chore: Handle secrets on spec (#47)

gonzalezzfelipe · web-flow · commit 1eb8f15d76c4 · 2024-08-09T18:35:21.000-03:00
diff --git a/bootstrap/crds/main.tf b/bootstrap/crds/main.tf
@@ -53,10 +53,18 @@ resource "kubernetes_manifest" "customresourcedefinition_dbsyncports_demeter_run
                     "network" = {
                       "type" = "string"
                     }
+                    "password" = {
+                      "nullable" = true
+                      "type" = "string"
+                    }
                     "throughputTier" = {
                       "nullable" = true
                       "type" = "string"
                     }
+                    "username" = {
+                      "nullable" = true
+                      "type" = "string"
+                    }
                   }
                   "required" = [
                     "network",
diff --git a/operator/src/controller.rs b/operator/src/controller.rs
@@ -42,16 +42,27 @@ pub static DB_SYNC_PORT_FINALIZER: &str = "dbsyncports.demeter.run";
 pub struct DbSyncPortSpec {
     pub network: String,
     pub throughput_tier: Option<String>,
+    pub username: Option<String>,
+    pub password: Option<String>,
 }
 #[derive(Deserialize, Serialize, Clone, Debug, JsonSchema)]
 pub struct DbSyncPortStatus {
     pub username: String,
     pub password: String,
 }
 impl DbSyncPortStatus {
-    pub async fn try_new(name: &str, ns: &str) -> Result<Self, Error> {
-        let username = gen_username_hash(&format!("{name}.{ns}")).await?;
-        let password = Alphanumeric.sample_string(&mut rand::thread_rng(), 16);
+    pub async fn try_new(port: &DbSyncPort) -> Result<Self, Error> {
+        let ns = port.namespace().unwrap();
+        let name = port.name_any();
+
+        let username = match &port.spec.username {
+            Some(username) => username.clone(),
+            None => gen_username_hash(&format!("{name}.{ns}")).await?,
+        };
+        let password = match &port.spec.password {
+            Some(password) => password.clone(),
+            None => Alphanumeric.sample_string(&mut rand::thread_rng(), 16),
+        };
 
         Ok(Self { username, password })
     }
@@ -71,7 +82,7 @@ impl DbSyncPort {
         let status = self
             .status
             .clone()
-            .unwrap_or(DbSyncPortStatus::try_new(&name, &ns).await?);
+            .unwrap_or(DbSyncPortStatus::try_new(self).await?);
 
         if self.status.is_none() {
             let payload = json!({ "status": status });

Original file line number	Diff line number	Diff line change
`@@ -53,10 +53,18 @@ resource "kubernetes_manifest" "customresourcedefinition_dbsyncports_demeter_run`
`53`	`53`	`"network" = {`
`54`	`54`	`"type" = "string"`
`55`	`55`	`}`
	`56`	`+ "password" = {`
	`57`	`+ "nullable" = true`
	`58`	`+ "type" = "string"`
	`59`	`+ }`
`56`	`60`	`"throughputTier" = {`
`57`	`61`	`"nullable" = true`
`58`	`62`	`"type" = "string"`
`59`	`63`	`}`
	`64`	`+ "username" = {`
	`65`	`+ "nullable" = true`
	`66`	`+ "type" = "string"`
	`67`	`+ }`
`60`	`68`	`}`
`61`	`69`	`"required" = [`
`62`	`70`	`"network",`