Uploaded image for project: 'Service Binding'
  1. Service Binding
  2. APPSVC-1365

ServiceClass: add constant field in SecretRefFields

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Critical Critical
    • Primaza 0.1
    • None
    • Service Binding
    • None
    • 3
    • False
    • Hide

      None

      Show
      None
    • False
    • Hide

      Feature: ServicesClasses can extract RegisteredService from resource-linked secrets

      Scenario: A Service Class creates Registered Services as specified (Constant secretRefField)
      Given On Worker Cluster "worker", Resource is created
      """
      apiVersion: stable.example.com/v1
      kind: Backend
      metadata:
      name: $scenario_id
      namespace: services
      spec:
      fromSecret:

      • secretName: $scenario_id-sec
        secretKey: internal-host

        apiVersion: v1
        kind: Secret
        metadata:
        name: $scenario_id-sec
        namespace: services
        stringData:
        internal-host: internal.db.stable.example.com
        """
        When On Worker Cluster "worker", Resource is created
        """
        apiVersion: primaza.io/v1alpha1
        kind: ServiceClass
        metadata:
        name: $scenario_id-serviceclass
        namespace: services
        spec:
        constraints: {}
        resource:
        apiVersion: stable.example.com/v1
        kind: Backend
        serviceEndpointDefinitionMappings:
        secretRefFields:
      • name: host
        secretName:
        constant: $scenario_id-sec
        secretKey:
        constant: internal-host
        serviceClassIdentity:
      • name: type
        value: backend
      • name: provider
        value: stable.example.com
      • name: version
        value: v1
        """
        Then The resource registeredservices.primaza.io/$scenario_id:primaza-system is available in cluster "main"
        And jsonpath ".spec.serviceEndpointDefinition[0]" on "registeredservices.primaza.io/$scenario_id:primaza-system" in cluster main is "{"name": "host", "valueFromSecret": {"key": "host", "name": "$scenario_id-descriptor"}}"
        And The resource secrets/$scenario_id-descriptor:primaza-system is available in cluster "main"
        And jsonpath ".data.host" on "secrets/$scenario_id-descriptor:primaza-system" in cluster main is ""aW50ZXJuYWwuZGIuc3RhYmxlLmV4YW1wbGUuY29t""
      Show
      Feature: ServicesClasses can extract RegisteredService from resource-linked secrets Scenario: A Service Class creates Registered Services as specified (Constant secretRefField) Given On Worker Cluster "worker", Resource is created """ apiVersion: stable.example.com/v1 kind: Backend metadata: name: $scenario_id namespace: services spec: fromSecret: secretName: $scenario_id-sec secretKey: internal-host — apiVersion: v1 kind: Secret metadata: name: $scenario_id-sec namespace: services stringData: internal-host: internal.db.stable.example.com """ When On Worker Cluster "worker", Resource is created """ apiVersion: primaza.io/v1alpha1 kind: ServiceClass metadata: name: $scenario_id-serviceclass namespace: services spec: constraints: {} resource: apiVersion: stable.example.com/v1 kind: Backend serviceEndpointDefinitionMappings: secretRefFields: name: host secretName: constant: $scenario_id-sec secretKey: constant: internal-host serviceClassIdentity: name: type value: backend name: provider value: stable.example.com name: version value: v1 """ Then The resource registeredservices.primaza.io/$scenario_id:primaza-system is available in cluster "main" And jsonpath ".spec.serviceEndpointDefinition [0] " on "registeredservices.primaza.io/$scenario_id:primaza-system" in cluster main is "{"name": "host", "valueFromSecret": {"key": "host", "name": "$scenario_id-descriptor"}}" And The resource secrets/$scenario_id-descriptor:primaza-system is available in cluster "main" And jsonpath ".data.host" on "secrets/$scenario_id-descriptor:primaza-system" in cluster main is ""aW50ZXJuYWwuZGIuc3RhYmxlLmV4YW1wbGUuY29t""
    • AppSvc Sprint 238, AppSvc Sprint 239

      Owner: Architect:

      Francesco Ilario

      Story (Required)

      As a Primaza Administrator,
      I would like to create ServiceClasses that express the reference to a secrets field by the mean of constants
      so that I can reference non-spec referenced secrets

      Background (Required)

      Actually only Secrets referenced from ServiceClasses specification can be used for extracting data.
      We want to provide the user the possibility to say use this secret or that secret field that I'm explicitly targeting in ServiceClass spec.

      See epic for arch document link.

      Glossary

      See glossary in architecture document

      Out of scope

      NA

      In Scope

      • Constant sub-field in SecretRefFields structure

      Approach(Required)

      Declare a FieldMapping struct like the following:

      // +kubebuilder:validation:MaxProperties:=1
// +kubebuilder:validation:MinProperties:=1
type FieldMapping struct {
    // Constant is a constant value for the field
    Constant *string `json:"constant,omitempty"`
    // JsonPathExpr represents a jsonPath for extracting the field
    JsonPathExpr *string `json:"jsonPath,omitempty"`
}

      and use it in ServiceClassSecretRefFieldMapping for fields SecretName and SecretKey

      Demo requirements(Required)

      NA

      Dependencies

      NA

      Edge Case

      NA

      BDD Tests

      You can find BDD Test specification for this story in the "Testing Instruction" Field Tab or in the GitHub Issue linked to this story.
      Click here for all BDD Tests Issues.

      Acceptance Criteria

      • Development
        FieldMapping is used in ServiceClass' SecretRefField
      • QE
        There are test cases for Constant value in ServiceClass' SecretRefField
      • Docs
        There is a section in our docs dedicated to explaining how SecretRefField extraction works
        Update architecture document with any changes while implementing

      INVEST Checklist

      Dependencies identified
      Blockers noted and expected delivery timelines set
      Design is implementable
      Acceptance criteria agreed upon
      Story estimated

      Legend

      Unknown
      Verified
      Unsatisfied

              rh-ee-filario Francesco Ilario
              rh-ee-filario Francesco Ilario
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: