Skip to content

Commit 2ab1db7

Browse files
vknabelvknabel
committed
feat(types): crds for userdata contents
Adds the CRDs for upcoming work of MEP16.
1 parent e22f2b3 commit 2ab1db7

File tree

1 file changed

+39
-0
lines changed

1 file changed

+39
-0
lines changed

api/v2/types_firewall.go

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -62,6 +62,9 @@ type FirewallSpec struct {
6262
// Userdata contains the userdata used for the creation of the firewall.
6363
// It gets defaulted to a userdata matching for the firewall-controller with connection to Gardener shoot and seed.
6464
Userdata string `json:"userdata,omitempty"`
65+
// UserdataContents contains the unprocessed userdata as separate files.
66+
// This is meant as an alternative to `Userdata`.
67+
UserdataContents []UserdataContent `json:"userdataContents,omitempty"`
6568
// SSHPublicKeys are public keys which are added to the firewall's authorized keys file on creation.
6669
// It gets defaulted to the public key of ssh secret as provided by the controller flags.
6770
SSHPublicKeys []string `json:"sshPublicKeys,omitempty"`
@@ -113,6 +116,42 @@ type AllowedNetworks struct {
113116
Egress []string `json:"egress,omitempty"`
114117
}
115118

119+
// UserdataContent represents a file at a specific path with either direct content or content sourced from a secret or configmap.
120+
type UserdataContent struct {
121+
// Path is the file path where the content should be placed.
122+
Path string `json:"path"`
123+
// Content is the direct content of the file.
124+
Content string `json:"content,omitempty"`
125+
// ContentFrom represents the source from which to obtain the content of the file.
126+
ContentFrom UserdataContentFrom `json:"contentFrom,omitzero"`
127+
}
128+
129+
// UserdataContentFrom represents the source from which to obtain the content of a userdata file.
130+
type UserdataContentFrom struct {
131+
// SecretKeyRef is a reference to a key within a secret.
132+
SecretKeyRef UserdataContentFromSecretKeyRef `json:"secretKeyRef,omitzero"`
133+
// ConfigMapKeyRef is a reference to a key within a configmap.
134+
ConfigMapKeyRef UserdataContentFromConfigMapKeyRef `json:"configMapKeyRef,omitzero"`
135+
// FirewallControllerKubeconfigSecret is a reference to the desired kubeconfig secret for the firewall-controller to access the seed cluster. This kubeconfig will be generated by the firewall-controller-manager.
136+
FirewallControllerKubeconfigSecret *UserdataContentFromSecretKeyRef `json:"firewallControllerKubeconfigSecret,omitempty"`
137+
}
138+
139+
// UserdataContentFromSecretKeyRef represents a reference to a key within a secret.
140+
type UserdataContentFromSecretKeyRef struct {
141+
// Name is the name of the secret.
142+
Name string `json:"name"`
143+
// Key is the key within the secret.
144+
Key string `json:"key"`
145+
}
146+
147+
// UserdataContentFromConfigMapKeyRef represents a reference to a key within a configmap.
148+
type UserdataContentFromConfigMapKeyRef struct {
149+
// Name is the name of the configmap.
150+
Name string `json:"name"`
151+
// Key is the key within the configmap.
152+
Key string `json:"key"`
153+
}
154+
116155
// FirewallTemplateSpec describes the data a firewall should have when created from a template
117156
type FirewallTemplateSpec struct {
118157
// Metadata of the firewalls created from this template.

0 commit comments

Comments
 (0)