Skip to content

Commit

Permalink
Add Kafka Credentials to ProviderConfig Secret (#19)
Browse files Browse the repository at this point in the history 
* added kafkaAPIKey, kafkaAPISecret, and kafkaRESTEndpoint to confluent.go; augmented e2e

Signed-off-by: Dylan Moore <[email protected]>

* added kafka_api_key, kafka_api_secret, and kafka_rest_endpoint fields to providerconfig secret example

Signed-off-by: Dylan Moore <[email protected]>

---------

Signed-off-by: Dylan Moore <[email protected]>
  • Loading branch information
@dmvariphy
dmvariphy authored Aug 7, 2024
1 parent 557d3c6 commit 3b9582b
Show file tree
Hide file tree
Showing 7 changed files with 58 additions and 11 deletions.
3 changes: 2 additions & 1 deletion .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,4 +10,5 @@ cover.out

# ignore IDE folders
.vscode/
.idea/
.idea/
kubeconfig
19 changes: 17 additions & 2 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -183,13 +183,28 @@ CROSSPLANE_NAMESPACE = upbound-system
# - UPTEST_DATASOURCE_PATH (optional), see https://github.com/upbound/uptest#injecting-dynamic-values-and-datasource
uptest: $(UPTEST) $(KUBECTL) $(KUTTL)
@$(INFO) running automated tests
@KUBECTL=$(KUBECTL) KUTTL=$(KUTTL) $(UPTEST) e2e "${UPTEST_EXAMPLE_LIST}" --data-source="${UPTEST_DATASOURCE_PATH}" --setup-script=cluster/test/setup.sh --default-conditions="Test" || $(FAIL)
@if [[ -n "$${UPTEST_CONFLUENT_KAFKA_CLUSTER_ID:-}" && -n "$${UPTEST_CONFLUENT_PRINCIPAL:-}" ]]; then \
{ \
echo "confluent_kafka_cluster_id: $${UPTEST_CONFLUENT_KAFKA_CLUSTER_ID}"; \
echo "confluent_principal: $${UPTEST_CONFLUENT_PRINCIPAL}"; \
} > "$(OUTPUT_DIR)/datasource.yaml"; \
if [[ -n "$${UPTEST_DATASOURCE_PATH:-}" ]]; then \
echo "" >> "$(OUTPUT_DIR)/datasource.yaml"; \
cat "$${UPTEST_DATASOURCE_PATH}" >> "$(OUTPUT_DIR)/datasource.yaml"; \
fi; \
export UPTEST_DATASOURCE_PATH="$(OUTPUT_DIR)/datasource.yaml"; \
fi; \
KUBECTL=$(KUBECTL) KUTTL=$(KUTTL) CROSSPLANE_NAMESPACE=$(CROSSPLANE_NAMESPACE) \
$(UPTEST) e2e "$${UPTEST_EXAMPLE_LIST}" \
--data-source="$${UPTEST_DATASOURCE_PATH}" \
--setup-script=cluster/test/setup.sh \
--default-conditions="Test" || $(FAIL)
@$(OK) running automated tests

local-deploy: build controlplane.up local.xpkg.deploy.provider.$(PROJECT_NAME)
@$(INFO) running locally built provider
@$(KUBECTL) wait provider.pkg $(PROJECT_NAME) --for condition=Healthy --timeout 5m
@$(KUBECTL) -n upbound-system wait --for=condition=Available deployment --all --timeout=5m
@$(KUBECTL) -n $(CROSSPLANE_NAMESPACE) wait --for=condition=Available deployment --all --timeout=5m
@$(OK) running locally built provider

e2e: local-deploy uptest
Expand Down
3 changes: 2 additions & 1 deletion cluster/test/setup.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ ${KUBECTL} -n upbound-system wait --for=condition=Available deployment --all --t

echo "Creating a default provider config..."
cat <<EOF | ${KUBECTL} apply -f -
apiVersion: confluent.upbound.io/v1beta1
apiVersion: confluent.crossplane.io/v1beta1
kind: ProviderConfig
metadata:
name: default
Expand All @@ -24,3 +24,4 @@ spec:
name: provider-secret
namespace: upbound-system
key: credentials
EOF
18 changes: 18 additions & 0 deletions examples/kafkaacl/kafkaacl.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
apiVersion: confluent.crossplane.io/v1alpha1
kind: KafkaACL
metadata:
name: kafka-acl-confluent-cloud
spec:
deletionPolicy: Delete
forProvider:
host: '*'
kafkaCluster:
- id: ${data.confluent_kafka_cluster_id}
operation: READ
patternType: PREFIXED
permission: ALLOW
principal: ${data.confluent_principal}
resourceName: test-
resourceType: TOPIC
providerConfigRef:
name: default
5 changes: 4 additions & 1 deletion examples/providerconfig/providerconfig.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,5 +21,8 @@ stringData:
credentials: |
{
"cloud_api_key": "<confluent_api_key_id>",
"cloud_api_secret": "<confluent_api_key_secret>
"cloud_api_secret": "<confluent_api_key_secret>",
"kafka_api_key": "<schema_registry_api_key>",
"kafka_api_secret": "<schema_registry_api_secret>",
"kafka_rest_endpoint": "<schema_registry_rest_endpoint>"
}
7 changes: 5 additions & 2 deletions examples/providerconfig/secret.yaml.tmpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@ type: Opaque
stringData:
credentials: |
{
"username": "admin",
"password": "t0ps3cr3t11"
"cloud_api_key": "admin",
"cloud_api_secret": "t0ps3cr3t11",
"kafka_api_key": "kafka_admin",
"kafka_api_secret": "P@55w0rd",
"kafka_rest_endpoint": "https://abc-12345z.region.provider.confluent.cloud:443"
}
14 changes: 10 additions & 4 deletions internal/clients/confluent.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,11 @@ import (

const (
// ProviderConfig secret keys
cloudAPIKey = "cloud_api_key"
cloudAPISecret = "cloud_api_secret"
cloudAPIKey = "cloud_api_key"
cloudAPISecret = "cloud_api_secret"
kafkaAPIKey = "kafka_api_key"
kafkaAPISecret = "kafka_api_secret"
kafkaRESTEndpoint = "kafka_rest_endpoint"

// error messages
errNoProviderConfig = "no providerConfigRef provided"
Expand Down Expand Up @@ -69,8 +72,11 @@ func TerraformSetupBuilder(version, providerSource, providerVersion string, sche

// Set credentials in Terraform provider configuration.
ps.Configuration = map[string]any{
cloudAPIKey: creds[cloudAPIKey],
cloudAPISecret: creds[cloudAPISecret],
cloudAPIKey: creds[cloudAPIKey],
cloudAPISecret: creds[cloudAPISecret],
kafkaAPIKey: creds[kafkaAPIKey],
kafkaAPISecret: creds[kafkaAPISecret],
kafkaRESTEndpoint: creds[kafkaRESTEndpoint],
}
return ps, nil
}
Expand Down

0 comments on commit 3b9582b

Please sign in to comment.