Skip to content

Commit

Permalink
feat: Add CRD Support for Oracle Cloud Infrastructure (#457)
Browse files Browse the repository at this point in the history
Signed-off-by: Jean-Yves NOLEN <jynolen@gmail.com>
  • Loading branch information
jynolen authored May 2, 2024
1 parent 70921ef commit dce4857
Show file tree
Hide file tree
Showing 5 changed files with 83 additions and 4 deletions.
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -190,7 +190,7 @@ KURUN_VERSION = 0.7.0
CODE_GENERATOR_VERSION = 0.27.1
HELM_DOCS_VERSION = 1.11.0
KUSTOMIZE_VERSION = 5.1.0
CONTROLLER_TOOLS_VERSION = 0.12.1
CONTROLLER_TOOLS_VERSION = 0.15.0

# Dependency binaries
GOLANGCI_LINT_BIN := golangci-lint
Expand Down
19 changes: 18 additions & 1 deletion deploy/charts/vault-operator/crds/crd.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.12.1
controller-gen.kubebuilder.io/version: v0.15.0
name: vaults.vault.banzaicloud.com
spec:
group: vault.banzaicloud.com
Expand Down Expand Up @@ -1264,6 +1264,23 @@ spec:
secretNamespace:
type: string
type: object
oci:
properties:
bucketName:
type: string
bucketNamespace:
type: string
bucketPrefix:
type: string
cryptographicEndpoint:
type: string
keyOCID:
type: string
required:
- bucketName
- cryptographicEndpoint
- keyOCID
type: object
options:
properties:
preFlightChecks:
Expand Down
19 changes: 18 additions & 1 deletion deploy/crd/bases/vault.banzaicloud.com_vaults.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.12.1
controller-gen.kubebuilder.io/version: v0.15.0
name: vaults.vault.banzaicloud.com
spec:
group: vault.banzaicloud.com
Expand Down Expand Up @@ -1264,6 +1264,23 @@ spec:
secretNamespace:
type: string
type: object
oci:
properties:
bucketName:
type: string
bucketNamespace:
type: string
bucketPrefix:
type: string
cryptographicEndpoint:
type: string
keyOCID:
type: string
required:
- bucketName
- cryptographicEndpoint
- keyOCID
type: object
options:
properties:
preFlightChecks:
Expand Down
26 changes: 26 additions & 0 deletions pkg/apis/vault/v1alpha1/vault_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@ var (
"mysql": true,
"postgresql": true,
"raft": true,
"oci": true,
"spanner": true,
"zookeeper": true,
}
Expand Down Expand Up @@ -661,6 +662,7 @@ type UnsealConfig struct {
Alibaba *AlibabaUnsealConfig `json:"alibaba,omitempty"`
Azure *AzureUnsealConfig `json:"azure,omitempty"`
AWS *AWSUnsealConfig `json:"aws,omitempty"`
OCI *OCIUnsealConfig `json:"oci,omitempty"`
Vault *VaultUnsealConfig `json:"vault,omitempty"`
HSM *HSMUnsealConfig `json:"hsm,omitempty"`
}
Expand Down Expand Up @@ -710,6 +712,21 @@ func (usc *UnsealConfig) ToArgs(vault *Vault) []string {
"--azure-key-vault-name",
usc.Azure.KeyVaultName,
)
} else if usc.OCI != nil {
args = append(args,
"--mode",
"oci",
"--oci-key-ocid",
usc.OCI.KeyOCID,
"--oci-cryptographic-endpoint",
usc.OCI.CryptographicEndpoint,
"--oci-bucket-namespace",
usc.OCI.BucketNamespace,
"--oci-bucket-name",
usc.OCI.BucketName,
"--oci-bucket-prefix",
usc.OCI.BucketPrefix,
)
} else if usc.AWS != nil {
args = append(args,
"--mode",
Expand Down Expand Up @@ -911,6 +928,15 @@ type AWSUnsealConfig struct {
S3SSE string `json:"s3SSE,omitempty"`
}

// OCIUnsealConfig holds the parameters for Oracle Cloud Infrastructure based unsealing
type OCIUnsealConfig struct {
KeyOCID string `json:"keyOCID"`
CryptographicEndpoint string `json:"cryptographicEndpoint"`
BucketName string `json:"bucketName"`
BucketNamespace string `json:"bucketNamespace,omitempty"`
BucketPrefix string `json:"bucketPrefix,omitempty"`
}

// VaultUnsealConfig holds the parameters for remote Vault based unsealing
type VaultUnsealConfig struct {
Address string `json:"address"`
Expand Down
21 changes: 20 additions & 1 deletion pkg/apis/vault/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit dce4857

Please # to comment.