Rework options framework

ExternalSecrets are now dynamically generated only when required. This is important to remove the dependency of saas dev environments from external-secrets operator and vault.
3scale-ops · Jan 9, 2024 · b9ffdba · b9ffdba
1 parent 8c4dfe6
commit b9ffdba
Show file tree

Hide file tree

Showing 60 changed files with 1,124 additions and 1,570 deletions.
diff --git a/api/v1alpha1/common_types.go b/api/v1alpha1/common_types.go
@@ -559,14 +559,18 @@ func (spec *ExternalSecret) Default() {
 
 // SecretReference is a reference to a secret stored in some secrets engine
 type SecretReference struct {
-	// VaultSecretReference is a reference to a secret stored in a Hashicorp Vault
+	// FromVault is a reference to a secret key/value stored in a Hashicorp Vault
 	// +operator-sdk:csv:customresourcedefinitions:type=spec
 	// +optional
 	FromVault *VaultSecretReference `json:"fromVault,omitempty"`
 	// Override allows to directly specify a string value.
 	// +operator-sdk:csv:customresourcedefinitions:type=spec
 	// +optional
 	Override *string `json:"override,omitempty"`
+	// FromSecret is a reference to a key/value in a Secret resource
+	// +operator-sdk:csv:customresourcedefinitions:type=spec
+	// +optional
+	// FromSecret
 }
 
 // VaultSecretReference is a reference to a secret stored in

diff --git a/api/v1alpha1/system_types.go b/api/v1alpha1/system_types.go
@@ -471,14 +471,9 @@ type SystemConfig struct {
 	// Mapping Service access token
 	// +operator-sdk:csv:customresourcedefinitions:type=spec
 	MappingServiceAccessToken SecretReference `json:"mappingServiceAccessToken"`
-	// Zync authentication token
-	// +operator-sdk:csv:customresourcedefinitions:type=spec
-	// +optional
-	ZyncAuthToken *SecretReference `json:"zyncAuthToken,omitempty"`
 	// Zync has configuration options for system to contact zync
 	// +operator-sdk:csv:customresourcedefinitions:type=spec
-	// +optional
-	Zync *SystemZyncSpec `json:"zync,omitempty"`
+	Zync SystemZyncSpec `json:"zync,omitempty"`
 	// Backend has configuration options for system to contact backend
 	// +operator-sdk:csv:customresourcedefinitions:type=spec
 	Backend SystemBackendSpec `json:"backend"`

diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
diff --git a/bundle/manifests/saas-operator.clusterserviceversion.yaml b/bundle/manifests/saas-operator.clusterserviceversion.yaml
@@ -1308,7 +1308,7 @@ spec:
           key
         displayName: Error Monitoring Key
         path: config.errorMonitoringKey
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.errorMonitoringKey.fromVault
@@ -1325,7 +1325,7 @@ spec:
           service
         displayName: Error Monitoring Service
         path: config.errorMonitoringService
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.errorMonitoringService.fromVault
@@ -1358,7 +1358,7 @@ spec:
       - description: A reference to the secret holding the backend-internal-api password
         displayName: Internal APIPassword
         path: config.internalAPIPassword
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.internalAPIPassword.fromVault
@@ -1374,7 +1374,7 @@ spec:
       - description: A reference to the secret holding the backend-internal-api user
         displayName: Internal APIUser
         path: config.internalAPIUser
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.internalAPIUser.fromVault
@@ -1403,7 +1403,7 @@ spec:
           password
         displayName: System Events Hook Password
         path: config.systemEventsHookPassword
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.systemEventsHookPassword.fromVault
@@ -1420,7 +1420,7 @@ spec:
           URL
         displayName: System Events Hook URL
         path: config.systemEventsHookURL
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.systemEventsHookURL.fromVault
@@ -1940,7 +1940,7 @@ spec:
       - description: System database connection string
         displayName: System Database DSN
         path: config.systemDatabaseDSN
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.systemDatabaseDSN.fromVault
@@ -2293,7 +2293,7 @@ spec:
       - description: A reference to the secret holding the system admin token
         displayName: System Admin Token
         path: config.systemAdminToken
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.systemAdminToken.fromVault
@@ -2794,7 +2794,7 @@ spec:
       - description: AccessCode to protect admin urls
         displayName: Access Code
         path: config.accessCode
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.accessCode.fromVault
@@ -2810,7 +2810,7 @@ spec:
       - description: AWS access key
         displayName: Access Key
         path: config.assets.accessKey
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.assets.accessKey.fromVault
@@ -2835,7 +2835,7 @@ spec:
       - description: AWS secret access key
         displayName: Secret Key
         path: config.assets.secretKey
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.assets.secretKey.fromVault
@@ -2857,7 +2857,7 @@ spec:
       - description: Internal API password
         displayName: Internal APIPassword
         path: config.backend.internalAPIPassword
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.backend.internalAPIPassword.fromVault
@@ -2873,7 +2873,7 @@ spec:
       - description: Internal API user
         displayName: Internal APIUser
         path: config.backend.internalAPIUser
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.backend.internalAPIUser.fromVault
@@ -2898,7 +2898,7 @@ spec:
       - description: API key
         displayName: APIKey
         path: config.bugsnag.apiKey
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.bugsnag.apiKey.fromVault
@@ -2921,7 +2921,7 @@ spec:
       - description: DSN of system's main database
         displayName: Database DSN
         path: config.databaseDSN
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.databaseDSN.fromVault
@@ -2937,7 +2937,7 @@ spec:
       - description: Database secret
         displayName: Database Secret
         path: config.databaseSecret
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.databaseSecret.fromVault
@@ -2953,7 +2953,7 @@ spec:
       - description: EventsSharedSecret
         displayName: Events Shared Secret
         path: config.eventsSharedSecret
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.eventsSharedSecret.fromVault
@@ -2992,7 +2992,7 @@ spec:
       - description: Client ID
         displayName: Client ID
         path: config.github.clientID
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.github.clientID.fromVault
@@ -3008,7 +3008,7 @@ spec:
       - description: Client secret
         displayName: Client Secret
         path: config.github.clientSecret
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.github.clientSecret.fromVault
@@ -3024,7 +3024,7 @@ spec:
       - description: Mapping Service access token
         displayName: Mapping Service Access Token
         path: config.mappingServiceAccessToken
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.mappingServiceAccessToken.fromVault
@@ -3058,7 +3058,7 @@ spec:
       - description: Private key
         displayName: Private Key
         path: config.recaptcha.privateKey
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.recaptcha.privateKey.fromVault
@@ -3074,7 +3074,7 @@ spec:
       - description: Public key
         displayName: Public Key
         path: config.recaptcha.publicKey
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.recaptcha.publicKey.fromVault
@@ -3093,7 +3093,7 @@ spec:
       - description: Client ID
         displayName: Client ID
         path: config.redhatCustomerPortal.clientID
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.redhatCustomerPortal.clientID.fromVault
@@ -3109,7 +3109,7 @@ spec:
       - description: Client secret
         displayName: Client Secret
         path: config.redhatCustomerPortal.clientSecret
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.redhatCustomerPortal.clientSecret.fromVault
@@ -3149,7 +3149,7 @@ spec:
       - description: SecretKeyBase
         displayName: Secret Key Base
         path: config.secretKeyBase
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.secretKeyBase.fromVault
@@ -3168,7 +3168,7 @@ spec:
       - description: Deletion token
         displayName: Deletion Token
         path: config.segment.deletionToken
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.segment.deletionToken.fromVault
@@ -3187,7 +3187,7 @@ spec:
       - description: Write key
         displayName: Write Key
         path: config.segment.writeKey
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.segment.writeKey.fromVault
@@ -3215,7 +3215,7 @@ spec:
       - description: Password
         displayName: Password
         path: config.smtp.password
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.smtp.password.fromVault
@@ -3240,7 +3240,7 @@ spec:
       - description: User
         displayName: User
         path: config.smtp.user
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.smtp.user.fromVault
@@ -3268,7 +3268,7 @@ spec:
       - description: Zync authentication token
         displayName: Auth Token
         path: config.zync.authToken
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.zync.authToken.fromVault
@@ -3284,22 +3284,6 @@ spec:
       - description: Zync endpoint
         displayName: Endpoint
         path: config.zync.endpoint
-      - description: Zync authentication token
-        displayName: Zync Auth Token
-        path: config.zyncAuthToken
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
-          Vault
-        displayName: From Vault
-        path: config.zyncAuthToken.fromVault
-      - description: The Vault key of the secret
-        displayName: Key
-        path: config.zyncAuthToken.fromVault.key
-      - description: The Vault path where the secret is located
-        displayName: Path
-        path: config.zyncAuthToken.fromVault.path
-      - description: Override allows to directly specify a string value.
-        displayName: Override
-        path: config.zyncAuthToken.override
       - description: Console specific configuration options
         displayName: Console
         path: console
@@ -4171,7 +4155,7 @@ spec:
       - description: API key
         displayName: APIKey
         path: config.bugsnag.apiKey
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.bugsnag.apiKey.fromVault
@@ -4190,7 +4174,7 @@ spec:
       - description: A reference to the secret holding the database DSN
         displayName: Database DSN
         path: config.databaseDSN
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.databaseDSN.fromVault
@@ -4235,7 +4219,7 @@ spec:
       - description: A reference to the secret holding the secret-key-base
         displayName: Secret Key Base
         path: config.secretKeyBase
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.secretKeyBase.fromVault
@@ -4251,7 +4235,7 @@ spec:
       - description: A reference to the secret holding the zync authentication token
         displayName: Zync Auth Token
         path: config.zyncAuthToken
-      - description: VaultSecretReference is a reference to a secret stored in a Hashicorp
+      - description: FromVault is a reference to a secret key/value stored in a Hashicorp
           Vault
         displayName: From Vault
         path: config.zyncAuthToken.fromVault