From 92045726a3c7758486c449b9121d8776afad14fe Mon Sep 17 00:00:00 2001 From: krlg Date: Mon, 7 Oct 2024 14:39:47 +0200 Subject: [PATCH] Add ability to specify custom policy name --- apis/minio/v1/policy_types.go | 12 ++++++++++++ operator/policy/create.go | 6 +++--- operator/policy/delete.go | 2 +- operator/policy/observer.go | 2 +- operator/policy/update.go | 2 +- package/crds/minio.crossplane.io_policies.yaml | 5 +++++ 6 files changed, 23 insertions(+), 6 deletions(-) diff --git a/apis/minio/v1/policy_types.go b/apis/minio/v1/policy_types.go index 9da0865..9032373 100644 --- a/apis/minio/v1/policy_types.go +++ b/apis/minio/v1/policy_types.go @@ -47,6 +47,10 @@ type PolicyProviderStatus struct { } type PolicyParameters struct { + // The name of the policy + // Defaults to `metadata.name` if unset. + Name string `json:"name,omitempty"` + // AllowBucket will create a simple policy that allows all operations for the given bucket. // Mutually exclusive to `RawPolicy`. AllowBucket string `json:"allowBucket,omitempty"` @@ -72,3 +76,11 @@ var ( PolicyKindAPIVersion = PolicyKind + "." + SchemeGroupVersion.String() PolicyGroupVersionKind = SchemeGroupVersion.WithKind(PolicyKind) ) + +// GetPolicyName returns the spec.forProvider.name if given, otherwise defaults to metadata.name. +func (in *Policy) GetPolicyName() string { + if in.Spec.ForProvider.Name == "" { + return in.Name + } + return in.Spec.ForProvider.Name +} diff --git a/operator/policy/create.go b/operator/policy/create.go index 2f65147..c9733b5 100644 --- a/operator/policy/create.go +++ b/operator/policy/create.go @@ -37,7 +37,7 @@ func (p *policyClient) Create(ctx context.Context, mg resource.Managed) (managed return managed.ExternalCreation{}, err } - if _, ok := policyies[policy.GetName()]; ok { + if _, ok := policyies[policy.GetPolicyName()]; ok { return managed.ExternalCreation{}, fmt.Errorf("policy already exists") } @@ -58,7 +58,7 @@ func (p *policyClient) createBucketPolicy(ctx context.Context, policy *miniov1.P return err } - err = p.ma.AddCannedPolicy(ctx, policy.GetName(), parsedPolicy) + err = p.ma.AddCannedPolicy(ctx, policy.GetPolicyName(), parsedPolicy) if err != nil { return err } @@ -70,7 +70,7 @@ func (p *policyClient) createBucketPolicy(ctx context.Context, policy *miniov1.P } func (p *policyClient) createRawPolicy(ctx context.Context, policy *miniov1.Policy) error { - err := p.ma.AddCannedPolicy(ctx, policy.GetName(), []byte(policy.Spec.ForProvider.RawPolicy)) + err := p.ma.AddCannedPolicy(ctx, policy.GetPolicyName(), []byte(policy.Spec.ForProvider.RawPolicy)) if err != nil { return err } diff --git a/operator/policy/delete.go b/operator/policy/delete.go index 88a0c1a..7880ec9 100644 --- a/operator/policy/delete.go +++ b/operator/policy/delete.go @@ -22,7 +22,7 @@ func (p *policyClient) Delete(ctx context.Context, mg resource.Managed) error { policy.SetConditions(xpv1.Deleting()) p.emitDeletionEvent(policy) - return p.ma.RemoveCannedPolicy(ctx, policy.GetName()) + return p.ma.RemoveCannedPolicy(ctx, policy.GetPolicyName()) } func (p *policyClient) emitDeletionEvent(policy *miniov1.Policy) { diff --git a/operator/policy/observer.go b/operator/policy/observer.go index 527625b..e6123de 100644 --- a/operator/policy/observer.go +++ b/operator/policy/observer.go @@ -33,7 +33,7 @@ func (p *policyClient) Observe(ctx context.Context, mg resource.Managed) (manage return managed.ExternalObservation{}, err } - observedPolicy, ok := policies[policy.GetName()] + observedPolicy, ok := policies[policy.GetPolicyName()] if !ok { // The policy hasn't yet been created it seems return managed.ExternalObservation{ResourceExists: false}, nil diff --git a/operator/policy/update.go b/operator/policy/update.go index 77703aa..d9a3e60 100644 --- a/operator/policy/update.go +++ b/operator/policy/update.go @@ -26,7 +26,7 @@ func (p *policyClient) Update(ctx context.Context, mg resource.Managed) (managed return managed.ExternalUpdate{}, err } - _, ok = policies[policy.GetName()] + _, ok = policies[policy.GetPolicyName()] if !ok { return managed.ExternalUpdate{}, fmt.Errorf("policy does not exist") } diff --git a/package/crds/minio.crossplane.io_policies.yaml b/package/crds/minio.crossplane.io_policies.yaml index 6429e62..e2fc1f9 100644 --- a/package/crds/minio.crossplane.io_policies.yaml +++ b/package/crds/minio.crossplane.io_policies.yaml @@ -74,6 +74,11 @@ spec: AllowBucket will create a simple policy that allows all operations for the given bucket. Mutually exclusive to `RawPolicy`. type: string + name: + description: |- + The name of the policy + Defaults to `metadata.name` if unset. + type: string rawPolicy: description: |- RawPolicy describes a raw S3 policy ad verbatim.