ACM Controller - DomainValidationOptions in status

[malmanzor]

Is your feature request related to a problem?

I'd like to start using the ACM controller but one issue that I've run into is that the DomainValidationOptions field that is included in the Spec of the resource doesn't contain fields such as the ResourceRecord which houses the CNAME record that needs to be created to validate an ACM certificate. This seems to be due to the DomainValidationOptions field having a different type when a certificate is requested vs when a certificate is described

Describe the solution you'd like I would like the full DomainValidationOptions which includes the ResourceRecord to be included in the Status of the Certificate resource. This way, once a Certificate is created the client that created the Certificate can easily identify the required CNAME records for validation.

Describe alternatives you've considered The client could check the ACM resource using the Certificate ARN but that would be inconvenient.

If the community agrees that this feature would be good to have then I can work on a PR. I've tried adding a new field to generator.yaml but it didn't seem to work and I didn't see the sdkFind function getting updated although the CertificateStatus was updated.

      CertificateDomainValidationOptions:
        is_read_only: true
        from:
          operation: DescribeCertificate
          path: Certificate.DomainValidationOptions

Maybe this is due to the DomainValidationOptions already being present in the Spec ?

[a-hilaly]

@malmanzor Thank you for raising this and wanting to fix it! At first glance I think you might want to use set.from config instead of from.operation (e.g in ec2 https://github.com/aws-controllers-k8s/ec2-controller/blob/main/generator.yaml#L176-L178 )

[malmanzor]

@A-Hilaly thanks for the suggestion. I gave it a try and changed the config in generator.yaml to

     CertificateDomainValidationOptions:
        is_read_only: true
        set:
        - from: DomainValidationOptions

When I regenerated the code the CertificateDomainValidationOptions were removed from the CertificateStatus in certificate.go . I'm not sure what is wrong but I took a look at the documentation for the set option which I found here (I'm not sure that is the right place). My use case seems to be a little different from the documented use case in that I'm trying to configure an object in the status block and I'm trying to set fields that are found in the resource output but not the input. Are those supported for set?

I will keep trying to find a configuration that fits.

[RedbackThomson]

@malmanzor I think you're on the right path. The only thing I could think is missing is that your from is a plural Options rather than Option. If you want an array of those options, then there is a third alternative, which is using custom_field: Like here https://github.com/aws-controllers-k8s/s3-controller/blob/main/generator.yaml#L52C1-L53

[ack-bot]

Issues go stale after 180d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 60d of inactivity and eventually close. If this issue is safe to close now please do so with /close. Provide feedback via https://github.com/aws-controllers-k8s/community. /lifecycle stale

[ack-bot]

Stale issues rot after 60d of inactivity. Mark the issue as fresh with /remove-lifecycle rotten. Rotten issues close after an additional 60d of inactivity. If this issue is safe to close now please do so with /close. Provide feedback via https://github.com/aws-controllers-k8s/community. /lifecycle rotten

[ack-bot]

Issues go stale after 180d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 60d of inactivity and eventually close. If this issue is safe to close now please do so with /close. Provide feedback via https://github.com/aws-controllers-k8s/community. /lifecycle stale