diff options
author | Jan Malkiewicz <jan.malkiewicz@nokia.com> | 2020-10-06 14:49:21 +0200 |
---|---|---|
committer | Jan Malkiewicz <jan.malkiewicz@nokia.com> | 2020-10-08 18:09:51 +0200 |
commit | 6ff92492d2d1712443fa2bef73f28bd8b8554e23 (patch) | |
tree | 412f3011d267c1c934f383a8047a88e935203e59 /certServiceK8sExternalProvider/src/api | |
parent | b1ec7f0d28bcd699c9dc5aaf23e902f04145863c (diff) |
[OOM-K8S-CERT-EXTERNAL-PROVIDER] Create mock implementation
This project is a GOlang implementation of an external provider for kubernetes cert-manager.
External provider will use OOM CertService as backend signing CA.
Mock implementation only logs intent of certificate signing.
In order to provide the ultimate implemenatation please extend file 'certservice-provisioner.go'.
Issue-ID: OOM-2559
Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com>
Change-Id: Ib3de4ca4c54424042ddaa50507375815cc3da7f4
Diffstat (limited to 'certServiceK8sExternalProvider/src/api')
3 files changed, 345 insertions, 0 deletions
diff --git a/certServiceK8sExternalProvider/src/api/cerservice_issuer_crd_deepcopy.go b/certServiceK8sExternalProvider/src/api/cerservice_issuer_crd_deepcopy.go new file mode 100644 index 00000000..2b2e455b --- /dev/null +++ b/certServiceK8sExternalProvider/src/api/cerservice_issuer_crd_deepcopy.go @@ -0,0 +1,162 @@ +/* + * ============LICENSE_START======================================================= + * oom-certservice-k8s-external-provider + * ================================================================================ + * Copyright (c) 2019 Smallstep Labs, Inc. + * Modifications copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * This source code was copied from the following git repository: + * https://github.com/smallstep/step-issuer + * The source code was modified for usage in the ONAP project. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + + +package api + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecretKeySelector) DeepCopyInto(out *SecretKeySelector) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretKeySelector. +func (in *SecretKeySelector) DeepCopy() *SecretKeySelector { + if in == nil { + return nil + } + out := new(SecretKeySelector) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CertServiceIssuer) DeepCopyInto(out *CertServiceIssuer) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertServiceIssuer. +func (in *CertServiceIssuer) DeepCopy() *CertServiceIssuer { + if in == nil { + return nil + } + out := new(CertServiceIssuer) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *CertServiceIssuer) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CertServiceIssuerCondition) DeepCopyInto(out *CertServiceIssuerCondition) { + *out = *in + if in.LastTransitionTime != nil { + in, out := &in.LastTransitionTime, &out.LastTransitionTime + *out = (*in).DeepCopy() + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertServiceIssuerCondition. +func (in *CertServiceIssuerCondition) DeepCopy() *CertServiceIssuerCondition { + if in == nil { + return nil + } + out := new(CertServiceIssuerCondition) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CertServiceIssuerList) DeepCopyInto(out *CertServiceIssuerList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]CertServiceIssuer, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertServiceIssuerList. +func (in *CertServiceIssuerList) DeepCopy() *CertServiceIssuerList { + if in == nil { + return nil + } + out := new(CertServiceIssuerList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *CertServiceIssuerList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CertServiceIssuerSpec) DeepCopyInto(out *CertServiceIssuerSpec) { + *out = *in + out.KeyRef = in.KeyRef +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertServiceIssuerSpec. +func (in *CertServiceIssuerSpec) DeepCopy() *CertServiceIssuerSpec { + if in == nil { + return nil + } + out := new(CertServiceIssuerSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CertServiceIssuerStatus) DeepCopyInto(out *CertServiceIssuerStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]CertServiceIssuerCondition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertServiceIssuerStatus. +func (in *CertServiceIssuerStatus) DeepCopy() *CertServiceIssuerStatus { + if in == nil { + return nil + } + out := new(CertServiceIssuerStatus) + in.DeepCopyInto(out) + return out +} diff --git a/certServiceK8sExternalProvider/src/api/certservice_issuer_crd_schema.go b/certServiceK8sExternalProvider/src/api/certservice_issuer_crd_schema.go new file mode 100644 index 00000000..f829ae54 --- /dev/null +++ b/certServiceK8sExternalProvider/src/api/certservice_issuer_crd_schema.go @@ -0,0 +1,140 @@ +/* + * ============LICENSE_START======================================================= + * oom-certservice-k8s-external-provider + * ================================================================================ + * Copyright (c) 2019 Smallstep Labs, Inc. + * Modifications copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * This source code was copied from the following git repository: + * https://github.com/smallstep/step-issuer + * The source code was modified for usage in the ONAP project. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + + + +package api + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +func init() { + SchemeBuilder.Register(&CertServiceIssuer{}, &CertServiceIssuerList{}) +} + +// CertServiceIssuerSpec defines the desired state of CertServiceIssuer +type CertServiceIssuerSpec struct { + // URL is the base URL for the CertService certificates instance. + URL string `json:"url"` + + // KeyRef is a reference to a Secret containing the provisioner + // password used to decrypt the provisioner private key. + KeyRef SecretKeySelector `json:"keyRef"` +} + +// CertServiceIssuerStatus defines the observed state of CertServiceIssuer +type CertServiceIssuerStatus struct { + // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + // Important: Run "make" to regenerate code after modifying this file + + // +optional + Conditions []CertServiceIssuerCondition `json:"conditions,omitempty"` +} + +// +kubebuilder:object:root=true + +// CertServiceIssuer is the Schema for the certserviceissuers API +// +kubebuilder:subresource:status +type CertServiceIssuer struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec CertServiceIssuerSpec `json:"spec,omitempty"` + Status CertServiceIssuerStatus `json:"status,omitempty"` +} + +// +kubebuilder:object:root=true + +// CertServiceIssuerList contains a list of CertServiceIssuer +type CertServiceIssuerList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []CertServiceIssuer `json:"items"` +} + +// SecretKeySelector contains the reference to a secret. +type SecretKeySelector struct { + // The name of the secret in the pod's namespace to select from. + Name string `json:"name"` + + // The key of the secret to select from. Must be a valid secret key. + // +optional + Key string `json:"key,omitempty"` +} + +// ConditionType represents a CertServiceIssuer condition type. +// +kubebuilder:validation:Enum=Ready +type ConditionType string + +const ( + // ConditionReady indicates that a CertServiceIssuer is ready for use. + ConditionReady ConditionType = "Ready" +) + +// ConditionStatus represents a condition's status. +// +kubebuilder:validation:Enum=True;False;Unknown +type ConditionStatus string + +// These are valid condition statuses. "ConditionTrue" means a resource is in +// the condition; "ConditionFalse" means a resource is not in the condition; +// "ConditionUnknown" means kubernetes can't decide if a resource is in the +// condition or not. In the future, we could add other intermediate +// conditions, e.g. ConditionDegraded. +const ( + // ConditionTrue represents the fact that a given condition is true + ConditionTrue ConditionStatus = "True" + + // ConditionFalse represents the fact that a given condition is false + ConditionFalse ConditionStatus = "False" + + // ConditionUnknown represents the fact that a given condition is unknown + ConditionUnknown ConditionStatus = "Unknown" +) + +// CertServiceIssuerCondition contains condition information for the CertService issuer. +type CertServiceIssuerCondition struct { + // Type of the condition, currently ('Ready'). + Type ConditionType `json:"type"` + + // Status of the condition, one of ('True', 'False', 'Unknown'). + // +kubebuilder:validation:Enum=True;False;Unknown + Status ConditionStatus `json:"status"` + + // LastTransitionTime is the timestamp corresponding to the last status + // change of this condition. + // +optional + LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"` + + // Reason is a brief machine readable explanation for the condition's last + // transition. + // +optional + Reason string `json:"reason,omitempty"` + + // Message is a human readable description of the details of the last + // transition, complementing reason. + // +optional + Message string `json:"message,omitempty"` +} diff --git a/certServiceK8sExternalProvider/src/api/groupversion_info.go b/certServiceK8sExternalProvider/src/api/groupversion_info.go new file mode 100644 index 00000000..ebb76424 --- /dev/null +++ b/certServiceK8sExternalProvider/src/api/groupversion_info.go @@ -0,0 +1,43 @@ +/* + * ============LICENSE_START======================================================= + * oom-certservice-k8s-external-provider + * ================================================================================ + * Copyright (c) 2019 Smallstep Labs, Inc. + * Modifications copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * This source code was copied from the following git repository: + * https://github.com/smallstep/step-issuer + * The source code was modified for usage in the ONAP project. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + + +package api + +import ( + "k8s.io/apimachinery/pkg/runtime/schema" + "sigs.k8s.io/controller-runtime/pkg/scheme" +) + +var ( + // GroupVersion is group version used to register these objects + GroupVersion = schema.GroupVersion{Group: "certmanager.onap.org", Version: "v1beta1"} + + // SchemeBuilder is used to add go types to the GroupVersionKind scheme + SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} + + // AddToScheme adds the types in this group-version to the given scheme. + AddToScheme = SchemeBuilder.AddToScheme +) |