From b028ae440a268066f52176114047d9f70b879dff Mon Sep 17 00:00:00 2001
From: Rajiv Senthilnathan <rajivnathan@gmail.com>
Date: Tue, 7 Nov 2023 15:29:30 -0500
Subject: [PATCH] Create webhook secret (#385)

* Add webhook secret

* Generated files

* Update comment

* Rename key for VMs

* Use pointer for webhook secret config

* Revert "Use pointer for webhook secret config"

This reverts commit 0804750de54df32cde1f8683b4c186a0058f617d.

* Use pointer for webhook secret config
---
 api/v1alpha1/memberoperatorconfig_types.go | 18 +++++++++-
 api/v1alpha1/zz_generated.deepcopy.go      | 26 +++++++++++++++
 api/v1alpha1/zz_generated.openapi.go       | 38 +++++++++++++++++++++-
 3 files changed, 80 insertions(+), 2 deletions(-)

diff --git a/api/v1alpha1/memberoperatorconfig_types.go b/api/v1alpha1/memberoperatorconfig_types.go
index 509a6da0..faf00602 100644
--- a/api/v1alpha1/memberoperatorconfig_types.go
+++ b/api/v1alpha1/memberoperatorconfig_types.go
@@ -128,7 +128,7 @@ type ConsoleConfig struct {
 	RouteName *string `json:"routeName,omitempty"`
 }
 
-// GitHubSecret defines all secrets related to Che configuration
+// GitHubSecret defines all secrets related to GitHub authentication/integration
 // +k8s:openapi-gen=true
 type GitHubSecret struct {
 	// The reference to the secret that is expected to contain the keys below
@@ -158,6 +158,22 @@ type WebhookConfig struct {
 	// Defines the flag that determines whether to deploy the Webhook
 	// +optional
 	Deploy *bool `json:"deploy,omitempty"`
+
+	// Defines all secrets related to webhook configuration
+	// +optional
+	Secret *WebhookSecret `json:"secret,omitempty"`
+}
+
+// WebhookSecret defines all secrets related to webhook configuration
+// +k8s:openapi-gen=true
+type WebhookSecret struct {
+	// The reference to the secret that is expected to contain the keys below
+	// +optional
+	ToolchainSecret `json:",inline"`
+
+	// The key in the secret values map that contains a comma-separated list of SSH keys
+	// +optional
+	VirtualMachineAccessKey *string `json:"virtualMachineAccessKey,omitempty"`
 }
 
 // WebConsolePlugin defines the configuration parameters relating to the Web Console Plugin
diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
index 18b86f05..a89912c6 100644
--- a/api/v1alpha1/zz_generated.deepcopy.go
+++ b/api/v1alpha1/zz_generated.deepcopy.go
@@ -3744,6 +3744,11 @@ func (in *WebhookConfig) DeepCopyInto(out *WebhookConfig) {
 		*out = new(bool)
 		**out = **in
 	}
+	if in.Secret != nil {
+		in, out := &in.Secret, &out.Secret
+		*out = new(WebhookSecret)
+		(*in).DeepCopyInto(*out)
+	}
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookConfig.
@@ -3756,6 +3761,27 @@ func (in *WebhookConfig) DeepCopy() *WebhookConfig {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *WebhookSecret) DeepCopyInto(out *WebhookSecret) {
+	*out = *in
+	in.ToolchainSecret.DeepCopyInto(&out.ToolchainSecret)
+	if in.VirtualMachineAccessKey != nil {
+		in, out := &in.VirtualMachineAccessKey, &out.VirtualMachineAccessKey
+		*out = new(string)
+		**out = **in
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookSecret.
+func (in *WebhookSecret) DeepCopy() *WebhookSecret {
+	if in == nil {
+		return nil
+	}
+	out := new(WebhookSecret)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *Workspace) DeepCopyInto(out *Workspace) {
 	*out = *in
diff --git a/api/v1alpha1/zz_generated.openapi.go b/api/v1alpha1/zz_generated.openapi.go
index 9b0db159..80806b74 100644
--- a/api/v1alpha1/zz_generated.openapi.go
+++ b/api/v1alpha1/zz_generated.openapi.go
@@ -136,6 +136,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 		"github.com/codeready-toolchain/api/api/v1alpha1.UserTierSpec":                          schema_codeready_toolchain_api_api_v1alpha1_UserTierSpec(ref),
 		"github.com/codeready-toolchain/api/api/v1alpha1.UsersConfig":                           schema_codeready_toolchain_api_api_v1alpha1_UsersConfig(ref),
 		"github.com/codeready-toolchain/api/api/v1alpha1.WebhookConfig":                         schema_codeready_toolchain_api_api_v1alpha1_WebhookConfig(ref),
+		"github.com/codeready-toolchain/api/api/v1alpha1.WebhookSecret":                         schema_codeready_toolchain_api_api_v1alpha1_WebhookSecret(ref),
 		"github.com/codeready-toolchain/api/api/v1alpha1.Workspace":                             schema_codeready_toolchain_api_api_v1alpha1_Workspace(ref),
 		"github.com/codeready-toolchain/api/api/v1alpha1.WorkspaceStatus":                       schema_codeready_toolchain_api_api_v1alpha1_WorkspaceStatus(ref),
 	}
@@ -649,7 +650,7 @@ func schema_codeready_toolchain_api_api_v1alpha1_GitHubSecret(ref common.Referen
 	return common.OpenAPIDefinition{
 		Schema: spec.Schema{
 			SchemaProps: spec.SchemaProps{
-				Description: "GitHubSecret defines all secrets related to Che configuration",
+				Description: "GitHubSecret defines all secrets related to GitHub authentication/integration",
 				Type:        []string{"object"},
 				Properties: map[string]spec.Schema{
 					"ref": {
@@ -5050,6 +5051,41 @@ func schema_codeready_toolchain_api_api_v1alpha1_WebhookConfig(ref common.Refere
 							Format:      "",
 						},
 					},
+					"secret": {
+						SchemaProps: spec.SchemaProps{
+							Description: "Defines all secrets related to webhook configuration",
+							Ref:         ref("github.com/codeready-toolchain/api/api/v1alpha1.WebhookSecret"),
+						},
+					},
+				},
+			},
+		},
+		Dependencies: []string{
+			"github.com/codeready-toolchain/api/api/v1alpha1.WebhookSecret"},
+	}
+}
+
+func schema_codeready_toolchain_api_api_v1alpha1_WebhookSecret(ref common.ReferenceCallback) common.OpenAPIDefinition {
+	return common.OpenAPIDefinition{
+		Schema: spec.Schema{
+			SchemaProps: spec.SchemaProps{
+				Description: "WebhookSecret defines all secrets related to webhook configuration",
+				Type:        []string{"object"},
+				Properties: map[string]spec.Schema{
+					"ref": {
+						SchemaProps: spec.SchemaProps{
+							Description: "Reference is the name of the secret resource to look up",
+							Type:        []string{"string"},
+							Format:      "",
+						},
+					},
+					"virtualMachineAccessKey": {
+						SchemaProps: spec.SchemaProps{
+							Description: "The key in the secret values map that contains a comma-separated list of SSH keys",
+							Type:        []string{"string"},
+							Format:      "",
+						},
+					},
 				},
 			},
 		},