OT-CONTAINER-KIT · shubham-cmyk · Nov 30, 2022 · Nov 30, 2022 · Nov 30, 2022 · Nov 30, 2022
@@ -23,13 +23,19 @@ import (
 
 // KubernetesConfig will be the JSON struct for Basic Redis Config
 type KubernetesConfig struct {
-	Image                  string                           `json:"image"`
-	ImagePullPolicy        corev1.PullPolicy                `json:"imagePullPolicy,omitempty"`
-	Resources              *corev1.ResourceRequirements     `json:"resources,omitempty"`
-	ExistingPasswordSecret *ExistingPasswordSecret          `json:"redisSecret,omitempty"`
-	ImagePullSecrets       *[]corev1.LocalObjectReference   `json:"imagePullSecrets,omitempty"`
-	UpdateStrategy         appsv1.StatefulSetUpdateStrategy `json:"updateStrategy,omitempty"`
-	Service                *ServiceConfig                   `json:"service,omitempty"`
+	Image                 string                           `json:"image"`
+	ImagePullPolicy       corev1.PullPolicy                `json:"imagePullPolicy,omitempty"`
+	Resources             *corev1.ResourceRequirements     `json:"resources,omitempty"`
+	ExistOrGenerateSecret *ExistOrGenerateSecrets          `json:"existOrGenerateSecrets,omitempty"`
+	ImagePullSecrets      *[]corev1.LocalObjectReference   `json:"imagePullSecrets,omitempty"`
+	UpdateStrategy        appsv1.StatefulSetUpdateStrategy `json:"updateStrategy,omitempty"`
+	Service               *ServiceConfig                   `json:"service,omitempty"`
+}
+
+// +kubebuilder:validation:MaxProperties=1
+type ExistOrGenerateSecrets struct {
+	ExistingPasswordSecret *ExistingPasswordSecret `json:"redisSecret,omitempty"`
+	GeneratePasswordSecret *GeneratePassword       `json:"generatePasswordSecret,omitempty"`
 }
 
 // ServiceConfig define the type of service to be created and its annotations
@@ -50,6 +56,12 @@ type ExistingPasswordSecret struct {
 	Key  *string `json:"key,omitempty"`
 }
 
+type GeneratePassword struct {
+	Name      string   `json:"name"`
+	Key       string   `json:"key"`
+	NameSpace []string `json:"namespace,omitempty"`
+}
+
 // Storage is the inteface to add pvc and pv support in redis
 type Storage struct {
 	VolumeClaimTemplate corev1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty"`

@@ -939,6 +939,33 @@ spec:
                 description: KubernetesConfig will be the JSON struct for Basic Redis
                   Config
                 properties:
+                  existOrGenerateSecrets:
+                    maxProperties: 1
+                    properties:
+                      generatePasswordSecret:
+                        properties:
+                          key:
+                            type: string
+                          name:
+                            type: string
+                          namespace:
+                            items:
+                              type: string
+                            type: array
+                        required:
+                        - key
+                        - name
+                        type: object
+                      redisSecret:
+                        description: ExistingPasswordSecret is the struct to access
+                          the existing secret
+                        properties:
+                          key:
+                            type: string
+                          name:
+                            type: string
+                        type: object
+                    type: object
                   image:
                     type: string
                   imagePullPolicy:
@@ -956,15 +983,6 @@ spec:
                           type: string
                       type: object
                     type: array
-                  redisSecret:
-                    description: ExistingPasswordSecret is the struct to access the
-                      existing secret
-                    properties:
-                      key:
-                        type: string
-                      name:
-                        type: string
-                    type: object
                   resources:
                     description: ResourceRequirements describes the compute resource
                       requirements.

@@ -137,6 +137,33 @@ spec:
                 description: KubernetesConfig will be the JSON struct for Basic Redis
                   Config
                 properties:
+                  existOrGenerateSecrets:
+                    maxProperties: 1
+                    properties:
+                      generatePasswordSecret:
+                        properties:
+                          key:
+                            type: string
+                          name:
+                            type: string
+                          namespace:
+                            items:
+                              type: string
+                            type: array
+                        required:
+                        - key
+                        - name
+                        type: object
+                      redisSecret:
+                        description: ExistingPasswordSecret is the struct to access
+                          the existing secret
+                        properties:
+                          key:
+                            type: string
+                          name:
+                            type: string
+                        type: object
+                    type: object
                   image:
                     type: string
                   imagePullPolicy:
@@ -154,15 +181,6 @@ spec:
                           type: string
                       type: object
                     type: array
-                  redisSecret:
-                    description: ExistingPasswordSecret is the struct to access the
-                      existing secret
-                    properties:
-                      key:
-                        type: string
-                      name:
-                        type: string
-                    type: object
                   resources:
                     description: ResourceRequirements describes the compute resource
                       requirements.

@@ -63,6 +63,14 @@ func (r *RedisReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl
 		return ctrl.Result{}, err
 	}
 
+	if instance.Spec.KubernetesConfig.ExistOrGenerateSecret.GeneratePasswordSecret != nil {
+		err = k8sutils.GenerateSecrets(instance.Spec.KubernetesConfig.ExistOrGenerateSecret.GeneratePasswordSecret.Name, instance.Spec.KubernetesConfig.ExistOrGenerateSecret.GeneratePasswordSecret.NameSpace, instance.Spec.KubernetesConfig.ExistOrGenerateSecret.GeneratePasswordSecret.Key)
+		if err != nil {
+			reqLogger.Error(err, "Failed to create the Secrets")
+			return ctrl.Result{RequeueAfter: time.Second * 10}, err
+		}
+	}
+
 	err = k8sutils.CreateStandaloneRedis(instance)
 	if err != nil {
 		return ctrl.Result{}, err

@@ -70,6 +70,14 @@ func (r *RedisClusterReconciler) Reconcile(ctx context.Context, req ctrl.Request
 		return ctrl.Result{RequeueAfter: time.Second * 60}, err
 	}
 
+	if instance.Spec.KubernetesConfig.ExistOrGenerateSecret.GeneratePasswordSecret != nil {
+		err = k8sutils.GenerateSecrets(instance.Spec.KubernetesConfig.ExistOrGenerateSecret.GeneratePasswordSecret.Name, instance.Spec.KubernetesConfig.ExistOrGenerateSecret.GeneratePasswordSecret.NameSpace, instance.Spec.KubernetesConfig.ExistOrGenerateSecret.GeneratePasswordSecret.Key)
+		if err != nil {
+			reqLogger.Error(err, "Failed to create the Secrets")
+			return ctrl.Result{RequeueAfter: time.Second * 10}, err
+		}
+	}
+
 	err = k8sutils.CreateRedisLeader(instance)
 	if err != nil {
 		return ctrl.Result{RequeueAfter: time.Second * 60}, err

@@ -6,6 +6,7 @@ require (
 	github.com/banzaicloud/k8s-objectmatcher v1.7.0
 	github.com/go-logr/logr v1.2.2
 	github.com/go-redis/redis v6.15.9+incompatible
+	github.com/google/uuid v1.3.0
 	github.com/onsi/ginkgo v1.16.5
 	github.com/onsi/gomega v1.17.0
 	k8s.io/api v0.23.0
@@ -35,7 +36,6 @@ require (
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/google/go-cmp v0.5.5 // indirect
 	github.com/google/gofuzz v1.1.0 // indirect
-	github.com/google/uuid v1.1.2 // indirect
 	github.com/googleapis/gnostic v0.5.5 // indirect
 	github.com/imdario/mergo v0.3.12 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect

@@ -260,8 +260,9 @@ github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLe
 github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
 github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y=
 github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
+github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
 github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
 github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg=

@@ -60,11 +60,18 @@ func generateRedisClusterContainerParams(cr *redisv1beta1.RedisCluster, readines
 		AdditionalVolume:    cr.Spec.Storage.VolumeMount.Volume,
 		AdditionalMountPath: cr.Spec.Storage.VolumeMount.MountPath,
 	}
-	if cr.Spec.KubernetesConfig.ExistingPasswordSecret != nil {
+	switch true {
+	case cr.Spec.KubernetesConfig.ExistOrGenerateSecret.ExistingPasswordSecret != nil:
 		containerProp.EnabledPassword = &trueProperty
-		containerProp.SecretName = cr.Spec.KubernetesConfig.ExistingPasswordSecret.Name
-		containerProp.SecretKey = cr.Spec.KubernetesConfig.ExistingPasswordSecret.Key
-	} else {
+		containerProp.SecretName = cr.Spec.KubernetesConfig.ExistOrGenerateSecret.ExistingPasswordSecret.Name
+		containerProp.SecretKey = cr.Spec.KubernetesConfig.ExistOrGenerateSecret.ExistingPasswordSecret.Key
+
+	case cr.Spec.KubernetesConfig.ExistOrGenerateSecret.GeneratePasswordSecret != nil:
+		containerProp.EnabledPassword = &trueProperty
+		containerProp.SecretName = &cr.Spec.KubernetesConfig.ExistOrGenerateSecret.GeneratePasswordSecret.Name
+		containerProp.SecretKey = &cr.Spec.KubernetesConfig.ExistOrGenerateSecret.GeneratePasswordSecret.Key
+
+	default:
 		containerProp.EnabledPassword = &falseProperty
 	}
 	if cr.Spec.RedisExporter != nil {

@@ -108,11 +108,18 @@ func generateRedisStandaloneContainerParams(cr *redisv1beta1.Redis) containerPar
 		AdditionalVolume:    cr.Spec.Storage.VolumeMount.Volume,
 		AdditionalMountPath: cr.Spec.Storage.VolumeMount.MountPath,
 	}
-	if cr.Spec.KubernetesConfig.ExistingPasswordSecret != nil {
+	switch true {
+	case cr.Spec.KubernetesConfig.ExistOrGenerateSecret.ExistingPasswordSecret != nil:
 		containerProp.EnabledPassword = &trueProperty
-		containerProp.SecretName = cr.Spec.KubernetesConfig.ExistingPasswordSecret.Name
-		containerProp.SecretKey = cr.Spec.KubernetesConfig.ExistingPasswordSecret.Key
-	} else {
+		containerProp.SecretName = cr.Spec.KubernetesConfig.ExistOrGenerateSecret.ExistingPasswordSecret.Name
+		containerProp.SecretKey = cr.Spec.KubernetesConfig.ExistOrGenerateSecret.ExistingPasswordSecret.Key
+
+	case cr.Spec.KubernetesConfig.ExistOrGenerateSecret.GeneratePasswordSecret != nil:
+		containerProp.EnabledPassword = &trueProperty
+		containerProp.SecretName = &cr.Spec.KubernetesConfig.ExistOrGenerateSecret.GeneratePasswordSecret.Name
+		containerProp.SecretKey = &cr.Spec.KubernetesConfig.ExistOrGenerateSecret.GeneratePasswordSecret.Key
+
+	default:
 		containerProp.EnabledPassword = &falseProperty
 	}
 	if cr.Spec.RedisExporter != nil {

@@ -103,8 +103,8 @@ func ExecuteRedisClusterCommand(cr *redisv1beta1.RedisCluster) {
 		cmd = CreateMultipleLeaderRedisCommand(cr)
 	}
 
-	if cr.Spec.KubernetesConfig.ExistingPasswordSecret != nil {
-		pass, err := getRedisPassword(cr.Namespace, *cr.Spec.KubernetesConfig.ExistingPasswordSecret.Name, *cr.Spec.KubernetesConfig.ExistingPasswordSecret.Key)
+	if cr.Spec.KubernetesConfig.ExistOrGenerateSecret.ExistingPasswordSecret != nil {
+		pass, err := getRedisPassword(cr.Namespace, *cr.Spec.KubernetesConfig.ExistOrGenerateSecret.ExistingPasswordSecret.Name, *cr.Spec.KubernetesConfig.ExistOrGenerateSecret.ExistingPasswordSecret.Key)
 		if err != nil {
 			logger.Error(err, "Error in getting redis password")
 		}
@@ -141,8 +141,8 @@ func createRedisReplicationCommand(cr *redisv1beta1.RedisCluster, leaderPod Redi
 	}
 	cmd = append(cmd, "--cluster-slave")
 
-	if cr.Spec.KubernetesConfig.ExistingPasswordSecret != nil {
-		pass, err := getRedisPassword(cr.Namespace, *cr.Spec.KubernetesConfig.ExistingPasswordSecret.Name, *cr.Spec.KubernetesConfig.ExistingPasswordSecret.Key)
+	if cr.Spec.KubernetesConfig.ExistOrGenerateSecret.ExistingPasswordSecret != nil {
+		pass, err := getRedisPassword(cr.Namespace, *cr.Spec.KubernetesConfig.ExistOrGenerateSecret.ExistingPasswordSecret.Name, *cr.Spec.KubernetesConfig.ExistOrGenerateSecret.ExistingPasswordSecret.Key)
 		if err != nil {
 			logger.Error(err, "Error in getting redis password")
 		}
@@ -313,8 +313,8 @@ func configureRedisClient(cr *redisv1beta1.RedisCluster, podName string) *redis.
 	}
 	var client *redis.Client
 
-	if cr.Spec.KubernetesConfig.ExistingPasswordSecret != nil {
-		pass, err := getRedisPassword(cr.Namespace, *cr.Spec.KubernetesConfig.ExistingPasswordSecret.Name, *cr.Spec.KubernetesConfig.ExistingPasswordSecret.Key)
+	if cr.Spec.KubernetesConfig.ExistOrGenerateSecret.ExistingPasswordSecret != nil {
+		pass, err := getRedisPassword(cr.Namespace, *cr.Spec.KubernetesConfig.ExistOrGenerateSecret.ExistingPasswordSecret.Name, *cr.Spec.KubernetesConfig.ExistOrGenerateSecret.ExistingPasswordSecret.Key)
 		if err != nil {
 			logger.Error(err, "Error in getting redis password")
 		}