where you can configure an allow-list of Crossplane and provider installations in your `ManagedControlPlane`.
+The `ProviderConfig` is stored in the Platform cluster and therefore in the responsibility realm of the platform owner.
 
 ```yaml
 apiVersion: crossplane.services.openmcp.cloud/v1alpha1
 kind: ProviderConfig
 metadata:
   name: default
 spec:
-  chart:
-    repository: "https://charts.crossplane.io/stable"
-    name: crossplane
-    availableVersions:
-      - v1.20.0
-      - v1.19.0
-  availableProviders:
-    - name: provider-kubernetes
-      package: xpkg.upbound.io/upbound/provider-kubernetes
-      versions:
-        - v0.16.0
+  versions:
+    - version: v2.0.2
+      chart:
+        url: "ghcr.io/openmcp-project/openmcp/charts/crossplane:2.0.2" # example OCI regsitry URL for Crosslane helm chart
+        secretRef: # optional
+          name: ghcr
+      image:
+        url: "xpkg.crossplane.io/crossplane/crossplane:2.0.2" # currently, upstream location but can be private registry as well
+        secretRef:
+          name: xyz # optional
+    - version: v1.20.0
+      chart:
+        url: "ghcr.io/openmcp-project/openmcp/charts/crossplane:1.20.0" # example OCI regsitry URL for Crosslane helm chart
+        secretRef: # optional
+          name: ghcr
+      image:
+        url: "xpkg.crossplane.io/crossplane/crossplane:1.20.0" # currently, upstream location but can be private registry as well
+        secretRef: # optional
+          name: xyz
+
+  providers:
+    availableProviders:
+      - name: provider-kubernetes
+        package: xpkg.upbound.io/upbound/provider-kubernetes
+        versions:
+          - v0.16.0
+          - v0.15.0
+    imagePullSecretRefs:
+      - name: secretforprivateproviders
+      - name: xyz
 ```
 
+The `ProviderConfig` allows you to specify secret references for private helm chart or image locations.
+NOTE: `ProvierConfig.spec.versions[].chart.url` needs to be image URL to an OCI registry.
+
 ### Install a Crossplane instance
 
 ```yaml
@@ -79,12 +102,15 @@ metadata:
   name: crossplane-sample
   namespace: default
 spec:
-  version: v1.20.0
+  version: v1.20.0 # allowed version from ProviderConfig
   providers:
     - name: provider-kubernetes
-      version: v0.16.0
+      version: v0.16.0 # allowed version from ProviderConfig
 ```
 
+## 📚 Documentation
+More documentation for the service-provider-crossplane can be found in the [docs](./docs) folder.
+
 ## 🧑‍💻 Development
 
 ### Building the binary locally
 
@@ -10,6 +10,7 @@ includes:
       CODE_DIRS: '{{.ROOT_DIR}}/cmd/... {{.ROOT_DIR}}/internal/... {{.ROOT_DIR}}/api/v1alpha1/... {{.ROOT_DIR}}/pkg/...'
       COMPONENTS: 'service-provider-crossplane'
       REPO_URL: 'https://github.com/openmcp-project/service-provider-crossplane'
+      GENERATE_DOCS_INDEX: "true"
       CHART_COMPONENTS: "[]"
       CRDS_COMPONENTS: 'service-provider-crossplane'
       CRDS_PATH: '{{.ROOT_DIR}}/api/crds/manifests'
@@ -1 +1 @@
-v0.0.5-dev
+v0.1.0
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.18.0
+    controller-gen.kubebuilder.io/version: v0.19.0
   labels:
     openmcp.cloud/cluster: onboarding
   name: crossplanes.crossplane.services.openmcp.cloud
 
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.18.0
+    controller-gen.kubebuilder.io/version: v0.19.0
   labels:
     openmcp.cloud/cluster: platform
   name: providerconfigs.crossplane.services.openmcp.cloud
@@ -45,77 +45,125 @@ spec:
           spec:
             description: spec defines the desired state of ProviderConfig
             properties:
-              availableProviders:
-                description: AvailableProviders holds the list of providers that can
-                  be configured with the Service Provider Crossplane.
-                items:
-                  description: AvailableCrossplaneProvider represents configuration
-                    for Crossplane providers in a ProviderConfig of the Service Provider
-                    Crossplane.
-                  properties:
-                    name:
-                      description: Name of the provider.
-                      type: string
-                    package:
-                      description: Package is the package name of the provider.
-                      type: string
-                    versions:
-                      description: Version of the provider to install.
-                      items:
-                        type: string
-                      type: array
-                  required:
-                  - name
-                  - package
-                  - versions
-                  type: object
-                type: array
-              chart:
-                description: Optional custom Helm chart configuration.
+              providers:
+                description: Providers holds the configuration for Crossplane providers
+                  that can be installed via the Service Provider Crossplane.
                 properties:
-                  availableVersions:
-                    description: AvailableVersions of the Helm chart.
+                  availableProviders:
+                    description: AvailableProviders holds the list of providers that
+                      can be configured with the Service Provider Crossplane.
                     items:
-                      type: string
+                      description: AvailableCrossplaneProvider represents configuration
+                        for Crossplane providers in a ProviderConfig of the Service
+                        Provider Crossplane.
+                      properties:
+                        name:
+                          description: Name of the provider.
+                          type: string
+                        package:
+                          description: Package is the package name of the provider.
+                          type: string
+                        versions:
+                          description: Version of the provider to install.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - name
+                      - package
+                      - versions
+                      type: object
+                    type: array
+                  imagePullSecretRefs:
+                    description: Image pull secrets for pulling Crossplane provider
+                      images from private OCI registries.
+                    items:
+                      description: LocalObjectReference is a reference to an object
+                        in the same namespace as the resource referencing it.
+                      properties:
+                        name:
+                          default: ""
+                          description: |-
+                            Name of the referent.
+                            This field is effectively required, but due to backwards compatibility is
+                            allowed to be empty. Instances of this type with an empty value here are
+                            almost certainly wrong.
+                            More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
                     type: array
-                  name:
-                    description: Name of the Helm chart.
-                    type: string
-                  repository:
-                    description: Repository is the URL to a Helm repository.
-                    type: string
                 required:
-                - availableVersions
-                - name
-                - repository
+                - availableProviders
                 type: object
-              imageMapping:
-                additionalProperties:
-                  type: string
-                description: ImageMapping holds the information about exchangable
-                  image locations in the Helm chart.
-                type: object
-              imagePullSecrets:
-                description: Image pull secrets for Crossplane pods
+              versions:
                 items:
-                  description: LocalObjectReference is a reference to an object in
-                    the same namespace as the resource referencing it.
+                  description: CrossplaneVersion defines a specific version of Crossplane
+                    along with its chart and image information.
                   properties:
-                    name:
-                      default: ""
-                      description: |-
-                        Name of the referent.
-                        This field is effectively required, but due to backwards compatibility is
-                        allowed to be empty. Instances of this type with an empty value here are
-                        almost certainly wrong.
-                        More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    chart:
+                      description: Chart holds the Helm chart information for this
+                        Crossplane version.
+                      properties:
+                        secretRef:
+                          description: SecretRef references a secret containing credentials
+                            to access the OCI artifact repository.
+                          properties:
+                            name:
+                              default: ""
+                              description: |-
+                                Name of the referent.
+                                This field is effectively required, but due to backwards compatibility is
+                                allowed to be empty. Instances of this type with an empty value here are
+                                almost certainly wrong.
+                                More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        url:
+                          description: |-
+                            URL is a reference to an OCI artifact repository hosted on a remote container registry where the Helm chart is stored.
+                            The URL must NOT start with "oci://".
+                          type: string
+                      required:
+                      - url
+                      type: object
+                    image:
+                      description: Image holds the Crossplane controller image information
+                        for this Crossplane version.
+                      properties:
+                        secretRef:
+                          description: SecretRef references a secret containing credentials
+                            to access the container image repository.
+                          properties:
+                            name:
+                              default: ""
+                              description: |-
+                                Name of the referent.
+                                This field is effectively required, but due to backwards compatibility is
+                                allowed to be empty. Instances of this type with an empty value here are
+                                almost certainly wrong.
+                                More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        url:
+                          description: URL is a reference to the container image location.
+                          type: string
+                      required:
+                      - url
+                      type: object
+                    version:
+                      description: Version of Crossplane.
                       type: string
+                  required:
+                  - chart
+                  - image
+                  - version
                   type: object
-                  x-kubernetes-map-type: atomic
                 type: array
             required:
-            - availableProviders
-            - chart
+            - versions
             type: object
           status:
             description: status defines the observed state of ProviderConfig
 
@@ -36,38 +36,62 @@ type AvailableCrossplaneProvider struct {
 	Package string `json:"package"`
 }
 
-// ChartSpec identifies a Helm chart.
-type ChartSpec struct {
-	// Repository is the URL to a Helm repository.
+// CrossplaneProviders represents the configutation of Crossplane providers and and their image pull secrets.
+type CrossplaneProviders struct {
+	// AvailableProviders holds the list of providers that can be configured with the Service Provider Crossplane.
 	// +kubebuilder:validation:Required
-	Repository string `json:"repository"`
+	AvailableProviders []AvailableCrossplaneProvider `json:"availableProviders"`
 
-	// Name of the Helm chart.
-	// +kubebuilder:validation:Required
-	Name string `json:"name"`
+	// Image pull secrets for pulling Crossplane provider images from private OCI registries.
+	// +kubebuilder:validation:Optional
+	ImagePullSecrets []commonapi.LocalObjectReference `json:"imagePullSecretRefs,omitempty"`
+}
 
-	// AvailableVersions of the Helm chart.
+// ChartSpec defines the location and access of a Helm chart.
+type ChartSpec struct {
+	// URL is a reference to an OCI artifact repository hosted on a remote container registry where the Helm chart is stored.
+	// The URL must NOT start with "oci://".
 	// +kubebuilder:validation:Required
-	AvailableVersions []string `json:"availableVersions"`
+	URL string `json:"url"`
+
+	// SecretRef references a secret containing credentials to access the OCI artifact repository.
+	// +kubebuilder:validation:Optional
+	SecretRef commonapi.LocalObjectReference `json:"secretRef,omitempty"`
 }
 
-// ProviderConfigSpec defines the desired state of ProviderConfig.
-type ProviderConfigSpec struct {
-	// Optional custom Helm chart configuration.
+// ImageSpec defines the location and access a container image.
+type ImageSpec struct {
+	// URL is a reference to the container image location.
 	// +kubebuilder:validation:Required
-	Chart ChartSpec `json:"chart"`
+	URL string `json:"url"`
 
-	// ImageMapping holds the information about exchangable image locations in the Helm chart.
+	// SecretRef references a secret containing credentials to access the container image repository.
 	// +kubebuilder:validation:Optional
-	ImageMapping map[string]string `json:"imageMapping,omitempty"`
+	SecretRef commonapi.LocalObjectReference `json:"secretRef,omitempty"`
+}
 
-	// AvailableProviders holds the list of providers that can be configured with the Service Provider Crossplane.
+// CrossplaneVersion defines a specific version of Crossplane along with its chart and image information.
+type CrossplaneVersion struct {
+	// Version of Crossplane.
 	// +kubebuilder:validation:Required
-	AvailableProviders []AvailableCrossplaneProvider `json:"availableProviders"`
+	Version string `json:"version"`
+
+	// Chart holds the Helm chart information for this Crossplane version.
+	// +kubebuilder:validation:Required
+	Chart ChartSpec `json:"chart"`
+
+	// Image holds the Crossplane controller image information for this Crossplane version.
+	// +kubebuilder:validation:Required
+	Image ImageSpec `json:"image"`
+}
+
+// ProviderConfigSpec defines the desired state of ProviderConfig.
+type ProviderConfigSpec struct {
+	CrossplaneVersions []CrossplaneVersion `json:"versions"`
 
-	// Image pull secrets for Crossplane pods
+	// Providers holds the configuration for Crossplane providers that can be installed via the Service Provider Crossplane.
 	// +kubebuilder:validation:Optional
-	ImagePullSecrets []commonapi.LocalObjectReference `json:"imagePullSecrets,omitempty"`
+	Providers CrossplaneProviders `json:"providers,omitempty"`
 }
 
 // ProviderConfigStatus defines the observed state of ProviderConfig.