[wip] tlse

Jira: OSP-19151

api/bases/keystone.openstack.org_keystoneapis.yaml

@@ -381,6 +381,51 @@ spec:
                 description: Secret containing OpenStack password information for
                   keystone KeystoneDatabasePassword, AdminPassword
                 type: string
+              tls:
+                description: TLS - Parameters related to the TLS
+                properties:
+                  caBundleSecretName:
+                    description: CaBundleSecretName - holding the CA certs in a pre-created
+                      bundle file
+                    type: string
+                  db:
+                    description: Secret containing CA bundle
+                    properties:
+                      disabled:
+                        description: Disabled TLS for db connection
+                        type: boolean
+                    type: object
+                  messaging:
+                    description: Secret containing CA bundle
+                    properties:
+                      disabled:
+                        description: Disabled TLS for db connection
+                        type: boolean
+                    type: object
+                  tls:
+                    description: Secret containing CA bundle
+                    properties:
+                      disabled:
+                        description: Disabled TLS for the deployment of the service
+                        type: boolean
+                      endpoint:
+                        additionalProperties:
+                          description: GenericService contains server-specific TLS
+                            secret or issuer
+                          properties:
+                            issuerName:
+                              description: IssuerName - name of the issuer to be used
+                                to issue certificate for the service
+                              type: string
+                            secretName:
+                              description: SecretName - holding the cert, key for
+                                the service
+                              type: string
+                          type: object
+                        description: The key must be the endpoint type (public, internal)
+                        type: object
+                    type: object
+                type: object
               trustFlushArgs:
                 default: ""
                 description: TrustFlushArgs - Arguments added to keystone-manage trust_flush

api/go.mod

@@ -3,15 +3,15 @@ module github.com/openstack-k8s-operators/keystone-operator/api
 go 1.19
 
 require (
-	github.com/go-logr/logr v1.2.4
-	github.com/google/uuid v1.3.1
-	github.com/onsi/gomega v1.28.0
-	github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.20231011150636-e8a0540a3c32
+	github.com/go-logr/logr v1.3.0
+	github.com/google/uuid v1.4.0
+	github.com/onsi/gomega v1.30.0
+	github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.20231114102008-65eb1b13d3a7
 	github.com/openstack-k8s-operators/lib-common/modules/openstack v0.1.1-0.20231001084618-12369665b166
 	github.com/openstack-k8s-operators/lib-common/modules/test v0.1.2-0.20231001084618-12369665b166
-	k8s.io/api v0.26.9
-	k8s.io/apimachinery v0.26.9
-	sigs.k8s.io/controller-runtime v0.14.6
+	k8s.io/api v0.26.11
+	k8s.io/apimachinery v0.26.11
+	sigs.k8s.io/controller-runtime v0.14.7
 )
 
 require (
@@ -28,7 +28,7 @@ require (
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/google/gnostic v0.6.9 // indirect
-	github.com/google/go-cmp v0.5.9 // indirect
+	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/gophercloud/gophercloud v1.7.0
 	github.com/imdario/mergo v0.3.16 // indirect
@@ -47,22 +47,22 @@ require (
 	github.com/prometheus/common v0.37.0 // indirect
 	github.com/prometheus/procfs v0.8.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
-	golang.org/x/exp v0.0.0-20230905200255-921286631fa9
-	golang.org/x/net v0.15.0 // indirect
-	golang.org/x/oauth2 v0.4.0 // indirect
-	golang.org/x/sys v0.13.0 // indirect
-	golang.org/x/term v0.13.0 // indirect
-	golang.org/x/text v0.13.0 // indirect
+	golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa
+	golang.org/x/net v0.18.0 // indirect
+	golang.org/x/oauth2 v0.7.0 // indirect
+	golang.org/x/sys v0.14.0 // indirect
+	golang.org/x/term v0.14.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/protobuf v1.28.1 // indirect
+	google.golang.org/protobuf v1.31.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/apiextensions-apiserver v0.26.9 // indirect; indirect // indirect
-	k8s.io/client-go v0.26.9 // indirect
-	k8s.io/component-base v0.26.9 // indirect; indirect // indirect
+	k8s.io/apiextensions-apiserver v0.26.11 // indirect; indirect // indirect
+	k8s.io/client-go v0.26.11 // indirect
+	k8s.io/component-base v0.26.11 // indirect; indirect // indirect
 	k8s.io/klog/v2 v2.100.1 // indirect
 	k8s.io/kube-openapi v0.0.0-20230308215209-15aac26d736a // indirect; indirect // indirect
 	k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect; indirect // indirect
@@ -77,3 +77,5 @@ replace golang.org/x/net => golang.org/x/net v0.17.0 //allow-merging
 // mschuppert: map to latest commit from release-4.13 tag
 // must consistent within modules and service operators
 replace github.com/openshift/api => github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 //allow-merging
+
+replace github.com/openstack-k8s-operators/lib-common/modules/common => github.com/stuggi/lib-common/modules/common v0.0.0-20231121105416-3a79f76f06b9