Skip to content

Commit

Permalink
Merge pull request #156 from dariozachow/fix/hooksecret-as-reference
Browse files Browse the repository at this point in the history
fix(project/hook)!: hooksecret as reference
  • Loading branch information
janwillies authored Aug 23, 2024
2 parents 4b0dafd + d23132b commit 31c53bc
Show file tree
Hide file tree
Showing 9 changed files with 282 additions and 44 deletions.
3 changes: 1 addition & 2 deletions apis/generate.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,6 @@ limitations under the License.
package apis

import (
_ "sigs.k8s.io/controller-tools/cmd/controller-gen" //nolint:typecheck

_ "github.com/crossplane/crossplane-tools/cmd/angryjet" //nolint:typecheck
_ "sigs.k8s.io/controller-tools/cmd/controller-gen" //nolint:typecheck
)
7 changes: 5 additions & 2 deletions apis/projects/v1alpha1/hook_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -89,8 +89,11 @@ type HookParameters struct {
EnableSSLVerification *bool `json:"enableSslVerification,omitempty"`

// Token is the secret token to validate received payloads.
// +optional
Token *string `json:"token,omitempty"`
Token *Token `json:"token"`
}

type Token struct {
SecretRef *xpv1.SecretKeySelector `json:"secretRef"`
}

// HookObservation represents a project hook.
Expand Down
24 changes: 22 additions & 2 deletions apis/projects/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ require (
go.uber.org/multierr v1.11.0 // indirect
go.uber.org/zap v1.26.0
golang.org/x/mod v0.14.0 // indirect
golang.org/x/net v0.23.0 // indirect
golang.org/x/net v0.23.0
golang.org/x/oauth2 v0.21.0 // indirect
golang.org/x/sys v0.20.0 // indirect
golang.org/x/term v0.18.0 // indirect
Expand Down
24 changes: 23 additions & 1 deletion package/crds/projects.gitlab.crossplane.io_hooks.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -192,14 +192,36 @@ spec:
type: boolean
token:
description: Token is the secret token to validate received payloads.
type: string
properties:
secretRef:
description: A SecretKeySelector is a reference to a secret
key in an arbitrary namespace.
properties:
key:
description: The key to select.
type: string
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- key
- name
- namespace
type: object
required:
- secretRef
type: object
url:
description: URL is the hook URL.
type: string
wikiPageEvents:
description: WikiPageEvents triggers hook on wiki events.
type: boolean
required:
- token
- url
type: object
managementPolicies:
Expand Down
48 changes: 42 additions & 6 deletions pkg/clients/projects/hook.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,13 @@ import (
"strings"

"github.com/google/go-cmp/cmp"
"github.com/pkg/errors"
"github.com/xanzy/go-gitlab"
"golang.org/x/net/context"
v1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/types"
"sigs.k8s.io/controller-runtime/pkg/client"

"github.com/crossplane-contrib/provider-gitlab/apis/projects/v1alpha1"
"github.com/crossplane-contrib/provider-gitlab/pkg/clients"
Expand Down Expand Up @@ -114,7 +119,13 @@ func GenerateHookObservation(hook *gitlab.ProjectHook) v1alpha1.HookObservation
}

// GenerateCreateHookOptions generates project creation options
func GenerateCreateHookOptions(p *v1alpha1.HookParameters) *gitlab.AddProjectHookOptions {
func GenerateCreateHookOptions(p *v1alpha1.HookParameters, client client.Client, ctx context.Context) (*gitlab.AddProjectHookOptions, error) {
token, err := getTokenValueFromSecret(p, client, ctx)

if err != nil {
return nil, err
}

hook := &gitlab.AddProjectHookOptions{
URL: p.URL,
ConfidentialNoteEvents: p.ConfidentialNoteEvents,
Expand All @@ -129,14 +140,39 @@ func GenerateCreateHookOptions(p *v1alpha1.HookParameters) *gitlab.AddProjectHoo
PipelineEvents: p.PipelineEvents,
WikiPageEvents: p.WikiPageEvents,
EnableSSLVerification: p.EnableSSLVerification,
Token: p.Token,
Token: token,
}

return hook
return hook, nil
}

func getTokenValueFromSecret(p *v1alpha1.HookParameters, client client.Client, ctx context.Context) (*string, error) {
secret := &v1.Secret{}

if err := client.Get(ctx, types.NamespacedName{Name: p.Token.SecretRef.Name, Namespace: p.Token.SecretRef.Namespace}, secret); err != nil {
return nil, errors.Wrap(err, "Cannot get referenced Secret")

}

value := secret.Data[p.Token.SecretRef.Key]

if value == nil {
return nil, errors.Errorf("Could not find key %v in the referenced secret", p.Token.SecretRef.Key)
}

data := string(value)

return &data, nil
}

// GenerateEditHookOptions generates project edit options
func GenerateEditHookOptions(p *v1alpha1.HookParameters) *gitlab.EditProjectHookOptions {
func GenerateEditHookOptions(p *v1alpha1.HookParameters, client client.Client, ctx context.Context) (*gitlab.EditProjectHookOptions, error) {
token, err := getTokenValueFromSecret(p, client, ctx)

if err != nil {
return nil, err
}

o := &gitlab.EditProjectHookOptions{
URL: p.URL,
ConfidentialNoteEvents: p.ConfidentialNoteEvents,
Expand All @@ -151,10 +187,10 @@ func GenerateEditHookOptions(p *v1alpha1.HookParameters) *gitlab.EditProjectHook
PipelineEvents: p.PipelineEvents,
WikiPageEvents: p.WikiPageEvents,
EnableSSLVerification: p.EnableSSLVerification,
Token: p.Token,
Token: token,
}

return o
return o, nil
}

// IsHookUpToDate checks whether there is a change in any of the modifiable fields.
Expand Down
Loading

0 comments on commit 31c53bc

Please sign in to comment.