Add token generation

Signed-off-by: Clément Blaise <[email protected]>
crossplane-contrib · Jul 17, 2024 · 70c1ba8 · 70c1ba8
1 parent 72a5615
commit 70c1ba8
Show file tree

Hide file tree

Showing 8 changed files with 609 additions and 25 deletions.
diff --git a/apis/projects/v1alpha1/types.go b/apis/projects/v1alpha1/types.go
@@ -113,6 +113,27 @@ type ProjectRole struct {
 	// Groups are a list of OIDC group claims bound to this role
 	// +optional
 	Groups []string `json:"groups,omitempty"`
+	// Tokens are a list of tokens to generate
+	// +optional
+	Tokens []ProjectToken `json:"tokens,omitempty"`
+}
+
+// ProjectToken holds the configuration for a Token
+type ProjectToken struct {
+	// ID is an id for the token
+	ID string `json:"id"`
+	// Description is a description for the token
+	// +optional
+	Description *string `json:"description,omitempty"`
+	// Duration before the token will expire. Valid time units are `s`, `m`, `h` and `d` E.g. 12h, 7d. No expiration if not set.
+	// +optional
+	ExpiresIn *string `json:"expiresIn,omitempty"`
+	// Duration to control token regeneration based on token age. Valid time units are `s`, `m`, `h` and `d`.
+	// +optional
+	RenewAfter *string `json:"renewAfter,omitempty"`
+	// Duration to control token regeneration based on remaining token lifetime. Valid time units are `s`, `m`, `h` and `d`.
+	// +optional
+	RenewBefore *string `json:"renewBefore,omitempty"`
 }
 
 // JWTToken holds the issuedAt and expiresAt values of a token

diff --git a/apis/projects/v1alpha1/zz_generated.deepcopy.go b/apis/projects/v1alpha1/zz_generated.deepcopy.go
diff --git a/go.mod b/go.mod
@@ -8,6 +8,7 @@ replace github.com/argoproj/gitops-engine v0.7.1-0.20230607163028-425d65e07695 =
 require (
 	github.com/argoproj/argo-cd/v2 v2.8.19
 	github.com/argoproj/gitops-engine v0.7.1-0.20230607163028-425d65e07695
+	github.com/argoproj/pkg v0.13.7-0.20230626144333-d56162821bd1
 	github.com/crossplane/crossplane-runtime v1.16.0
 	github.com/crossplane/crossplane-tools v0.0.0-20230925130601-628280f8bf79
 	github.com/golang/mock v1.6.0
@@ -36,7 +37,6 @@ require (
 	github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 // indirect
 	github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 // indirect
 	github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 // indirect
-	github.com/argoproj/pkg v0.13.7-0.20230626144333-d56162821bd1 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/blang/semver/v4 v4.0.0 // indirect
 	github.com/bmatcuk/doublestar/v4 v4.6.0 // indirect

diff --git a/package/crds/projects.argocd.crossplane.io_projects.yaml b/package/crds/projects.argocd.crossplane.io_projects.yaml
@@ -315,6 +315,38 @@ spec:
                           items:
                             type: string
                           type: array
+                        tokens:
+                          description: Tokens are a list of tokens to generate
+                          items:
+                            description: ProjectToken holds the configuration for
+                              a Token
+                            properties:
+                              description:
+                                description: Description is a description for the
+                                  token
+                                type: string
+                              expiresIn:
+                                description: Duration before the token will expire.
+                                  Valid time units are `s`, `m`, `h` and `d` E.g.
+                                  12h, 7d. No expiration if not set.
+                                type: string
+                              id:
+                                description: ID is an id for the token
+                                type: string
+                              renewAfter:
+                                description: Duration to control token regeneration
+                                  based on token age. Valid time units are `s`, `m`,
+                                  `h` and `d`.
+                                type: string
+                              renewBefore:
+                                description: Duration to control token regeneration
+                                  based on remaining token lifetime. Valid time units
+                                  are `s`, `m`, `h` and `d`.
+                                type: string
+                            required:
+                            - id
+                            type: object
+                          type: array
                       required:
                       - name
                       type: object

diff --git a/pkg/clients/mock/projects/mock.go b/pkg/clients/mock/projects/mock.go
diff --git a/pkg/clients/projects/client.go b/pkg/clients/projects/client.go
@@ -26,6 +26,10 @@ type ProjectServiceClient interface {
 	Update(ctx context.Context, in *project.ProjectUpdateRequest, opts ...grpc.CallOption) (*v1alpha1.AppProject, error)
 	// Delete deletes a project
 	Delete(ctx context.Context, in *project.ProjectQuery, opts ...grpc.CallOption) (*project.EmptyResponse, error)
+	// CreateToken a new project token
+	CreateToken(ctx context.Context, in *project.ProjectTokenCreateRequest, opts ...grpc.CallOption) (*project.ProjectTokenResponse, error)
+	// DeleteToken a new project token
+	DeleteToken(ctx context.Context, in *project.ProjectTokenDeleteRequest, opts ...grpc.CallOption) (*project.EmptyResponse, error)
 }
 
 // NewProjectServiceClient creates a new API client from a set of config options, or fails fatally if the new client creation fails.