From aa3f8ac537f7e8131b1073955756531428e5377a Mon Sep 17 00:00:00 2001
From: Grant Spence <gspence@redhat.com>
Date: Thu, 28 Sep 2023 15:04:40 -0400
Subject: [PATCH] NE-1323: Add default to AWS credentials field

By adding a default value to the spec.provider.aws.credentials field,
it enables the configuration of spec.provider.aws.assumeRole for an
OpenShift user that doesn't need to explicitly specify the credentials
field. Otherwise, an OpenShift user must manually insert "" as the
credentials name to use the assumeRole field. Revert docs update about
requiring to add empty ("") credentials field.
---
 api/v1beta1/externaldns_types.go              |  3 ++-
 ...naldns.olm.openshift.io_externaldnses.yaml |  4 +++-
 ...naldns.olm.openshift.io_externaldnses.yaml |  4 +++-
 docs/usage.md                                 | 19 -------------------
 4 files changed, 8 insertions(+), 22 deletions(-)

diff --git a/api/v1beta1/externaldns_types.go b/api/v1beta1/externaldns_types.go
index 2bc16001..01d5954b 100644
--- a/api/v1beta1/externaldns_types.go
+++ b/api/v1beta1/externaldns_types.go
@@ -255,6 +255,7 @@ type ExternalDNSAWSProviderOptions struct {
 	// for more information.
 	//
 	// +kubebuilder:validation:Required
+	// +kubebuilder:default:={"name":""}
 	// +required
 	Credentials SecretReference `json:"credentials"`
 
@@ -491,7 +492,7 @@ const (
 )
 
 type ExternalDNSAWSAssumeRoleOptions struct {
-	// arn is an AWS role ARN that the ExternalDNS
+	// arn is an IAM role ARN that the ExternalDNS
 	// operator will assume when making DNS updates.
 	//
 	// +kubebuilder:validation:Required
diff --git a/bundle/manifests/externaldns.olm.openshift.io_externaldnses.yaml b/bundle/manifests/externaldns.olm.openshift.io_externaldnses.yaml
index 63263786..971e6235 100644
--- a/bundle/manifests/externaldns.olm.openshift.io_externaldnses.yaml
+++ b/bundle/manifests/externaldns.olm.openshift.io_externaldnses.yaml
@@ -576,11 +576,13 @@ spec:
                           updates.
                         properties:
                           arn:
-                            description: arn is an AWS role ARN that the ExternalDNS
+                            description: arn is an IAM role ARN that the ExternalDNS
                               operator will assume when making DNS updates.
                             type: string
                         type: object
                       credentials:
+                        default:
+                          name: ""
                         description: "Credentials is a reference to a secret containing
                           the following keys (with corresponding values): \n * aws_access_key_id
                           * aws_secret_access_key \n See https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/aws.md
diff --git a/config/crd/bases/externaldns.olm.openshift.io_externaldnses.yaml b/config/crd/bases/externaldns.olm.openshift.io_externaldnses.yaml
index 845b7943..1fb582ad 100644
--- a/config/crd/bases/externaldns.olm.openshift.io_externaldnses.yaml
+++ b/config/crd/bases/externaldns.olm.openshift.io_externaldnses.yaml
@@ -578,11 +578,13 @@ spec:
                           updates.
                         properties:
                           arn:
-                            description: arn is an AWS role ARN that the ExternalDNS
+                            description: arn is an IAM role ARN that the ExternalDNS
                               operator will assume when making DNS updates.
                             type: string
                         type: object
                       credentials:
+                        default:
+                          name: ""
                         description: "Credentials is a reference to a secret containing
                           the following keys (with corresponding values): \n * aws_access_key_id
                           * aws_secret_access_key \n See https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/aws.md
diff --git a/docs/usage.md b/docs/usage.md
index 428cc4a8..307d9dd3 100644
--- a/docs/usage.md
+++ b/docs/usage.md
@@ -82,25 +82,6 @@ spec:
     - '{{.Name}}.mydomain.net'
 ```
 
-**Note**: Due to a limitation of the `v1beta1` API requiring the `credentials` field, OpenShift users will be required
-to provide an empty (`""`) credentials field. The empty credentials will be ignored and the secret provided by
-OpenShift's Cloud Credentials Operator will be used:
-
-```yaml
-apiVersion: externaldns.olm.openshift.io/v1beta1
-kind: ExternalDNS
-metadata:
-  name: aws-example
-spec:
-  provider:
-    type: AWS
-    aws:
-      credentials:
-        name: "" # Empty Credentials
-      assumeRole:
-        arn: arn:aws:iam::123456789012:role/role-name # Replace with the desire Role ARN
-```
-
 ## GovCloud
 The operator makes the assumption that `ExternalDNS` instances which target GovCloud DNS also run on the GovCloud. This is needed to detect the AWS region.   
 As for the rest: the usage is exactly the same as for `AWS`.