Extend ack-generate to generate slice with elements of type Kubernetes Secret #828
Description
Is your feature request related to a problem?
When a resource field of type slice is configured as secret in generator config file, the generated code places single Kubernetes Secret as type in Spec. This leads to following issues:
- As only 1 value can be specified in spec for a field that is supposed to take multiple values.
- The generated code fails to compile as it tries to set single String value into API input's field of slice type.
For example:
ElastiCache User API has passwords filed of type []*string in the API input. Reference API docs
When this field is configured as secret type inside Generator config:
resources:
User:
fields:
Passwords:
is_secret: true
then generated service controller code looks like:
CRD yaml:
passwords:
description: Passwords used for this user. You can create up to two
passwords for each user.
properties:
key:
description: Key is the key within the secret
type: string
name:
description: Name is unique within a namespace to reference a
secret resource.
type: string
namespace:
description: Namespace defines the space within which the secret
name must be unique.
type: string
required:
- key
type: object
Observe that the password field type is generated as object of type k8s secret instead of array of k8s secrets.
And the generated sdk.go code looks like:
if r.ko.Spec.Passwords != nil {
tmpSecret, err := rm.rr.SecretValueFromReference(ctx, r.ko.Spec.Passwords)
if err != nil {
return nil, err
}
if tmpSecret != "" {
res.SetPasswords(tmpSecret)
}
}
Observe the string value being supplied to res.SetPasswords which accepts []*string.
This leads to compilation issues.
Following ElastiCache ACK controller PR has related discussion about the password field in User API.
Describe the solution you'd like
When a field of type slice is configured as secret type inside Generator config, then the generated CRD yaml should allow specifying multiple k8s secret values for this field and sdk code should supply these values to the resource API input field as slice type.
For example, the generated CRD yaml for password field from previous example will look like:
passwords:
description: Passwords used for this user. You can create up to two
passwords for each user.
items:
description: SecretKeyReference combines a k8s corev1.SecretReference
with a specific key within the referred-to Secret
properties:
key:
description: Key is the key within the secret
type: string
name:
description: Name is unique within a namespace to reference
a secret resource.
type: string
namespace:
description: Namespace defines the space within which the secret
name must be unique.
type: string
required:
- key
type: object
type: array
and sdk.go will look like:
if r.ko.Spec.Passwords != nil {
f3 := []*string{}
for _, f3iter := range r.ko.Spec.Passwords {
var f3elem string
if f3iter != nil {
tmpSecret, err := rm.rr.SecretValueFromReference(ctx, f3iter)
if err != nil {
return nil, err
}
if tmpSecret != "" {
f3elem = tmpSecret
}
}
f3 = append(f3, &f3elem)
}
res.SetPasswords(f3)
}
Describe alternatives you've considered
An option is to add such field to ignore config. But that removes it from the input spec.