Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Go client and CRD definition for ComputeSSLCertificate are inconsistent #803

Open
pantheon-chris opened this issue Apr 22, 2023 · 0 comments
Open

Go client and CRD definition for ComputeSSLCertificate are inconsistent #803

pantheon-chris opened this issue Apr 22, 2023 · 0 comments
Labels
bug Something isn't working

Comments

@pantheon-chris
Copy link

pantheon-chris commented Apr 22, 2023
edited
Loading

Bug Description

Looks like a similar bug exists (SQLUser) for this ComputeSSLCertificate resource where the v1alpha1.ResourceRef type doesn’t align with the CRD (spec schema)

        spec:
          properties:
            certificate:
              description: |-
                Immutable. The certificate in PEM format.
                The certificate chain must be no greater than 5 certs long.
                The chain must include at least one intermediate cert.
              oneOf:
                - not:
                    required:
                      - valueFrom
                  required:
                    - value
                - not:
                    required:
                      - value
                  required:
                    - valueFrom
              properties:
                value:
                  description: Value of the field. Cannot be used if 'valueFrom' is specified.
                  type: string
                valueFrom:
                  description: Source for the field's value. Cannot be used if 'value' is specified.
                  properties:
                    secretKeyRef:
                      description: Reference to a value with the given key in the given Secret in the resource's namespace.
                      properties:
                        key:
                          description: Key that identifies the value to be extracted.
                          type: string
                        name:
                          description: Name of the Secret to extract a value from.
                          type: string
                      required:
                        - key
                        - name
                      type: object
                  type: object
              type: object
            description:
              description: Immutable. An optional description of this resource.
              type: string
            location:
              description: 'Location represents the geographical location of the ComputeSSLCertificate. Specify a region name or "global" for global resources. Reference: GCP definition of regions/zones (https://cloud.google.com/compute/docs/regions-zones/)'
              type: string
            privateKey:
              description: Immutable. The write-only private key in PEM format.
              oneOf:
                - not:
                    required:
                      - valueFrom
                  required:
                    - value
                - not:
                    required:
                      - value
                  required:
                    - valueFrom
              properties:
                value:
                  description: Value of the field. Cannot be used if 'valueFrom' is specified.
                  type: string
                valueFrom:
                  description: Source for the field's value. Cannot be used if 'value' is specified.
                  properties:
                    secretKeyRef:
                      description: Reference to a value with the given key in the given Secret in the resource's namespace.
                      properties:
                        key:
                          description: Key that identifies the value to be extracted.
                          type: string
                        name:
                          description: Name of the Secret to extract a value from.
                          type: string
                      required:
                        - key
                        - name
                      type: object
                  type: object
              type: object

Additional Diagnostic Information

n/a

Kubernetes Cluster Version

v1.24.10-gke.2300

Config Connector Version

1.95.0

Config Connector Mode

namespaced mode (default)

Log Output

ERROR   failed to create ComputeSSLCertificate "example-certificate". ComputeSSLCertificate.compute.cnrm.cloud.google.com "example-certificate" is invalid: [spec.certificate.valueFrom.secretKeyRef.key: Required value, spec.privateKey.valueFrom.secretKeyRef.key: Required value]

Steps to reproduce the issue

Use the "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/clients/generated/apis/compute/v1beta1" and "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/clients/generated/apis/k8s/v1alpha1" libraries to generate a ComputeSSLCertificate kube object and explore the nested structs (Example: SslCertificateValueFrom).

YAML snippets

No response
@pantheon-chris pantheon-chris added the bug Something isn't working label Apr 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pantheon-chris