Skip to content

Commit

Permalink
Add TLS Support to barbican operator
Browse files Browse the repository at this point in the history
  • Loading branch information
@vakwetu
vakwetu committed Dec 13, 2023
1 parent 3b1359a commit f3ee181
Show file tree
Hide file tree
Showing 34 changed files with 817 additions and 149 deletions.
33 changes: 33 additions & 0 deletions api/bases/barbican.openstack.org_barbicanapis.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -380,6 +380,39 @@ spec:
simpleCryptoBackendKEKSecret:
description: Secret containing SimpleCrypto KEK
type: string
tls:
description: TLS - Parameters related to the TLS
properties:
api:
description: API tls type which encapsulates for API services
properties:
disabled:
description: Disabled TLS for the deployment of the service
type: boolean
internal:
description: Internal GenericService - holds the secret for
the internal endpoint
properties:
secretName:
description: SecretName - holding the cert, key for the
service
type: string
type: object
public:
description: Public GenericService - holds the secret for
the public endpoint
properties:
secretName:
description: SecretName - holding the cert, key for the
service
type: string
type: object
type: object
caBundleSecretName:
description: CaBundleSecretName - holding the CA certs in a pre-created
bundle file
type: string
type: object
transportURLSecret:
description: TransportURLSecret - Secret containing RabbitMQ transportURL
type: string
Expand Down
8 changes: 8 additions & 0 deletions api/bases/barbican.openstack.org_barbicankeystonelisteners.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -207,6 +207,14 @@ spec:
simpleCryptoBackendKEKSecret:
description: Secret containing SimpleCrypto KEK
type: string
tls:
description: TLS - Parameters related to the TLS
properties:
caBundleSecretName:
description: CaBundleSecretName - holding the CA certs in a pre-created
bundle file
type: string
type: object
transportURLSecret:
type: string
required:
Expand Down
33 changes: 33 additions & 0 deletions api/bases/barbican.openstack.org_barbicans.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -318,6 +318,39 @@ spec:
to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
tls:
description: TLS - Parameters related to the TLS
properties:
api:
description: API tls type which encapsulates for API services
properties:
disabled:
description: Disabled TLS for the deployment of the service
type: boolean
internal:
description: Internal GenericService - holds the secret
for the internal endpoint
properties:
secretName:
description: SecretName - holding the cert, key for
the service
type: string
type: object
public:
description: Public GenericService - holds the secret
for the public endpoint
properties:
secretName:
description: SecretName - holding the cert, key for
the service
type: string
type: object
type: object
caBundleSecretName:
description: CaBundleSecretName - holding the CA certs in
a pre-created bundle file
type: string
type: object
required:
- containerImage
type: object
Expand Down
8 changes: 8 additions & 0 deletions api/bases/barbican.openstack.org_barbicanworkers.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -205,6 +205,14 @@ spec:
simpleCryptoBackendKEKSecret:
description: Secret containing SimpleCrypto KEK
type: string
tls:
description: TLS - Parameters related to the TLS
properties:
caBundleSecretName:
description: CaBundleSecretName - holding the CA certs in a pre-created
bundle file
type: string
type: object
transportURLSecret:
type: string
required:
Expand Down
39 changes: 21 additions & 18 deletions api/go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,13 @@ module github.com/openstack-k8s-operators/barbican-operator/api
go 1.19

require (
github.com/onsi/ginkgo/v2 v2.12.0
github.com/onsi/gomega v1.27.10
github.com/onsi/ginkgo/v2 v2.13.2
github.com/onsi/gomega v1.30.0
github.com/openstack-k8s-operators/lib-common/modules/common v0.3.0
k8s.io/api v0.26.9
k8s.io/api v0.26.11
k8s.io/apimachinery v0.27.1
k8s.io/client-go v0.26.9
sigs.k8s.io/controller-runtime v0.14.6
k8s.io/client-go v0.26.11
sigs.k8s.io/controller-runtime v0.14.7
)

require (
Expand All @@ -19,7 +19,7 @@ require (
github.com/emicklei/go-restful/v3 v3.10.1 // indirect
github.com/evanphx/json-patch/v5 v5.6.0 // indirect
github.com/fsnotify/fsnotify v1.6.0 // indirect
github.com/go-logr/logr v1.2.4 // indirect
github.com/go-logr/logr v1.3.0 // indirect
github.com/go-logr/zapr v1.2.3 // indirect
github.com/go-openapi/jsonpointer v0.19.6 // indirect
github.com/go-openapi/jsonreference v0.20.1 // indirect
Expand All @@ -29,10 +29,10 @@ require (
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/google/gnostic v0.6.9 // indirect
github.com/google/go-cmp v0.5.9 // indirect
github.com/google/go-cmp v0.6.0 // indirect
github.com/google/gofuzz v1.2.0 // indirect
github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 // indirect
github.com/google/uuid v1.3.1 // indirect
github.com/google/uuid v1.4.0 // indirect
github.com/imdario/mergo v0.3.16 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
Expand All @@ -47,26 +47,27 @@ require (
github.com/prometheus/common v0.37.0 // indirect
github.com/prometheus/procfs v0.8.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect
github.com/stretchr/testify v1.8.3 // indirect
go.uber.org/multierr v1.10.0 // indirect
go.uber.org/zap v1.26.0 // indirect
golang.org/x/net v0.15.0 // indirect
golang.org/x/oauth2 v0.4.0 // indirect
golang.org/x/sys v0.13.0 // indirect
golang.org/x/term v0.13.0 // indirect
golang.org/x/text v0.13.0 // indirect
golang.org/x/net v0.19.0 // indirect
golang.org/x/oauth2 v0.7.0 // indirect
golang.org/x/sys v0.15.0 // indirect
golang.org/x/term v0.15.0 // indirect
golang.org/x/text v0.14.0 // indirect
golang.org/x/time v0.3.0 // indirect
golang.org/x/tools v0.13.0 // indirect
golang.org/x/tools v0.16.0 // indirect
gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/protobuf v1.28.1 // indirect
google.golang.org/protobuf v1.31.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
k8s.io/apiextensions-apiserver v0.26.9 // indirect
k8s.io/component-base v0.26.9 // indirect
k8s.io/apiextensions-apiserver v0.26.11 // indirect
k8s.io/component-base v0.26.11 // indirect
k8s.io/klog/v2 v2.100.1 // indirect
k8s.io/kube-openapi v0.0.0-20230308215209-15aac26d736a // indirect
k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
k8s.io/utils v0.0.0-20231127182322-b307cd553661 // indirect
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
sigs.k8s.io/yaml v1.3.0 // indirect
Expand All @@ -78,3 +79,5 @@ replace github.com/openshift/api => github.com/openshift/api v0.0.0-202304141430

// Bump golang.org/x/net to avoid Rapid Reset CVE
replace golang.org/x/net => golang.org/x/net v0.17.0 //allow-merging

replace github.com/openstack-k8s-operators/lib-common/modules/common => github.com/Deydra71/lib-common/modules/common v0.0.0-20231208095031-62070e5707ac
Loading

0 comments on commit f3ee181

Please sign in to comment.