Uploaded image for project: 'Service Binding'
  1. Service Binding
  2. APPSVC-1365

ServiceClass: add constant field in SecretRefFields

    XMLWordPrintable

Details

    • Story
    • Resolution: Done
    • Critical
    • Primaza 0.1
    • None
    • Service Binding
    • None
    • 3
    • False
    • None
    • False
    • Hide
      Feature: ServicesClasses can extract RegisteredService from resource-linked secrets

          Scenario: A Service Class creates Registered Services as specified (Constant secretRefField)
              Given On Worker Cluster "worker", Resource is created
                  """
                  apiVersion: stable.example.com/v1
                  kind: Backend
                  metadata:
                      name: $scenario_id
                      namespace: services
                  spec:
                      fromSecret:
                      - secretName: $scenario_id-sec
                        secretKey: internal-host
                  ---
                  apiVersion: v1
                  kind: Secret
                  metadata:
                      name: $scenario_id-sec
                      namespace: services
                  stringData:
                      internal-host: internal.db.stable.example.com
                  """
              When On Worker Cluster "worker", Resource is created
                  """
                  apiVersion: primaza.io/v1alpha1
                  kind: ServiceClass
                  metadata:
                      name: $scenario_id-serviceclass
                      namespace: services
                  spec:
                      constraints: {}
                      resource:
                          apiVersion: stable.example.com/v1
                          kind: Backend
                          serviceEndpointDefinitionMappings:
                              secretRefFields:
                              - name: host
                                secretName:
                                  constant: $scenario_id-sec
                                secretKey:
                                  constant: internal-host
                      serviceClassIdentity:
                        - name: type
                          value: backend
                        - name: provider
                          value: stable.example.com
                        - name: version
                          value: v1
                  """
              Then The resource registeredservices.primaza.io/$scenario_id:primaza-system is available in cluster "main"
              And jsonpath ".spec.serviceEndpointDefinition[0]" on "registeredservices.primaza.io/$scenario_id:primaza-system" in cluster main is "{"name": "host", "valueFromSecret": {"key": "host", "name": "$scenario_id-descriptor"}}"
              And The resource secrets/$scenario_id-descriptor:primaza-system is available in cluster "main"
              And jsonpath ".data.host" on "secrets/$scenario_id-descriptor:primaza-system" in cluster main is ""aW50ZXJuYWwuZGIuc3RhYmxlLmV4YW1wbGUuY29t""
      Show
      Feature: ServicesClasses can extract RegisteredService from resource-linked secrets     Scenario: A Service Class creates Registered Services as specified (Constant secretRefField)         Given On Worker Cluster "worker", Resource is created             """             apiVersion: stable.example.com/v1             kind: Backend             metadata:                 name: $scenario_id                 namespace: services             spec:                 fromSecret:                 - secretName: $scenario_id-sec                   secretKey: internal-host             ---             apiVersion: v1             kind: Secret             metadata:                 name: $scenario_id-sec                 namespace: services             stringData:                 internal-host: internal.db.stable.example.com             """         When On Worker Cluster "worker", Resource is created             """             apiVersion: primaza.io/v1alpha1             kind: ServiceClass             metadata:                 name: $scenario_id-serviceclass                 namespace: services             spec:                 constraints: {}                 resource:                     apiVersion: stable.example.com/v1                     kind: Backend                     serviceEndpointDefinitionMappings:                         secretRefFields:                         - name: host                           secretName:                             constant: $scenario_id-sec                           secretKey:                             constant: internal-host                 serviceClassIdentity:                   - name: type                     value: backend                   - name: provider                     value: stable.example.com                   - name: version                     value: v1             """         Then The resource registeredservices.primaza.io/$scenario_id:primaza-system is available in cluster "main"         And jsonpath ".spec.serviceEndpointDefinition[0]" on "registeredservices.primaza.io/$scenario_id:primaza-system" in cluster main is "{"name": "host", "valueFromSecret": {"key": "host", "name": "$scenario_id-descriptor"}}"         And The resource secrets/$scenario_id-descriptor:primaza-system is available in cluster "main"         And jsonpath ".data.host" on "secrets/$scenario_id-descriptor:primaza-system" in cluster main is ""aW50ZXJuYWwuZGIuc3RhYmxlLmV4YW1wbGUuY29t""
    • AppSvc Sprint 238, AppSvc Sprint 239

    Description

      Owner: Architect:

      Francesco Ilario

      Story (Required)

      As a Primaza Administrator,
      I would like to create ServiceClasses that express the reference to a secrets field by the mean of constants
      so that I can reference non-spec referenced secrets

      Background (Required)

      Actually only Secrets referenced from ServiceClasses specification can be used for extracting data.
      We want to provide the user the possibility to say use this secret or that secret field that I'm explicitly targeting in ServiceClass spec.

      See epic for arch document link.

      Glossary

      See glossary in architecture document

      Out of scope

      NA

      In Scope

      • Constant sub-field in SecretRefFields structure

      Approach(Required)

      Declare a FieldMapping struct like the following:

      // +kubebuilder:validation:MaxProperties:=1
// +kubebuilder:validation:MinProperties:=1
type FieldMapping struct {
    // Constant is a constant value for the field
    Constant *string `json:"constant,omitempty"`
    // JsonPathExpr represents a jsonPath for extracting the field
    JsonPathExpr *string `json:"jsonPath,omitempty"`
}

      and use it in ServiceClassSecretRefFieldMapping for fields SecretName and SecretKey

      Demo requirements(Required)

      NA

      Dependencies

      NA

      Edge Case

      NA

      BDD Tests

      You can find BDD Test specification for this story in the "Testing Instruction" Field Tab or in the GitHub Issue linked to this story.
      Click here for all BDD Tests Issues.

      Acceptance Criteria

      • Development
        FieldMapping is used in ServiceClass' SecretRefField
      • QE
        There are test cases for Constant value in ServiceClass' SecretRefField
      • Docs
        There is a section in our docs dedicated to explaining how SecretRefField extraction works
        Update architecture document with any changes while implementing

      INVEST Checklist

      Dependencies identified
      Blockers noted and expected delivery timelines set
      Design is implementable
      Acceptance criteria agreed upon
      Story estimated

      Legend

      Unknown
      Verified
      Unsatisfied

      Attachments

        Activity

          People

            rh-ee-filario Francesco Ilario
            rh-ee-filario Francesco Ilario
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: