Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: update CRD and related code to enable type field #1779

Merged
merged 7 commits into from
Sep 10, 2024
Merged
Show file tree
Hide file tree
Changes from 5 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions api/unversioned/keymanagementprovider_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,10 @@ type KeyManagementProviderSpec struct {
// Name of the key management provider
Type string `json:"type,omitempty"`

// Refresh interval for fetching the certificate/key files from the provider. Only for providers that are refreshable. The value is in the format of "1h30m" where "h" means hour and "m" means minute. Valid time units are units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
// +kubebuilder:default=""
RefreshInterval string `json:"refreshInterval,omitempty"`

// Parameters of the key management provider
Parameters runtime.RawExtension `json:"parameters,omitempty"`
}
Expand Down
4 changes: 4 additions & 0 deletions api/unversioned/namespacedkeymanagementprovider_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,10 @@ type NamespacedKeyManagementProviderSpec struct {
// Name of the key management provider
Type string `json:"type,omitempty"`

// Refresh interval for fetching the certificate/key files from the provider. Only for providers that are refreshable. The value is in the format of "1h30m" where "h" means hour and "m" means minute. Valid time units are units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
// +kubebuilder:default=""
RefreshInterval string `json:"refreshInterval,omitempty"`

// +kubebuilder:pruning:PreserveUnknownFields
// Parameters of the key management provider
Parameters runtime.RawExtension `json:"parameters,omitempty"`
Expand Down
9 changes: 6 additions & 3 deletions api/unversioned/namespacedverifier_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -27,19 +27,22 @@ type NamespacedVerifierSpec struct {
// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
// Important: Run "make" to regenerate code after modifying this file

// Name of the verifier
// Name of the verifier. Deprecated
Name string `json:"name"`

// Type of the verifier. Optional
Type string `json:"type,omitempty"`

// Version of the verifier plugin. Optional
Version string `json:"version,omitempty"`

// The type of artifact this verifier handles
ArtifactTypes string `json:"artifactTypes"`

// # Optional. URL/file path
// URL/file path. Optional
Address string `json:"address,omitempty"`

// OCI Artifact source to download the plugin from, optional
// OCI Artifact source to download the plugin from. Optional
Source *PluginSource `json:"source,omitempty"`

// Parameters for this verifier
Expand Down
9 changes: 6 additions & 3 deletions api/unversioned/verifier_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,19 +26,22 @@ import (
type VerifierSpec struct {
// Important: Run "make" to regenerate code after modifying this file

// Name of the verifier
// Name of the verifier. Deprecated
Name string `json:"name,omitempty"`

// Type of the verifier. Deprecated
Type string `json:"type,omitempty"`

// Version of the verifier plugin. Optional
Version string `json:"version,omitempty"`

// The type of artifact this verifier handles
ArtifactTypes string `json:"artifactTypes,omitempty"`

// # Optional. URL/file path
// URL/file path. Deprecated
junczhu marked this conversation as resolved.
Show resolved Hide resolved
Address string `json:"address,omitempty"`

// OCI Artifact source to download the plugin from, optional
// OCI Artifact source to download the plugin from. Optional
Source *PluginSource `json:"source,omitempty"`

// Parameters for this verifier
Expand Down
1 change: 1 addition & 0 deletions api/v1alpha1/zz_generated.conversion.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 6 additions & 3 deletions api/v1beta1/namespacedverifier_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,19 +29,22 @@ type NamespacedVerifierSpec struct {
// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
junczhu marked this conversation as resolved.
Show resolved Hide resolved
// Important: Run "make" to regenerate code after modifying this file

// Name of the verifier
// Name of the verifier. Deprecated
Name string `json:"name"`

// Type of the verifier. Optional
Type string `json:"type,omitempty"`

// Version of the verifier plugin. Optional
Version string `json:"version,omitempty"`

// The type of artifact this verifier handles
ArtifactTypes string `json:"artifactTypes"`

// # Optional. URL/file path
// URL/file path. Optional
Address string `json:"address,omitempty"`

// OCI Artifact source to download the plugin from, optional
// OCI Artifact source to download the plugin from. Optional
Source *PluginSource `json:"source,omitempty"`

// +kubebuilder:pruning:PreserveUnknownFields
Expand Down
9 changes: 6 additions & 3 deletions api/v1beta1/verifier_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -25,19 +25,22 @@ import (
type VerifierSpec struct {
// Important: Run "make install-crds" to regenerate code after modifying this file

// Name of the verifier
// Name of the verifier. Deprecated
Name string `json:"name"`

// Type of the verifier. Optional
Type string `json:"type,omitempty"`

// Version of the verifier plugin. Optional
Version string `json:"version,omitempty"`

// The type of artifact this verifier handles
ArtifactTypes string `json:"artifactTypes"`

// # Optional. URL/file path
// URL/file path. Optional
Address string `json:"address,omitempty"`

// OCI Artifact source to download the plugin from, optional
// OCI Artifact source to download the plugin from. Optional
Source *PluginSource `json:"source,omitempty"`

// +kubebuilder:pruning:PreserveUnknownFields
Expand Down
8 changes: 8 additions & 0 deletions api/v1beta1/zz_generated.conversion.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -48,20 +48,20 @@ spec:
description: NamespacedVerifierSpec defines the desired state of NamespacedVerifier
properties:
address:
description: '# Optional. URL/file path'
description: URL/file path. Optional
type: string
artifactTypes:
description: The type of artifact this verifier handles
type: string
name:
description: Name of the verifier
description: Name of the verifier. Deprecated
type: string
parameters:
description: Parameters for this verifier
type: object
x-kubernetes-preserve-unknown-fields: true
source:
description: OCI Artifact source to download the plugin from, optional
description: OCI Artifact source to download the plugin from. Optional
properties:
artifact:
description: OCI Artifact source to download the plugin from
Expand All @@ -72,6 +72,9 @@ spec:
type: object
x-kubernetes-preserve-unknown-fields: true
type: object
type:
description: Type of the verifier. Optional
type: string
version:
description: Version of the verifier plugin. Optional
type: string
Expand Down
9 changes: 6 additions & 3 deletions config/crd/bases/config.ratify.deislabs.io_verifiers.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -107,20 +107,20 @@ spec:
description: VerifierSpec defines the desired state of Verifier
properties:
address:
description: '# Optional. URL/file path'
description: URL/file path. Optional
type: string
artifactTypes:
description: The type of artifact this verifier handles
type: string
name:
description: Name of the verifier
description: Name of the verifier. Deprecated
type: string
parameters:
description: Parameters for this verifier
type: object
x-kubernetes-preserve-unknown-fields: true
source:
description: OCI Artifact source to download the plugin from, optional
description: OCI Artifact source to download the plugin from. Optional
properties:
artifact:
description: OCI Artifact source to download the plugin from
Expand All @@ -131,6 +131,9 @@ spec:
type: object
x-kubernetes-preserve-unknown-fields: true
type: object
type:
description: Type of the verifier. Optional
type: string
version:
description: Version of the verifier plugin. Optional
type: string
Expand Down
2 changes: 1 addition & 1 deletion pkg/controllers/clusterresource/verifier_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ func (r *VerifierReconciler) Reconcile(ctx context.Context, req ctrl.Request) (c

// creates a verifier reference from CRD spec and add store to map
func verifierAddOrReplace(spec configv1beta1.VerifierSpec, objectName string) error {
verifierConfig, err := cutils.SpecToVerifierConfig(spec.Parameters.Raw, objectName, spec.Name, spec.ArtifactTypes, spec.Source)
verifierConfig, err := cutils.SpecToVerifierConfig(spec.Parameters.Raw, objectName, cutils.GetVerifierType(spec), spec.ArtifactTypes, spec.Source)
if err != nil {
logrus.Error(err)
return err
Expand Down
2 changes: 1 addition & 1 deletion pkg/controllers/namespaceresource/verifier_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ func (r *VerifierReconciler) Reconcile(ctx context.Context, req ctrl.Request) (c

// creates a verifier reference from CRD spec and add store to map
func verifierAddOrReplace(spec configv1beta1.NamespacedVerifierSpec, objectName string, namespace string) error {
verifierConfig, err := cutils.SpecToVerifierConfig(spec.Parameters.Raw, objectName, spec.Name, spec.ArtifactTypes, spec.Source)
verifierConfig, err := cutils.SpecToVerifierConfig(spec.Parameters.Raw, objectName, cutils.GetVerifierType(spec), spec.ArtifactTypes, spec.Source)
if err != nil {
logrus.Error(err)
return err
Expand Down
19 changes: 19 additions & 0 deletions pkg/controllers/utils/verifier.go
Original file line number Diff line number Diff line change
Expand Up @@ -69,3 +69,22 @@ func SpecToVerifierConfig(raw []byte, verifierName, verifierType, artifactTypes

return verifierConfig, nil
}

// GetVerifierType returns verifier spec type and is backward compatible with the old name field
junczhu marked this conversation as resolved.
Show resolved Hide resolved
func GetVerifierType(verifierSpec interface{}) string {
switch spec := verifierSpec.(type) {
case configv1beta1.VerifierSpec:
if spec.Type == "" {
return spec.Name
}
return spec.Type
case configv1beta1.NamespacedVerifierSpec:
if spec.Type == "" {
return spec.Name
}
return spec.Type
default:
logrus.Error("unable to assert verifierSpec type", spec)
}
return ""
}
43 changes: 43 additions & 0 deletions pkg/controllers/utils/verifier_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -119,3 +119,46 @@ func TestSpecToVerifierConfig(t *testing.T) {
func resetVerifierMap() {
controllers.NamespacedVerifiers = verifiers.NewActiveVerifiers()
}

func TestGetType(t *testing.T) {
tests := []struct {
name string
input interface{}
expected string
}{
{
name: "cluster verifier spec with name",
input: configv1beta1.VerifierSpec{Name: "clusterV"},
expected: "clusterV",
},
{
name: "cluster verifier spec with type",
input: configv1beta1.VerifierSpec{Type: "clusterV"},
expected: "clusterV",
},
{
name: "namespaced verifier spec with name",
input: configv1beta1.NamespacedVerifierSpec{Name: "namespacedV"},
expected: "namespacedV",
},
{
name: "namespaced verifier spec with type",
input: configv1beta1.NamespacedVerifierSpec{Type: "namespacedV"},
expected: "namespacedV",
},
{
name: "verifier spec with no name or type",
input: "",
expected: "",
},
}

for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
output := GetVerifierType(tt.input)
if tt.expected != output {
t.Fatalf("GetType() expected %v, actual %v", tt.expected, output)
}
})
}
}
Loading