Skip to content

Commit

Permalink
make deploykey key sensitive
Browse files Browse the repository at this point in the history
  • Loading branch information
@tomasmota
tomasmota committed Mar 20, 2024
1 parent c4ea310 commit 018597d
Show file tree
Hide file tree
Showing 6 changed files with 36 additions and 43 deletions.
2 changes: 1 addition & 1 deletion apis/repo/v1alpha1/zz_deploykey_terraformed.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 2 additions & 10 deletions apis/repo/v1alpha1/zz_deploykey_types.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

16 changes: 1 addition & 15 deletions apis/repo/v1alpha1/zz_generated.deepcopy.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

11 changes: 10 additions & 1 deletion config/deploykey/config.go
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
package deploykey

import "github.com/crossplane/upjet/pkg/config"
import (
"github.com/crossplane/upjet/pkg/config"
)

// Configure github_branch resource.
func Configure(p *config.Provider) {
Expand All @@ -16,5 +18,12 @@ func Configure(p *config.Provider) {
r.References["repository"] = config.Reference{
Type: "Repository",
}

r.TerraformResource.Schema["key"].Required = true
r.TerraformResource.Schema["read_only"].Required = true
r.TerraformResource.Schema["title"].Required = true

// Setting the field as sensitive to be able to pass the content from a k8s secret
r.TerraformResource.Schema["key"].Sensitive = true
})
}
5 changes: 4 additions & 1 deletion examples-generated/repo/v1alpha1/deploykey.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,10 @@ metadata:
name: example-repository-deploy-key
spec:
forProvider:
key: ssh-rsa AAA...
keySecretRef:
key: example-key
name: example-secret
namespace: upbound-system
readOnly: "false"
repositorySelector:
matchLabels:
Expand Down
33 changes: 18 additions & 15 deletions package/crds/repo.github.upbound.io_deploykeys.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,11 +73,25 @@ spec:
type: string
forProvider:
properties:
key:
keySecretRef:
description: |-
A SSH key.
A SSH key.
type: string
properties:
key:
description: The key to select.
type: string
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- key
- name
- namespace
type: object
readOnly:
description: |-
A boolean qualifying the key to be either read only or read/write.
Expand Down Expand Up @@ -181,11 +195,6 @@ spec:
for example because of an external controller is managing them, like an
autoscaler.
properties:
key:
description: |-
A SSH key.
A SSH key.
type: string
readOnly:
description: |-
A boolean qualifying the key to be either read only or read/write.
Expand Down Expand Up @@ -444,10 +453,9 @@ spec:
- forProvider
type: object
x-kubernetes-validations:
- message: spec.forProvider.key is a required parameter
- message: spec.forProvider.keySecretRef is a required parameter
rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies
|| ''Update'' in self.managementPolicies) || has(self.forProvider.key)
|| (has(self.initProvider) && has(self.initProvider.key))'
|| ''Update'' in self.managementPolicies) || has(self.forProvider.keySecretRef)'
- message: spec.forProvider.title is a required parameter
rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies
|| ''Update'' in self.managementPolicies) || has(self.forProvider.title)
Expand All @@ -461,11 +469,6 @@ spec:
type: string
id:
type: string
key:
description: |-
A SSH key.
A SSH key.
type: string
readOnly:
description: |-
A boolean qualifying the key to be either read only or read/write.
Expand Down

0 comments on commit 018597d

Please sign in to comment.