search

crossplane-contrib / provider-argocd

Crossplane provider to provision and manage Argo CD objects
Apache License 2.0
68 stars 35 forks source link

WIP Automatic token creation #130

Closed nabuskey closed 4 months ago

nabuskey commented 8 months ago

This is still a WIP but wanted to get some feedback before I invest any more time.

The provider config spec is a bit difficult to expand without introducing weirdness in spec so I've opted to a implicit approach. If this doesn't work let me know.

This implements a wrapper controller for Provider Config.

Flow is:

  1. If the provider config credentials (Spec.Credentials.SecretRef.Key) specifies "username", then:
  2. Extract username and password from the secret.
  3. Get a session token using the credentials step 2.
  4. If an ArgoCD API token with a specific ID doesn't exist, then create one.
  5. Store the session token in a new secret in the same namespace as the one specified in provider config.
  6. Update the status field with secret ref information.
  7. The rest is same as before.

Does this apprach look okay to you?

Fixes #13

I have:

How has this code been tested

MisterMX commented 7 months ago

I am very unsure about introducing a special behaviour in Spec.Credentials.SecretRef.Key because it requires users to know implementation details of this provider. Furthermore it is not longer possible to reference a token from a generic username field.

With https://github.com/crossplane-contrib/provider-argocd/pull/66 we are providing support for kubeconfig authentication. Does that suffice your use case?

If not we should make the API more explicit by adding some kind of CredentialsType parameter and have username and password extracted from a single key, i.e. as base64 encoded string or as a configuration file (https://github.com/crossplane-contrib/provider-aws is extracting the credentials from a .ini file).

github-actions[bot] commented 4 months ago

Crossplane does not currently have enough maintainers to address every issue and pull request. This pull request has been automatically marked as stale because it has had no activity in the last 90 days. It will be closed in 7 days if no further activity occurs. closed in 7 days if no further activity occurs. Adding a comment starting with /fresh will mark this PR as not stale.

nabuskey commented 4 months ago

Sorry for the late reply. I would like to work on this but maybe sometime in the future when I have more time. I will close this for now.

joebowbeer commented 4 months ago

@nabuskey Given that Issue #13 was fixed by #66, what remains to be done?