Add secret scopes

redpanda-data · Nov 27, 2024 · 0123b37 · 0123b37
1 parent f888ad1
commit 0123b37
Show file tree

Hide file tree

Showing 5 changed files with 24 additions and 0 deletions.
diff --git a/operator/api/vectorized/v1alpha1/console_enterprise_types.go b/operator/api/vectorized/v1alpha1/console_enterprise_types.go
@@ -179,6 +179,8 @@ type SecretStore struct {
 	GCPSecretManager *SecretManagerGCP        `json:"gcpSecretManager,omitempty"`
 	AWSSecretManager *SecretManagerAWS        `json:"awsSecretManager,omitempty"`
 	KafkaConnect     *SecretStoreKafkaConnect `json:"kafkaConnect,omitempty"`
+	// Scopes is a list of supported secret scopes
+	Scopes []string `json:"scopes,omitempty"`
 }
 
 // SecretManagerGCP is the configuration object for using Google Cloud's secret manager.

diff --git a/operator/api/vectorized/v1alpha1/zz_generated.deepcopy.go b/operator/api/vectorized/v1alpha1/zz_generated.deepcopy.go
diff --git a/operator/config/crd/bases/redpanda.vectorized.io_consoles.yaml b/operator/config/crd/bases/redpanda.vectorized.io_consoles.yaml
@@ -896,6 +896,11 @@ spec:
                     - clusters
                     - enabled
                     type: object
+                  scopes:
+                    description: Scopes is a list of supported secret scopes
+                    items:
+                      type: string
+                    type: array
                   secretNamePrefix:
                     description: |-
                       SecretNamePrefix is the prefix that shall be used for each secret name

diff --git a/operator/pkg/console/configmap.go b/operator/pkg/console/configmap.go
@@ -432,12 +432,19 @@ func (cm *ConfigMap) genSecretStore() EnterpriseSecretStore {
 			})
 		}
 	}
+	s := EnterpriseSecretStoreScopes{}
+	if ss.Scopes != nil {
+		s = EnterpriseSecretStoreScopes{
+			Scopes: ss.Scopes,
+		}
+	}
 	return EnterpriseSecretStore{
 		Enabled:          ss.Enabled,
 		SecretNamePrefix: ss.SecretNamePrefix,
 		GCPSecretManager: smGCP,
 		AWSSecretManager: smAWS,
 		KafkaConnect:     kc,
+		Scopes:           s,
 	}
 }
 

diff --git a/operator/pkg/console/console.go b/operator/pkg/console/console.go
@@ -165,6 +165,7 @@ type EnterpriseSecretStore struct {
 	GCPSecretManager EnterpriseSecretManagerGCP        `json:"gcpSecretManager" yaml:"gcpSecretManager"`
 	AWSSecretManager EnterpriseSecretManagerAWS        `json:"awsSecretManager" yaml:"awsSecretManager"`
 	KafkaConnect     EnterpriseSecretStoreKafkaConnect `json:"kafkaConnect" yaml:"kafkaConnect"`
+	Scopes           EnterpriseSecretStoreScopes       `json:"scopes" yaml:"scopes"`
 }
 
 type EnterpriseSecretManagerGCP struct {
@@ -186,6 +187,10 @@ type EnterpriseSecretStoreKafkaConnect struct {
 	Clusters []EnterpriseSecretStoreKafkaConnectCluster `json:"clusters" yaml:"clusters"`
 }
 
+type EnterpriseSecretStoreScopes struct {
+	Scopes []string `json:"scopes" yaml:"scopes"`
+}
+
 type EnterpriseSecretStoreKafkaConnectCluster struct {
 	Name                   string `json:"name" yaml:"name"`
 	SecretNamePrefixAppend string `json:"secretNamePrefixAppend" yaml:"secretNamePrefixAppend"`