Make dns names optional, misc cleanup

support/k8s/k8s-workload-registrar/mode-crd/api/spiffeid/v1beta1/spiffeid_types.go

@@ -31,12 +31,12 @@ type Selector struct {
 	Namespace string `json:"namespace,omitempty"`
 	// ServiceAccount to match for this spiffe ID
 	ServiceAccount string `json:"serviceAccount,omitempty"`
-	// ContainerImage to match
+	// ContainerImage to match for this spiffe ID
 	ContainerImage string `json:"containerImage,omitempty"`
-	// ContainerName to match
+	// ContainerName to match for this spiffe ID
 	ContainerName string `json:"containerName,omitempty"`
-	// NodeName to match
-	NodeName string `json:"NodeName,omitempty"`
+	// NodeName to match for this spiffe ID
+	NodeName string `json:"nodeName,omitempty"`
 	// Arbitrary k8s selectors
 	Arbitrary []string `json:"arbitrary,omitempty"`
 }
@@ -46,7 +46,7 @@ type SpiffeIDSpec struct {
 	ParentId string   `json:"parentId"`
 	SpiffeId string   `json:"spiffeId"`
 	Selector Selector `json:"selector"`
-	DnsNames []string `json:"dnsNames"`
+	DnsNames []string `json:"dnsNames,omitempty"`
 }
 
 // SpiffeIDStatus defines the observed state of SpiffeID

support/k8s/k8s-workload-registrar/mode-crd/config/spiffeid.spiffe.io_spiffeids.yaml

@@ -19,7 +19,7 @@ spec:
     status: {}
   validation:
     openAPIV3Schema:
-      description: SpiffeID is the Schema for the spireentries API
+      description: SpiffeID is the Schema for the spiffeid API
       properties:
         apiVersion:
           description: 'APIVersion defines the versioned schema of this representation
@@ -40,16 +40,27 @@ spec:
               items:
                 type: string
               type: array
+            parentId:
+              type: string
             selector:
               properties:
                 arbitrary:
                   description: Arbitrary selectors
                   items:
                     type: string
                   type: array
+                containerImage:
+                  description: Container image to match for this spiffe ID
+                  type: string
+                containerName:
+                  description: Container name to match for this spiffe ID
+                  type: string
                 namespace:
                   description: Namespace to match for this spiffe ID
                   type: string
+                nodeName:
+                  description: Node name to match for this spiffe ID
+                  type: string
                 podLabel:
                   additionalProperties:
                     type: string
@@ -68,7 +79,7 @@ spec:
             spiffeId:
               type: string
           required:
-          - dnsNames
+          - parentId
           - selector
           - spiffeId
           type: object

support/k8s/k8s-workload-registrar/mode-crd/controllers/spiffeid_controller.go

@@ -70,7 +70,10 @@ func (r *SpiffeIDReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) {
 
 	if err := r.Get(ctx, req.NamespacedName, &spiffeID); err != nil {
 		if !k8serrors.IsNotFound(err) {
-			r.c.Log.WithError(err).Error("Unable to fetch SpiffeID CRD")
+			r.c.Log.WithFields(logrus.Fields{
+				"name":      spiffeID.Name,
+				"namespace": spiffeID.Namespace,
+			}).WithError(err).Error("Unable to fetch SpiffeID resource")
 			return ctrl.Result{}, err
 		}
 
@@ -83,6 +86,10 @@ func (r *SpiffeIDReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) {
 		if !containsString(spiffeID.GetFinalizers(), myFinalizerName) {
 			spiffeID.SetFinalizers(append(spiffeID.GetFinalizers(), myFinalizerName))
 			if err := r.Update(ctx, &spiffeID); err != nil {
+				r.c.Log.WithFields(logrus.Fields{
+					"name":      spiffeID.Name,
+					"namespace": spiffeID.Namespace,
+				}).WithError(err).Error("Unable to update finalizer list")
 				return ctrl.Result{}, err
 			}
 		}