From 42c875f1704a117960774d3d338e957e9351957e Mon Sep 17 00:00:00 2001
From: Jean-Yves NOLEN <jynolen@gmail.com>
Date: Mon, 29 Apr 2024 16:18:47 +0200
Subject: [PATCH] feat: Add CRD Support for Oracle Cloud Infrastructure

Signed-off-by: Jean-Yves NOLEN <jynolen@gmail.com>

feat: Make OCI HA comptatible

Signed-off-by: Jean-Yves NOLEN <jynolen@gmail.com>

fix: Change comment

Signed-off-by: Jean-Yves NOLEN <jynolen@gmail.com>
---
 pkg/apis/vault/v1alpha1/vault_types.go | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/pkg/apis/vault/v1alpha1/vault_types.go b/pkg/apis/vault/v1alpha1/vault_types.go
index f6902523..c4797caf 100644
--- a/pkg/apis/vault/v1alpha1/vault_types.go
+++ b/pkg/apis/vault/v1alpha1/vault_types.go
@@ -50,6 +50,7 @@ var (
 		"mysql":      true,
 		"postgresql": true,
 		"raft":       true,
+		"oci":        true,
 		"spanner":    true,
 		"zookeeper":  true,
 	}
@@ -661,6 +662,7 @@ type UnsealConfig struct {
 	Alibaba    *AlibabaUnsealConfig   `json:"alibaba,omitempty"`
 	Azure      *AzureUnsealConfig     `json:"azure,omitempty"`
 	AWS        *AWSUnsealConfig       `json:"aws,omitempty"`
+	OCI        *OCIUnsealConfig       `json:"oci,omitempty"`
 	Vault      *VaultUnsealConfig     `json:"vault,omitempty"`
 	HSM        *HSMUnsealConfig       `json:"hsm,omitempty"`
 }
@@ -710,6 +712,21 @@ func (usc *UnsealConfig) ToArgs(vault *Vault) []string {
 			"--azure-key-vault-name",
 			usc.Azure.KeyVaultName,
 		)
+	} else if usc.OCI != nil {
+		args = append(args,
+			"--mode",
+			"oci",
+			"--oci-key-ocid",
+			usc.OCI.KeyOCID,
+			"--oci-cryptographic-endpoint",
+			usc.OCI.CryptographicEndpoint,
+			"--oci-bucket-namespace",
+			usc.OCI.BucketNamespace,
+			"--oci-bucket-name",
+			usc.OCI.BucketName,
+			"--oci-bucket-prefix",
+			usc.OCI.BucketPrefix,
+		)
 	} else if usc.AWS != nil {
 		args = append(args,
 			"--mode",
@@ -911,6 +928,15 @@ type AWSUnsealConfig struct {
 	S3SSE                string `json:"s3SSE,omitempty"`
 }
 
+// OCIUnsealConfig holds the parameters for Oracle Cloud Infrastructure based unsealing
+type OCIUnsealConfig struct {
+	KeyOCID               string `json:"keyOCID"`
+	CryptographicEndpoint string `json:"cryptographicEndpoint"`
+	BucketName            string `json:"bucketName"`
+	BucketNamespace       string `json:"bucketNamespace,omitempty"`
+	BucketPrefix          string `json:"bucketPrefix,omitempty"`
+}
+
 // VaultUnsealConfig holds the parameters for remote Vault based unsealing
 type VaultUnsealConfig struct {
 	Address        string `json:"address"`