diff --git a/controllers/jetstream/consumer.go b/controllers/jetstream/consumer.go index 52f3f532..83520514 100644 --- a/controllers/jetstream/consumer.go +++ b/controllers/jetstream/consumer.go @@ -4,10 +4,7 @@ import ( "context" "errors" "fmt" - "os" - "path/filepath" "strconv" - "strings" "time" "github.com/nats-io/jsm.go" @@ -49,70 +46,9 @@ func (c *Controller) processConsumerObject(cns *apis.Consumer, jsm jsmClientFunc spec := cns.Spec ifc := c.ji.Consumers(ns) - var ( - remoteClientCert string - remoteClientKey string - remoteRootCA string - accServers []string - accUserCreds string - ) - if spec.Account != "" && c.opts.CRDConnect { - // Lookup the account using the REST client. - ctx, done := context.WithTimeout(context.Background(), 5*time.Second) - defer done() - acc, err := c.ji.Accounts(ns).Get(ctx, spec.Account, k8smeta.GetOptions{}) - if err != nil { - return err - } - - accServers = acc.Spec.Servers - - // Lookup the TLS secrets - if acc.Spec.TLS != nil && acc.Spec.TLS.Secret != nil { - secretName := acc.Spec.TLS.Secret.Name - secret, err := c.ki.Secrets(ns).Get(c.ctx, secretName, k8smeta.GetOptions{}) - if err != nil { - return err - } - - // Write this to the cacheDir - accDir := filepath.Join(c.cacheDir, ns, spec.Account) - if err := os.MkdirAll(accDir, 0755); err != nil { - return err - } - - remoteClientCert = filepath.Join(accDir, acc.Spec.TLS.ClientCert) - remoteClientKey = filepath.Join(accDir, acc.Spec.TLS.ClientKey) - remoteRootCA = filepath.Join(accDir, acc.Spec.TLS.RootCAs) - - for k, v := range secret.Data { - if err := os.WriteFile(filepath.Join(accDir, k), v, 0o644); err != nil { - return err - } - } - } - // Lookup the UserCredentials. - if acc.Spec.Creds != nil { - secretName := acc.Spec.Creds.Secret.Name - secret, err := c.ki.Secrets(ns).Get(c.ctx, secretName, k8smeta.GetOptions{}) - if err != nil { - return err - } - - // Write the user credentials to the cache dir. - accDir := filepath.Join(c.cacheDir, ns, spec.Account) - if err := os.MkdirAll(accDir, 0755); err != nil { - return err - } - for k, v := range secret.Data { - if k == acc.Spec.Creds.File { - accUserCreds = filepath.Join(c.cacheDir, ns, spec.Account, k) - if err := os.WriteFile(filepath.Join(accDir, k), v, 0o644); err != nil { - return err - } - } - } - } + acc, err := c.getAccountOverrides(spec.Account, ns) + if err != nil { + return err } defer func() { @@ -128,58 +64,14 @@ func (c *Controller) processConsumerObject(cns *apis.Consumer, jsm jsmClientFunc type operator func(ctx context.Context, c jsmClient, spec apis.ConsumerSpec) (err error) natsClientUtil := func(op operator) error { - servers := spec.Servers - if c.opts.CRDConnect { - // Create a new client - natsCtx := &natsContext{} - // Use JWT/NKEYS based credentials if present. - if spec.Creds != "" { - natsCtx.Credentials = spec.Creds - } else if spec.Nkey != "" { - natsCtx.Nkey = spec.Nkey - } - if spec.TLS.ClientCert != "" && spec.TLS.ClientKey != "" { - natsCtx.TLSCert = spec.TLS.ClientCert - natsCtx.TLSKey = spec.TLS.ClientKey - } - - // Use fetched secrets for the account and server if defined. - if remoteClientCert != "" && remoteClientKey != "" { - natsCtx.TLSCert = remoteClientCert - natsCtx.TLSKey = remoteClientKey - } - if remoteRootCA != "" { - natsCtx.TLSCAs = []string{remoteRootCA} - } - if accUserCreds != "" { - natsCtx.Credentials = accUserCreds - } - if len(spec.TLS.RootCAs) > 0 { - natsCtx.TLSCAs = spec.TLS.RootCAs - } - - natsServers := strings.Join(append(servers, accServers...), ",") - natsCtx.URL = natsServers - c.normalEvent(cns, "Connecting", "Connecting to new nats-servers") - jsmc, err := jsm(natsCtx) - if err != nil { - return err - } - defer jsmc.Close() - - if err := op(c.ctx, jsmc, spec); err != nil { - return err - } - } else { - jsmc, err := jsm(&natsContext{}) - if err != nil { - return err - } - if err := op(c.ctx, jsmc, spec); err != nil { - return err - } - } - return nil + return c.runWithJsmc(jsm, acc, &jsmcSpecOverrides{ + servers: spec.Servers, + tls: spec.TLS, + creds: spec.Creds, + nkey: spec.Nkey, + }, cns, func(jsmc jsmClient) error { + return op(c.ctx, jsmc, spec) + }) } deleteOK := cns.GetDeletionTimestamp() != nil diff --git a/controllers/jetstream/controller.go b/controllers/jetstream/controller.go index 785b3559..35b35b4b 100644 --- a/controllers/jetstream/controller.go +++ b/controllers/jetstream/controller.go @@ -17,6 +17,7 @@ import ( "context" "fmt" "os" + "path/filepath" "strings" "time" @@ -414,6 +415,205 @@ func (c *Controller) warningEvent(o runtime.Object, reason, message string) { } } +type accountOverrides struct { + remoteClientCert string + remoteClientKey string + remoteRootCA string + servers []string + userCreds string + user string + password string + token string +} + +func (c *Controller) getAccountOverrides(account string, ns string) (*accountOverrides, error) { + overrides := &accountOverrides{} + + if account == "" || !c.opts.CRDConnect { + return overrides, nil + } + + // Lookup the account using the REST client. + ctx, done := context.WithTimeout(context.Background(), 5*time.Second) + defer done() + acc, err := c.ji.Accounts(ns).Get(ctx, account, k8smeta.GetOptions{}) + if err != nil { + return nil, err + } + + overrides.servers = acc.Spec.Servers + + // Lookup the TLS secrets + if acc.Spec.TLS != nil && acc.Spec.TLS.Secret != nil { + secretName := acc.Spec.TLS.Secret.Name + secret, err := c.ki.Secrets(ns).Get(c.ctx, secretName, k8smeta.GetOptions{}) + if err != nil { + return nil, err + } + + // Write this to the cacheDir. + accDir := filepath.Join(c.cacheDir, ns, account) + if err := os.MkdirAll(accDir, 0o755); err != nil { + return nil, err + } + + filesToWrite := make(map[string]string) + + getSecretValue := func(key string) string { + value, ok := secret.Data[key] + if !ok { + return "" + } + return string(value) + } + + remoteClientCertValue := getSecretValue(acc.Spec.TLS.ClientCert) + remoteClientKeyValue := getSecretValue(acc.Spec.TLS.ClientKey) + if remoteClientCertValue != "" && remoteClientKeyValue != "" { + overrides.remoteClientCert = filepath.Join(accDir, acc.Spec.TLS.ClientCert) + overrides.remoteClientKey = filepath.Join(accDir, acc.Spec.TLS.ClientKey) + + filesToWrite[acc.Spec.TLS.ClientCert] = remoteClientCertValue + filesToWrite[acc.Spec.TLS.ClientKey] = remoteClientKeyValue + } + + remoteRootCAValue := getSecretValue(acc.Spec.TLS.RootCAs) + if remoteRootCAValue != "" { + overrides.remoteRootCA = filepath.Join(accDir, acc.Spec.TLS.RootCAs) + filesToWrite[acc.Spec.TLS.RootCAs] = remoteRootCAValue + } + + for file, v := range filesToWrite { + if err := os.WriteFile(filepath.Join(accDir, file), []byte(v), 0o644); err != nil { + return nil, err + } + } + } + // Lookup the UserCredentials. + if acc.Spec.Creds != nil { + secretName := acc.Spec.Creds.Secret.Name + secret, err := c.ki.Secrets(ns).Get(c.ctx, secretName, k8smeta.GetOptions{}) + if err != nil { + return nil, err + } + + // Write the user credentials to the cache dir. + accDir := filepath.Join(c.cacheDir, ns, account) + if err := os.MkdirAll(accDir, 0o755); err != nil { + return nil, err + } + for k, v := range secret.Data { + if k == acc.Spec.Creds.File { + overrides.userCreds = filepath.Join(c.cacheDir, ns, account, k) + if err := os.WriteFile(filepath.Join(accDir, k), v, 0o644); err != nil { + return nil, err + } + } + } + } + + // Lookup the Token. + if acc.Spec.Token != nil { + secretName := acc.Spec.Token.Secret.Name + secret, err := c.ki.Secrets(ns).Get(c.ctx, secretName, k8smeta.GetOptions{}) + if err != nil { + return nil, err + } + + for k, v := range secret.Data { + if k == acc.Spec.Token.Token { + overrides.token = string(v) + } + } + } + + // Lookup the User. + if acc.Spec.User != nil { + secretName := acc.Spec.User.Secret.Name + secret, err := c.ki.Secrets(ns).Get(c.ctx, secretName, k8smeta.GetOptions{}) + if err != nil { + return nil, err + } + + for k, v := range secret.Data { + if k == acc.Spec.User.User { + overrides.user = string(v) + } + if k == acc.Spec.User.Password { + overrides.password = string(v) + } + } + } + + return overrides, nil +} + +type jsmcSpecOverrides struct { + servers []string + tls apis.TLS + creds string + nkey string +} + +func (c *Controller) runWithJsmc(jsm jsmClientFunc, acc *accountOverrides, spec *jsmcSpecOverrides, o runtime.Object, op func(jsmClient) error) error { + if !c.opts.CRDConnect { + jsmc, err := jsm(&natsContext{}) + if err != nil { + return err + } + + return op(jsmc) + } + + // Create a new client + natsCtx := &natsContext{} + // Use JWT/NKEYS/user-password/token based credentials if present. + if spec.creds != "" { + natsCtx.Credentials = spec.creds + } else if spec.nkey != "" { + natsCtx.Nkey = spec.nkey + } + if spec.tls.ClientCert != "" && spec.tls.ClientKey != "" { + natsCtx.TLSCert = spec.tls.ClientCert + natsCtx.TLSKey = spec.tls.ClientKey + } + + // Use fetched secrets for the account and server if defined. + if acc.remoteClientCert != "" && acc.remoteClientKey != "" { + natsCtx.TLSCert = acc.remoteClientCert + natsCtx.TLSKey = acc.remoteClientKey + } + if acc.remoteRootCA != "" { + natsCtx.TLSCAs = []string{acc.remoteRootCA} + } + if acc.userCreds != "" { + natsCtx.Credentials = acc.userCreds + } + + if acc.user != "" && acc.password != "" { + natsCtx.Username = acc.user + natsCtx.Password = acc.password + } else if acc.token != "" { + natsCtx.Token = acc.token + } + + if len(spec.tls.RootCAs) > 0 { + natsCtx.TLSCAs = spec.tls.RootCAs + } + + natsServers := strings.Join(append(spec.servers, acc.servers...), ",") + natsCtx.URL = natsServers + c.normalEvent(o, "Connecting", "Connecting to new nats-servers") + jsmc, err := jsm(natsCtx) + if err != nil { + return fmt.Errorf("failed to connect to nats-servers(%s): %w", natsServers, err) + } + + defer jsmc.Close() + + return op(jsmc) +} + func splitNamespaceName(item interface{}) (ns string, name string, err error) { defer func() { if err != nil { diff --git a/controllers/jetstream/stream.go b/controllers/jetstream/stream.go index 7dc2ec89..5fae6744 100644 --- a/controllers/jetstream/stream.go +++ b/controllers/jetstream/stream.go @@ -17,9 +17,6 @@ import ( "context" "errors" "fmt" - "os" - "path/filepath" - "strings" "time" jsm "github.com/nats-io/jsm.go" @@ -63,71 +60,9 @@ func (c *Controller) processStreamObject(str *apis.Stream, jsm jsmClientFunc) (e ns := str.Namespace readOnly := c.opts.ReadOnly - var ( - remoteClientCert string - remoteClientKey string - remoteRootCA string - accServers []string - acc *apis.Account - accUserCreds string - ) - if spec.Account != "" && c.opts.CRDConnect { - // Lookup the account using the REST client. - ctx, done := context.WithTimeout(context.Background(), 5*time.Second) - defer done() - acc, err = c.ji.Accounts(ns).Get(ctx, spec.Account, k8smeta.GetOptions{}) - if err != nil { - return err - } - - accServers = acc.Spec.Servers - - // Lookup the TLS secrets - if acc.Spec.TLS != nil && acc.Spec.TLS.Secret != nil { - secretName := acc.Spec.TLS.Secret.Name - secret, err := c.ki.Secrets(ns).Get(c.ctx, secretName, k8smeta.GetOptions{}) - if err != nil { - return err - } - - // Write this to the cacheDir. - accDir := filepath.Join(c.cacheDir, ns, spec.Account) - if err := os.MkdirAll(accDir, 0o755); err != nil { - return err - } - - remoteClientCert = filepath.Join(accDir, acc.Spec.TLS.ClientCert) - remoteClientKey = filepath.Join(accDir, acc.Spec.TLS.ClientKey) - remoteRootCA = filepath.Join(accDir, acc.Spec.TLS.RootCAs) - - for k, v := range secret.Data { - if err := os.WriteFile(filepath.Join(accDir, k), v, 0o644); err != nil { - return err - } - } - } - // Lookup the UserCredentials. - if acc.Spec.Creds != nil { - secretName := acc.Spec.Creds.Secret.Name - secret, err := c.ki.Secrets(ns).Get(c.ctx, secretName, k8smeta.GetOptions{}) - if err != nil { - return err - } - - // Write the user credentials to the cache dir. - accDir := filepath.Join(c.cacheDir, ns, spec.Account) - if err := os.MkdirAll(accDir, 0o755); err != nil { - return err - } - for k, v := range secret.Data { - if k == acc.Spec.Creds.File { - accUserCreds = filepath.Join(c.cacheDir, ns, spec.Account, k) - if err := os.WriteFile(filepath.Join(accDir, k), v, 0o644); err != nil { - return err - } - } - } - } + acc, err := c.getAccountOverrides(spec.Account, ns) + if err != nil { + return err } defer func() { @@ -143,57 +78,14 @@ func (c *Controller) processStreamObject(str *apis.Stream, jsm jsmClientFunc) (e type operator func(ctx context.Context, c jsmClient, spec apis.StreamSpec) (err error) natsClientUtil := func(op operator) error { - servers := spec.Servers - if c.opts.CRDConnect { - // Create a new client - natsCtx := &natsContext{} - // Use JWT/NKEYS based credentials if present. - if spec.Creds != "" { - natsCtx.Credentials = spec.Creds - } else if spec.Nkey != "" { - natsCtx.Nkey = spec.Nkey - } - if spec.TLS.ClientCert != "" && spec.TLS.ClientKey != "" { - natsCtx.TLSCert = spec.TLS.ClientCert - natsCtx.TLSKey = spec.TLS.ClientKey - } - - // Use fetched secrets for the account and server if defined. - if remoteClientCert != "" && remoteClientKey != "" { - natsCtx.TLSCert = remoteClientCert - natsCtx.TLSKey = remoteClientKey - } - if remoteRootCA != "" { - natsCtx.TLSCAs = []string{remoteRootCA} - } - if accUserCreds != "" { - natsCtx.Credentials = accUserCreds - } - if len(spec.TLS.RootCAs) > 0 { - natsCtx.TLSCAs = spec.TLS.RootCAs - } - - natsServers := strings.Join(append(servers, accServers...), ",") - natsCtx.URL = natsServers - c.normalEvent(str, "Connecting", "Connecting to new nats-servers") - jsmc, err := jsm(natsCtx) - if err != nil { - return fmt.Errorf("failed to connect to nats-servers(%s): %w", natsServers, err) - } - defer jsmc.Close() - if err := op(c.ctx, jsmc, spec); err != nil { - return err - } - } else { - jsmc, err := jsm(&natsContext{}) - if err != nil { - return err - } - if err := op(c.ctx, jsmc, spec); err != nil { - return err - } - } - return nil + return c.runWithJsmc(jsm, acc, &jsmcSpecOverrides{ + servers: spec.Servers, + tls: spec.TLS, + creds: spec.Creds, + nkey: spec.Nkey, + }, str, func(jsmc jsmClient) error { + return op(c.ctx, jsmc, spec) + }) } deleteOK := str.GetDeletionTimestamp() != nil diff --git a/deploy/crds.yml b/deploy/crds.yml index bcfb9a13..6171ff99 100644 --- a/deploy/crds.yml +++ b/deploy/crds.yml @@ -1013,3 +1013,32 @@ spec: file: description: Credentials file, generated with github.com/nats-io/nsc tool. type: string + token: + description: The token to be used to connect to the NATS Service. + type: object + properties: + secret: + type: object + properties: + name: + description: Name of the secret with the token. + type: string + token: + description: Key in the secret that contains the token. + type: string + user: + description: The user and password to be used to connect to the NATS Service. + type: object + properties: + secret: + type: object + properties: + name: + description: Name of the secret with the user and password. + type: string + user: + description: Key in the secret that contains the user. + type: string + password: + description: Key in the secret that contains the password. + type: string diff --git a/pkg/jetstream/apis/jetstream/v1beta2/accounttypes.go b/pkg/jetstream/apis/jetstream/v1beta2/accounttypes.go index 01679053..444eeb42 100644 --- a/pkg/jetstream/apis/jetstream/v1beta2/accounttypes.go +++ b/pkg/jetstream/apis/jetstream/v1beta2/accounttypes.go @@ -25,6 +25,8 @@ type AccountSpec struct { Servers []string `json:"servers"` TLS *TLSSecret `json:"tls"` Creds *CredsSecret `json:"creds"` + Token *TokenSecret `json:"token"` + User *User `json:"user"` } // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object diff --git a/pkg/jetstream/apis/jetstream/v1beta2/types.go b/pkg/jetstream/apis/jetstream/v1beta2/types.go index 099c7bd6..18504510 100644 --- a/pkg/jetstream/apis/jetstream/v1beta2/types.go +++ b/pkg/jetstream/apis/jetstream/v1beta2/types.go @@ -40,6 +40,17 @@ type CredsSecret struct { Secret SecretRef `json:"secret"` } +type TokenSecret struct { + Token string `json:"token"` + Secret SecretRef `json:"secret"` +} + +type User struct { + User string `json:"user"` + Password string `json:"password"` + Secret SecretRef `json:"secret"` +} + type SecretRef struct { Name string `json:"name"` } diff --git a/pkg/jetstream/apis/jetstream/v1beta2/zz_generated.deepcopy.go b/pkg/jetstream/apis/jetstream/v1beta2/zz_generated.deepcopy.go index 5525e111..29e4521d 100644 --- a/pkg/jetstream/apis/jetstream/v1beta2/zz_generated.deepcopy.go +++ b/pkg/jetstream/apis/jetstream/v1beta2/zz_generated.deepcopy.go @@ -101,6 +101,16 @@ func (in *AccountSpec) DeepCopyInto(out *AccountSpec) { *out = new(CredsSecret) **out = **in } + if in.Token != nil { + in, out := &in.Token, &out.Token + *out = new(TokenSecret) + **out = **in + } + if in.User != nil { + in, out := &in.User, &out.User + *out = new(User) + **out = **in + } return } @@ -547,3 +557,37 @@ func (in *TLSSecret) DeepCopy() *TLSSecret { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenSecret) DeepCopyInto(out *TokenSecret) { + *out = *in + out.Secret = in.Secret + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenSecret. +func (in *TokenSecret) DeepCopy() *TokenSecret { + if in == nil { + return nil + } + out := new(TokenSecret) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *User) DeepCopyInto(out *User) { + *out = *in + out.Secret = in.Secret + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new User. +func (in *User) DeepCopy() *User { + if in == nil { + return nil + } + out := new(User) + in.DeepCopyInto(out) + return out +} diff --git a/pkg/jetstream/generated/applyconfiguration/jetstream/v1beta2/accountspec.go b/pkg/jetstream/generated/applyconfiguration/jetstream/v1beta2/accountspec.go index a3a27b65..09dd5464 100644 --- a/pkg/jetstream/generated/applyconfiguration/jetstream/v1beta2/accountspec.go +++ b/pkg/jetstream/generated/applyconfiguration/jetstream/v1beta2/accountspec.go @@ -21,6 +21,8 @@ type AccountSpecApplyConfiguration struct { Servers []string `json:"servers,omitempty"` TLS *TLSSecretApplyConfiguration `json:"tls,omitempty"` Creds *CredsSecretApplyConfiguration `json:"creds,omitempty"` + Token *TokenSecretApplyConfiguration `json:"token,omitempty"` + User *UserApplyConfiguration `json:"user,omitempty"` } // AccountSpecApplyConfiguration constructs an declarative configuration of the AccountSpec type for use with @@ -54,3 +56,19 @@ func (b *AccountSpecApplyConfiguration) WithCreds(value *CredsSecretApplyConfigu b.Creds = value return b } + +// WithToken sets the Token field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Token field is set to the value of the last call. +func (b *AccountSpecApplyConfiguration) WithToken(value *TokenSecretApplyConfiguration) *AccountSpecApplyConfiguration { + b.Token = value + return b +} + +// WithUser sets the User field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the User field is set to the value of the last call. +func (b *AccountSpecApplyConfiguration) WithUser(value *UserApplyConfiguration) *AccountSpecApplyConfiguration { + b.User = value + return b +} diff --git a/pkg/jetstream/generated/applyconfiguration/jetstream/v1beta2/tokensecret.go b/pkg/jetstream/generated/applyconfiguration/jetstream/v1beta2/tokensecret.go new file mode 100644 index 00000000..4ca03c17 --- /dev/null +++ b/pkg/jetstream/generated/applyconfiguration/jetstream/v1beta2/tokensecret.go @@ -0,0 +1,45 @@ +// Copyright 2020 The NATS Authors +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1beta2 + +// TokenSecretApplyConfiguration represents an declarative configuration of the TokenSecret type for use +// with apply. +type TokenSecretApplyConfiguration struct { + Token *string `json:"token,omitempty"` + Secret *SecretRefApplyConfiguration `json:"secret,omitempty"` +} + +// TokenSecretApplyConfiguration constructs an declarative configuration of the TokenSecret type for use with +// apply. +func TokenSecret() *TokenSecretApplyConfiguration { + return &TokenSecretApplyConfiguration{} +} + +// WithToken sets the Token field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Token field is set to the value of the last call. +func (b *TokenSecretApplyConfiguration) WithToken(value string) *TokenSecretApplyConfiguration { + b.Token = &value + return b +} + +// WithSecret sets the Secret field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Secret field is set to the value of the last call. +func (b *TokenSecretApplyConfiguration) WithSecret(value *SecretRefApplyConfiguration) *TokenSecretApplyConfiguration { + b.Secret = value + return b +} diff --git a/pkg/jetstream/generated/applyconfiguration/jetstream/v1beta2/user.go b/pkg/jetstream/generated/applyconfiguration/jetstream/v1beta2/user.go new file mode 100644 index 00000000..68483048 --- /dev/null +++ b/pkg/jetstream/generated/applyconfiguration/jetstream/v1beta2/user.go @@ -0,0 +1,54 @@ +// Copyright 2020 The NATS Authors +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1beta2 + +// UserApplyConfiguration represents an declarative configuration of the User type for use +// with apply. +type UserApplyConfiguration struct { + User *string `json:"user,omitempty"` + Password *string `json:"password,omitempty"` + Secret *SecretRefApplyConfiguration `json:"secret,omitempty"` +} + +// UserApplyConfiguration constructs an declarative configuration of the User type for use with +// apply. +func User() *UserApplyConfiguration { + return &UserApplyConfiguration{} +} + +// WithUser sets the User field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the User field is set to the value of the last call. +func (b *UserApplyConfiguration) WithUser(value string) *UserApplyConfiguration { + b.User = &value + return b +} + +// WithPassword sets the Password field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Password field is set to the value of the last call. +func (b *UserApplyConfiguration) WithPassword(value string) *UserApplyConfiguration { + b.Password = &value + return b +} + +// WithSecret sets the Secret field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Secret field is set to the value of the last call. +func (b *UserApplyConfiguration) WithSecret(value *SecretRefApplyConfiguration) *UserApplyConfiguration { + b.Secret = value + return b +} diff --git a/pkg/jetstream/generated/applyconfiguration/utils.go b/pkg/jetstream/generated/applyconfiguration/utils.go index 4e1751e0..1e43a122 100644 --- a/pkg/jetstream/generated/applyconfiguration/utils.go +++ b/pkg/jetstream/generated/applyconfiguration/utils.go @@ -58,6 +58,10 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &jetstreamv1beta2.TLSApplyConfiguration{} case v1beta2.SchemeGroupVersion.WithKind("TLSSecret"): return &jetstreamv1beta2.TLSSecretApplyConfiguration{} + case v1beta2.SchemeGroupVersion.WithKind("TokenSecret"): + return &jetstreamv1beta2.TokenSecretApplyConfiguration{} + case v1beta2.SchemeGroupVersion.WithKind("User"): + return &jetstreamv1beta2.UserApplyConfiguration{} } return nil