diff --git a/apis/cloudplatform/v1alpha2/zz_generated.deepcopy.go b/apis/cloudplatform/v1alpha2/zz_generated.deepcopy.go index 693cd870..d7b8b825 100644 --- a/apis/cloudplatform/v1alpha2/zz_generated.deepcopy.go +++ b/apis/cloudplatform/v1alpha2/zz_generated.deepcopy.go @@ -21,6 +21,7 @@ limitations under the License. package v1alpha2 import ( + "github.com/crossplane/crossplane-runtime/apis/common/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -51,6 +52,196 @@ func (in *ServiceAccount) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceAccountKey) DeepCopyInto(out *ServiceAccountKey) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceAccountKey. +func (in *ServiceAccountKey) DeepCopy() *ServiceAccountKey { + if in == nil { + return nil + } + out := new(ServiceAccountKey) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ServiceAccountKey) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceAccountKeyList) DeepCopyInto(out *ServiceAccountKeyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ServiceAccountKey, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceAccountKeyList. +func (in *ServiceAccountKeyList) DeepCopy() *ServiceAccountKeyList { + if in == nil { + return nil + } + out := new(ServiceAccountKeyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ServiceAccountKeyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceAccountKeyObservation) DeepCopyInto(out *ServiceAccountKeyObservation) { + *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.PublicKey != nil { + in, out := &in.PublicKey, &out.PublicKey + *out = new(string) + **out = **in + } + if in.ValidAfter != nil { + in, out := &in.ValidAfter, &out.ValidAfter + *out = new(string) + **out = **in + } + if in.ValidBefore != nil { + in, out := &in.ValidBefore, &out.ValidBefore + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceAccountKeyObservation. +func (in *ServiceAccountKeyObservation) DeepCopy() *ServiceAccountKeyObservation { + if in == nil { + return nil + } + out := new(ServiceAccountKeyObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceAccountKeyParameters) DeepCopyInto(out *ServiceAccountKeyParameters) { + *out = *in + if in.Keepers != nil { + in, out := &in.Keepers, &out.Keepers + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.KeyAlgorithm != nil { + in, out := &in.KeyAlgorithm, &out.KeyAlgorithm + *out = new(string) + **out = **in + } + if in.PrivateKeyType != nil { + in, out := &in.PrivateKeyType, &out.PrivateKeyType + *out = new(string) + **out = **in + } + if in.PublicKeyData != nil { + in, out := &in.PublicKeyData, &out.PublicKeyData + *out = new(string) + **out = **in + } + if in.PublicKeyType != nil { + in, out := &in.PublicKeyType, &out.PublicKeyType + *out = new(string) + **out = **in + } + if in.ServiceAccountID != nil { + in, out := &in.ServiceAccountID, &out.ServiceAccountID + *out = new(string) + **out = **in + } + if in.ServiceAccountIDRef != nil { + in, out := &in.ServiceAccountIDRef, &out.ServiceAccountIDRef + *out = new(v1.Reference) + **out = **in + } + if in.ServiceAccountIDSelector != nil { + in, out := &in.ServiceAccountIDSelector, &out.ServiceAccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceAccountKeyParameters. +func (in *ServiceAccountKeyParameters) DeepCopy() *ServiceAccountKeyParameters { + if in == nil { + return nil + } + out := new(ServiceAccountKeyParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceAccountKeySpec) DeepCopyInto(out *ServiceAccountKeySpec) { + *out = *in + in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + in.ForProvider.DeepCopyInto(&out.ForProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceAccountKeySpec. +func (in *ServiceAccountKeySpec) DeepCopy() *ServiceAccountKeySpec { + if in == nil { + return nil + } + out := new(ServiceAccountKeySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceAccountKeyStatus) DeepCopyInto(out *ServiceAccountKeyStatus) { + *out = *in + in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) + in.AtProvider.DeepCopyInto(&out.AtProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceAccountKeyStatus. +func (in *ServiceAccountKeyStatus) DeepCopy() *ServiceAccountKeyStatus { + if in == nil { + return nil + } + out := new(ServiceAccountKeyStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ServiceAccountList) DeepCopyInto(out *ServiceAccountList) { *out = *in diff --git a/apis/cloudplatform/v1alpha2/zz_generated.managed.go b/apis/cloudplatform/v1alpha2/zz_generated.managed.go index 0562cf3a..39c9fd81 100644 --- a/apis/cloudplatform/v1alpha2/zz_generated.managed.go +++ b/apis/cloudplatform/v1alpha2/zz_generated.managed.go @@ -74,3 +74,59 @@ func (mg *ServiceAccount) SetProviderReference(r *xpv1.Reference) { func (mg *ServiceAccount) SetWriteConnectionSecretToReference(r *xpv1.SecretReference) { mg.Spec.WriteConnectionSecretToReference = r } + +// GetCondition of this ServiceAccountKey. +func (mg *ServiceAccountKey) GetCondition(ct xpv1.ConditionType) xpv1.Condition { + return mg.Status.GetCondition(ct) +} + +// GetDeletionPolicy of this ServiceAccountKey. +func (mg *ServiceAccountKey) GetDeletionPolicy() xpv1.DeletionPolicy { + return mg.Spec.DeletionPolicy +} + +// GetProviderConfigReference of this ServiceAccountKey. +func (mg *ServiceAccountKey) GetProviderConfigReference() *xpv1.Reference { + return mg.Spec.ProviderConfigReference +} + +/* +GetProviderReference of this ServiceAccountKey. +Deprecated: Use GetProviderConfigReference. +*/ +func (mg *ServiceAccountKey) GetProviderReference() *xpv1.Reference { + return mg.Spec.ProviderReference +} + +// GetWriteConnectionSecretToReference of this ServiceAccountKey. +func (mg *ServiceAccountKey) GetWriteConnectionSecretToReference() *xpv1.SecretReference { + return mg.Spec.WriteConnectionSecretToReference +} + +// SetConditions of this ServiceAccountKey. +func (mg *ServiceAccountKey) SetConditions(c ...xpv1.Condition) { + mg.Status.SetConditions(c...) +} + +// SetDeletionPolicy of this ServiceAccountKey. +func (mg *ServiceAccountKey) SetDeletionPolicy(r xpv1.DeletionPolicy) { + mg.Spec.DeletionPolicy = r +} + +// SetProviderConfigReference of this ServiceAccountKey. +func (mg *ServiceAccountKey) SetProviderConfigReference(r *xpv1.Reference) { + mg.Spec.ProviderConfigReference = r +} + +/* +SetProviderReference of this ServiceAccountKey. +Deprecated: Use SetProviderConfigReference. +*/ +func (mg *ServiceAccountKey) SetProviderReference(r *xpv1.Reference) { + mg.Spec.ProviderReference = r +} + +// SetWriteConnectionSecretToReference of this ServiceAccountKey. +func (mg *ServiceAccountKey) SetWriteConnectionSecretToReference(r *xpv1.SecretReference) { + mg.Spec.WriteConnectionSecretToReference = r +} diff --git a/apis/cloudplatform/v1alpha2/zz_generated.managedlist.go b/apis/cloudplatform/v1alpha2/zz_generated.managedlist.go index ac9ce9dd..1a93ce30 100644 --- a/apis/cloudplatform/v1alpha2/zz_generated.managedlist.go +++ b/apis/cloudplatform/v1alpha2/zz_generated.managedlist.go @@ -19,6 +19,15 @@ package v1alpha2 import resource "github.com/crossplane/crossplane-runtime/pkg/resource" +// GetItems of this ServiceAccountKeyList. +func (l *ServiceAccountKeyList) GetItems() []resource.Managed { + items := make([]resource.Managed, len(l.Items)) + for i := range l.Items { + items[i] = &l.Items[i] + } + return items +} + // GetItems of this ServiceAccountList. func (l *ServiceAccountList) GetItems() []resource.Managed { items := make([]resource.Managed, len(l.Items)) diff --git a/apis/cloudplatform/v1alpha2/zz_generated.resolvers.go b/apis/cloudplatform/v1alpha2/zz_generated.resolvers.go new file mode 100644 index 00000000..929f0b95 --- /dev/null +++ b/apis/cloudplatform/v1alpha2/zz_generated.resolvers.go @@ -0,0 +1,52 @@ +/* +Copyright 2021 The Crossplane Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +// Code generated by angryjet. DO NOT EDIT. + +package v1alpha2 + +import ( + "context" + common "github.com/crossplane-contrib/provider-jet-gcp/config/common" + reference "github.com/crossplane/crossplane-runtime/pkg/reference" + errors "github.com/pkg/errors" + client "sigs.k8s.io/controller-runtime/pkg/client" +) + +// ResolveReferences of this ServiceAccountKey. +func (mg *ServiceAccountKey) ResolveReferences(ctx context.Context, c client.Reader) error { + r := reference.NewAPIResolver(c, mg) + + var rsp reference.ResolutionResponse + var err error + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.ForProvider.ServiceAccountID), + Extract: common.ExtractResourceID(), + Reference: mg.Spec.ForProvider.ServiceAccountIDRef, + Selector: mg.Spec.ForProvider.ServiceAccountIDSelector, + To: reference.To{ + List: &ServiceAccountList{}, + Managed: &ServiceAccount{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.ServiceAccountID") + } + mg.Spec.ForProvider.ServiceAccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.ForProvider.ServiceAccountIDRef = rsp.ResolvedReference + + return nil +} diff --git a/apis/cloudplatform/v1alpha2/zz_serviceaccountkey_terraformed.go b/apis/cloudplatform/v1alpha2/zz_serviceaccountkey_terraformed.go new file mode 100755 index 00000000..7adf0c4d --- /dev/null +++ b/apis/cloudplatform/v1alpha2/zz_serviceaccountkey_terraformed.go @@ -0,0 +1,100 @@ +/* +Copyright 2021 The Crossplane Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by terrajet. DO NOT EDIT. + +package v1alpha2 + +import ( + "github.com/pkg/errors" + + "github.com/crossplane/terrajet/pkg/resource" + "github.com/crossplane/terrajet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this ServiceAccountKey +func (mg *ServiceAccountKey) GetTerraformResourceType() string { + return "google_service_account_key" +} + +// GetConnectionDetailsMapping for this ServiceAccountKey +func (tr *ServiceAccountKey) GetConnectionDetailsMapping() map[string]string { + return map[string]string{"private_key": "status.atProvider.privateKey"} +} + +// GetObservation of this ServiceAccountKey +func (tr *ServiceAccountKey) GetObservation() (map[string]interface{}, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]interface{}{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this ServiceAccountKey +func (tr *ServiceAccountKey) SetObservation(obs map[string]interface{}) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this ServiceAccountKey +func (tr *ServiceAccountKey) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this ServiceAccountKey +func (tr *ServiceAccountKey) GetParameters() (map[string]interface{}, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]interface{}{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this ServiceAccountKey +func (tr *ServiceAccountKey) SetParameters(params map[string]interface{}) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// LateInitialize this ServiceAccountKey using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *ServiceAccountKey) LateInitialize(attrs []byte) (bool, error) { + params := &ServiceAccountKeyParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *ServiceAccountKey) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/cloudplatform/v1alpha2/zz_serviceaccountkey_types.go b/apis/cloudplatform/v1alpha2/zz_serviceaccountkey_types.go new file mode 100755 index 00000000..ee8be9a1 --- /dev/null +++ b/apis/cloudplatform/v1alpha2/zz_serviceaccountkey_types.go @@ -0,0 +1,120 @@ +/* +Copyright 2021 The Crossplane Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by terrajet. DO NOT EDIT. + +package v1alpha2 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime/schema" + + v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" +) + +type ServiceAccountKeyObservation struct { + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + PublicKey *string `json:"publicKey,omitempty" tf:"public_key,omitempty"` + + ValidAfter *string `json:"validAfter,omitempty" tf:"valid_after,omitempty"` + + ValidBefore *string `json:"validBefore,omitempty" tf:"valid_before,omitempty"` +} + +type ServiceAccountKeyParameters struct { + + // Arbitrary map of values that, when changed, will trigger recreation of resource. + // +kubebuilder:validation:Optional + Keepers map[string]string `json:"keepers,omitempty" tf:"keepers,omitempty"` + + // The algorithm used to generate the key, used only on create. KEY_ALG_RSA_2048 is the default algorithm. Valid values are: "KEY_ALG_RSA_1024", "KEY_ALG_RSA_2048". + // +kubebuilder:validation:Optional + KeyAlgorithm *string `json:"keyAlgorithm,omitempty" tf:"key_algorithm,omitempty"` + + // +kubebuilder:validation:Optional + PrivateKeyType *string `json:"privateKeyType,omitempty" tf:"private_key_type,omitempty"` + + // A field that allows clients to upload their own public key. If set, use this public key data to create a service account key for given service account. Please note, the expected format for this field is a base64 encoded X509_PEM. + // +kubebuilder:validation:Optional + PublicKeyData *string `json:"publicKeyData,omitempty" tf:"public_key_data,omitempty"` + + // +kubebuilder:validation:Optional + PublicKeyType *string `json:"publicKeyType,omitempty" tf:"public_key_type,omitempty"` + + // The ID of the parent service account of the key. This can be a string in the format {ACCOUNT} or projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}, where {ACCOUNT} is the email address or unique id of the service account. If the {ACCOUNT} syntax is used, the project will be inferred from the provider's configuration. + // +crossplane:generate:reference:type=ServiceAccount + // +crossplane:generate:reference:extractor=github.com/crossplane-contrib/provider-jet-gcp/config/common.ExtractResourceID() + // +kubebuilder:validation:Optional + ServiceAccountID *string `json:"serviceAccountId,omitempty" tf:"service_account_id,omitempty"` + + // +kubebuilder:validation:Optional + ServiceAccountIDRef *v1.Reference `json:"serviceAccountIdRef,omitempty" tf:"-"` + + // +kubebuilder:validation:Optional + ServiceAccountIDSelector *v1.Selector `json:"serviceAccountIdSelector,omitempty" tf:"-"` +} + +// ServiceAccountKeySpec defines the desired state of ServiceAccountKey +type ServiceAccountKeySpec struct { + v1.ResourceSpec `json:",inline"` + ForProvider ServiceAccountKeyParameters `json:"forProvider"` +} + +// ServiceAccountKeyStatus defines the observed state of ServiceAccountKey. +type ServiceAccountKeyStatus struct { + v1.ResourceStatus `json:",inline"` + AtProvider ServiceAccountKeyObservation `json:"atProvider,omitempty"` +} + +// +kubebuilder:object:root=true + +// ServiceAccountKey is the Schema for the ServiceAccountKeys API +// +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +// +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +// +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +// +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +// +kubebuilder:subresource:status +// +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,gcpjet} +type ServiceAccountKey struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + Spec ServiceAccountKeySpec `json:"spec"` + Status ServiceAccountKeyStatus `json:"status,omitempty"` +} + +// +kubebuilder:object:root=true + +// ServiceAccountKeyList contains a list of ServiceAccountKeys +type ServiceAccountKeyList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []ServiceAccountKey `json:"items"` +} + +// Repository type metadata. +var ( + ServiceAccountKey_Kind = "ServiceAccountKey" + ServiceAccountKey_GroupKind = schema.GroupKind{Group: CRDGroup, Kind: ServiceAccountKey_Kind}.String() + ServiceAccountKey_KindAPIVersion = ServiceAccountKey_Kind + "." + CRDGroupVersion.String() + ServiceAccountKey_GroupVersionKind = CRDGroupVersion.WithKind(ServiceAccountKey_Kind) +) + +func init() { + SchemeBuilder.Register(&ServiceAccountKey{}, &ServiceAccountKeyList{}) +} diff --git a/config/cloudplatform/config.go b/config/cloudplatform/config.go index e1a05968..3aed9670 100644 --- a/config/cloudplatform/config.go +++ b/config/cloudplatform/config.go @@ -1,6 +1,9 @@ package cloudplatform import ( + "context" + "fmt" + "github.com/crossplane/terrajet/pkg/config" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -21,17 +24,33 @@ func Configure(p *config.Provider) { // map where elements configured as nil, but needs to be String: r.TerraformResource. Schema["keepers"].Elem = schema.TypeString + + r.References["service_account_id"] = config.Reference{ + Type: "ServiceAccount", + Extractor: common.ExtractResourceIDFuncPath, + } }) p.AddResourceConfigurator("google_service_account", func(r *config.Resource) { r.Version = common.VersionV1alpha2 r.Kind = "ServiceAccount" - r.ExternalName = config.ExternalName{ - SetIdentifierArgumentFn: func(base map[string]interface{}, name string) { - base["account_id"] = name - }, - OmittedFields: []string{"account_id"}, - GetExternalNameFn: config.IDAsExternalName, - GetIDFn: config.ExternalNameAsID, + r.ExternalName = config.NameAsIdentifier + r.ExternalName.SetIdentifierArgumentFn = func(base map[string]interface{}, externalName string) { + base["account_id"] = externalName + } + r.ExternalName.OmittedFields = []string{"account_id"} + r.ExternalName.GetExternalNameFn = func(tfstate map[string]interface{}) (string, error) { + id, err := common.GetField(tfstate, "account_id") + if err != nil { + return "", err + } + return id, nil + } + r.ExternalName.GetIDFn = func(ctx context.Context, externalName string, parameters map[string]interface{}, providerConfig map[string]interface{}) (string, error) { + project, err := common.GetField(providerConfig, common.KeyProject) + if err != nil { + return "", err + } + return fmt.Sprintf("projects/%s/serviceAccounts/%s@%s.iam.gserviceaccount.com", project, externalName, project), nil } }) } diff --git a/config/provider.go b/config/provider.go index d73e968c..fd468ec9 100644 --- a/config/provider.go +++ b/config/provider.go @@ -59,6 +59,7 @@ var includeList = []string{ // CloudPlatform "google_service_account$", + "google_service_account_key$", // Sql "google_sql_.+", diff --git a/examples/cloudplatform/serviceaccount.yaml b/examples/cloudplatform/serviceaccount.yaml index e32d8e7f..c83977da 100644 --- a/examples/cloudplatform/serviceaccount.yaml +++ b/examples/cloudplatform/serviceaccount.yaml @@ -4,4 +4,4 @@ metadata: name: example-service-account spec: forProvider: - displayName: Service Account + displayName: Crossplane Example Service Account diff --git a/examples/cloudplatform/serviceaccountkey.yaml b/examples/cloudplatform/serviceaccountkey.yaml new file mode 100644 index 00000000..34459f5b --- /dev/null +++ b/examples/cloudplatform/serviceaccountkey.yaml @@ -0,0 +1,12 @@ +apiVersion: cloudplatform.gcp.jet.crossplane.io/v1alpha2 +kind: ServiceAccountKey +metadata: + name: example-service-account-key +spec: + forProvider: + serviceAccountIdRef: + name: example-service-account + publicKeyType: TYPE_X509_PEM_FILE + writeConnectionSecretToRef: + name: example-service-account-key-secret + namespace: crossplane-system diff --git a/internal/controller/cloudplatform/serviceaccountkey/zz_controller.go b/internal/controller/cloudplatform/serviceaccountkey/zz_controller.go new file mode 100755 index 00000000..169fed6e --- /dev/null +++ b/internal/controller/cloudplatform/serviceaccountkey/zz_controller.go @@ -0,0 +1,58 @@ +/* +Copyright 2021 The Crossplane Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by terrajet. DO NOT EDIT. + +package serviceaccountkey + +import ( + "time" + + "k8s.io/client-go/util/workqueue" + ctrl "sigs.k8s.io/controller-runtime" + + "github.com/crossplane/crossplane-runtime/pkg/event" + "github.com/crossplane/crossplane-runtime/pkg/logging" + "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" + xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" + "sigs.k8s.io/controller-runtime/pkg/controller" + + tjconfig "github.com/crossplane/terrajet/pkg/config" + tjcontroller "github.com/crossplane/terrajet/pkg/controller" + "github.com/crossplane/terrajet/pkg/terraform" + + v1alpha2 "github.com/crossplane-contrib/provider-jet-gcp/apis/cloudplatform/v1alpha2" +) + +// Setup adds a controller that reconciles ServiceAccountKey managed resources. +func Setup(mgr ctrl.Manager, l logging.Logger, rl workqueue.RateLimiter, s terraform.SetupFn, ws *terraform.WorkspaceStore, cfg *tjconfig.Provider, concurrency int) error { + name := managed.ControllerName(v1alpha2.ServiceAccountKey_GroupVersionKind.String()) + r := managed.NewReconciler(mgr, + xpresource.ManagedKind(v1alpha2.ServiceAccountKey_GroupVersionKind), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), ws, s, cfg.Resources["google_service_account_key"])), + managed.WithLogger(l.WithValues("controller", name)), + managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), + managed.WithFinalizer(terraform.NewWorkspaceFinalizer(ws, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), + managed.WithTimeout(3*time.Minute), + managed.WithInitializers(), + ) + + return ctrl.NewControllerManagedBy(mgr). + Named(name). + WithOptions(controller.Options{RateLimiter: rl, MaxConcurrentReconciles: concurrency}). + For(&v1alpha2.ServiceAccountKey{}). + Complete(r) +} diff --git a/internal/controller/zz_setup.go b/internal/controller/zz_setup.go index 10ec282c..28607409 100755 --- a/internal/controller/zz_setup.go +++ b/internal/controller/zz_setup.go @@ -26,6 +26,7 @@ import ( "github.com/crossplane/terrajet/pkg/terraform" serviceaccount "github.com/crossplane-contrib/provider-jet-gcp/internal/controller/cloudplatform/serviceaccount" + serviceaccountkey "github.com/crossplane-contrib/provider-jet-gcp/internal/controller/cloudplatform/serviceaccountkey" address "github.com/crossplane-contrib/provider-jet-gcp/internal/controller/compute/address" firewall "github.com/crossplane-contrib/provider-jet-gcp/internal/controller/compute/firewall" instance "github.com/crossplane-contrib/provider-jet-gcp/internal/controller/compute/instance" @@ -53,6 +54,7 @@ import ( func Setup(mgr ctrl.Manager, l logging.Logger, wl workqueue.RateLimiter, ps terraform.SetupFn, ws *terraform.WorkspaceStore, cfg *tjconfig.Provider, concurrency int) error { for _, setup := range []func(ctrl.Manager, logging.Logger, workqueue.RateLimiter, terraform.SetupFn, *terraform.WorkspaceStore, *tjconfig.Provider, int) error{ serviceaccount.Setup, + serviceaccountkey.Setup, address.Setup, firewall.Setup, instance.Setup, diff --git a/package/crds/cloudplatform.gcp.jet.crossplane.io_serviceaccountkeys.yaml b/package/crds/cloudplatform.gcp.jet.crossplane.io_serviceaccountkeys.yaml new file mode 100644 index 00000000..75b8817b --- /dev/null +++ b/package/crds/cloudplatform.gcp.jet.crossplane.io_serviceaccountkeys.yaml @@ -0,0 +1,223 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: serviceaccountkeys.cloudplatform.gcp.jet.crossplane.io +spec: + group: cloudplatform.gcp.jet.crossplane.io + names: + categories: + - crossplane + - managed + - gcpjet + kind: ServiceAccountKey + listKind: ServiceAccountKeyList + plural: serviceaccountkeys + singular: serviceaccountkey + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNCED + type: string + - jsonPath: .metadata.annotations.crossplane\.io/external-name + name: EXTERNAL-NAME + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha2 + schema: + openAPIV3Schema: + description: ServiceAccountKey is the Schema for the ServiceAccountKeys API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ServiceAccountKeySpec defines the desired state of ServiceAccountKey + properties: + deletionPolicy: + default: Delete + description: DeletionPolicy specifies what will happen to the underlying + external when this managed resource is deleted - either "Delete" + or "Orphan" the external resource. + enum: + - Orphan + - Delete + type: string + forProvider: + properties: + keepers: + additionalProperties: + type: string + description: Arbitrary map of values that, when changed, will + trigger recreation of resource. + type: object + keyAlgorithm: + description: 'The algorithm used to generate the key, used only + on create. KEY_ALG_RSA_2048 is the default algorithm. Valid + values are: "KEY_ALG_RSA_1024", "KEY_ALG_RSA_2048".' + type: string + privateKeyType: + type: string + publicKeyData: + description: A field that allows clients to upload their own public + key. If set, use this public key data to create a service account + key for given service account. Please note, the expected format + for this field is a base64 encoded X509_PEM. + type: string + publicKeyType: + type: string + serviceAccountId: + description: The ID of the parent service account of the key. + This can be a string in the format {ACCOUNT} or projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}, + where {ACCOUNT} is the email address or unique id of the service + account. If the {ACCOUNT} syntax is used, the project will be + inferred from the provider's configuration. + type: string + serviceAccountIdRef: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + required: + - name + type: object + serviceAccountIdSelector: + description: A Selector selects an object. + properties: + matchControllerRef: + description: MatchControllerRef ensures an object with the + same controller reference as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + type: object + type: object + providerConfigRef: + default: + name: default + description: ProviderConfigReference specifies how the provider that + will be used to create, observe, update, and delete this managed + resource should be configured. + properties: + name: + description: Name of the referenced object. + type: string + required: + - name + type: object + providerRef: + description: 'ProviderReference specifies the provider that will be + used to create, observe, update, and delete this managed resource. + Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + properties: + name: + description: Name of the referenced object. + type: string + required: + - name + type: object + writeConnectionSecretToRef: + description: WriteConnectionSecretToReference specifies the namespace + and name of a Secret to which any connection details for this managed + resource should be written. Connection details frequently include + the endpoint, username, and password required to connect to the + managed resource. + properties: + name: + description: Name of the secret. + type: string + namespace: + description: Namespace of the secret. + type: string + required: + - name + - namespace + type: object + required: + - forProvider + type: object + status: + description: ServiceAccountKeyStatus defines the observed state of ServiceAccountKey. + properties: + atProvider: + properties: + id: + type: string + name: + type: string + publicKey: + type: string + validAfter: + type: string + validBefore: + type: string + type: object + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: LastTransitionTime is the last time this condition + transitioned from one status to another. + format: date-time + type: string + message: + description: A Message containing details about this condition's + last transition from one status to another, if any. + type: string + reason: + description: A Reason for this condition's last transition from + one status to another. + type: string + status: + description: Status of this condition; is it currently True, + False, or Unknown? + type: string + type: + description: Type of this condition. At most one of each condition + type may apply to a resource at any point in time. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: []