Skip to content

Commit

Permalink
feat: Add CRD Support for Oracle Cloud Infrastructure
Browse files Browse the repository at this point in the history
Signed-off-by: Jean-Yves NOLEN <jynolen@gmail.com>

feat: Make OCI HA comptatible

Signed-off-by: Jean-Yves NOLEN <jynolen@gmail.com>

fix: Change comment

Signed-off-by: Jean-Yves NOLEN <jynolen@gmail.com>
  • Loading branch information
jynolen committed Apr 29, 2024
1 parent cd5d5dd commit 42c875f
Showing 1 changed file with 26 additions and 0 deletions.
26 changes: 26 additions & 0 deletions pkg/apis/vault/v1alpha1/vault_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@ var (
"mysql": true,
"postgresql": true,
"raft": true,
"oci": true,
"spanner": true,
"zookeeper": true,
}
Expand Down Expand Up @@ -661,6 +662,7 @@ type UnsealConfig struct {
Alibaba *AlibabaUnsealConfig `json:"alibaba,omitempty"`
Azure *AzureUnsealConfig `json:"azure,omitempty"`
AWS *AWSUnsealConfig `json:"aws,omitempty"`
OCI *OCIUnsealConfig `json:"oci,omitempty"`
Vault *VaultUnsealConfig `json:"vault,omitempty"`
HSM *HSMUnsealConfig `json:"hsm,omitempty"`
}
Expand Down Expand Up @@ -710,6 +712,21 @@ func (usc *UnsealConfig) ToArgs(vault *Vault) []string {
"--azure-key-vault-name",
usc.Azure.KeyVaultName,
)
} else if usc.OCI != nil {
args = append(args,
"--mode",
"oci",
"--oci-key-ocid",
usc.OCI.KeyOCID,
"--oci-cryptographic-endpoint",
usc.OCI.CryptographicEndpoint,
"--oci-bucket-namespace",
usc.OCI.BucketNamespace,
"--oci-bucket-name",
usc.OCI.BucketName,
"--oci-bucket-prefix",
usc.OCI.BucketPrefix,
)
} else if usc.AWS != nil {
args = append(args,
"--mode",
Expand Down Expand Up @@ -911,6 +928,15 @@ type AWSUnsealConfig struct {
S3SSE string `json:"s3SSE,omitempty"`
}

// OCIUnsealConfig holds the parameters for Oracle Cloud Infrastructure based unsealing
type OCIUnsealConfig struct {
KeyOCID string `json:"keyOCID"`
CryptographicEndpoint string `json:"cryptographicEndpoint"`
BucketName string `json:"bucketName"`
BucketNamespace string `json:"bucketNamespace,omitempty"`
BucketPrefix string `json:"bucketPrefix,omitempty"`
}

// VaultUnsealConfig holds the parameters for remote Vault based unsealing
type VaultUnsealConfig struct {
Address string `json:"address"`
Expand Down

0 comments on commit 42c875f

Please # to comment.