[1.2.x] Support Endpoint certificates and User volumes for Kaniko Job with Volume Context

[renuka-fernando]

Purpose

• Support endpoint certificates through apictl project - fix https://github.com/wso2/k8s-api-operator/issues/596
• Support User volumes for Kaniko - fix https://github.com/wso2/k8s-api-operator/issues/597

Sample exported API from APIM 3.2.0

Products-v1
├── Meta-information
│   ├── api.yaml
│   ├── endpoint_certificates.yaml
│   └── swagger.yaml
└── api_params.yaml

sample API CR

apiVersion: wso2.com/v1alpha1
kind: API
metadata:
  name: test-api-publisher
  namespace: wso2-system
spec:
  definition:
    endpointCertificates:
    - foo-1-ep-crt-1
    interceptors: {}
    swaggerConfigmapNames:
    - foo-1-swagger
    type: swagger
  mode: privateJet
  override: true
  replicas: 1

Sample EP Cert

apiVersion: v1
data:
  alias: cHJvZHVjdHMtLTIy
  certificate.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUzRENDQXNRQ0NRQ1VodU9Jb3VVSGlqQU5CZ2txaGtpRzl3MEJBUXNGQURBd01SVXdFd1lEVlFRS0RBeG1iMjh1WTI5dElFbHVZeTR4RnpBVkJnTlZCQU1NRG5CeWIyUjFZM1J6TFdoMGRIQnpNQjRYRFRJeE1EVXdOREEyTkRZMU1Gb1hEVEl5TURVd05EQTJORFkxTUZvd01ERVZNQk1HQTFVRUNnd01abTl2TG1OdmJTQkpibU11TVJjd0ZRWURWUVFEREE1d2NtOWtkV04wY3kxb2RIUndjekNDQWlJd0RRWUpLb1pJaHZjTkFRRUJCUUFEZ2dJUEFEQ0NBZ29DZ2dJQkFOSmJFMlBhOTMwSWM2UzhMQ1BzN3BqVW9vOFRTNXJKVE11MFIvdExaWmdCS3RIVFhrL29KMUFCU3duRGJXQW4xYVNzbklhY3JmRFI2TkpUQW4zdHpNQmQ0OHhnQXdldGZ2ZkJVaGduSzduMVJLQnVUc0lWSWI0NUJTby93MlQvY3NxcENEUitWNzc2cHNOMjUvaFBUejd4Qmh5WkZoNlNLcTVWYWt1SXNjejRZSit1aHRrTjNNcTdpUlBteGpnN2lZYzUwOXRkU3BERExMaU9tSUppYlpzd0pwSlNURTNnd1gvUUJqeE5EMDg5SVZEMGFCM1JEM1U2VTQ5SmFIamhQWWRhQXZHMXVwK2FGZUNqT2xmTVpPYmRWRUlZYXFYUVhyeGNQYUwzSWQ5NTVxV2RCMmp6TTFtdG9XQXAzS1pKRjRvbDQyREF0dE9GVktSNkp6QWZUMUlQU2FQQVl5Q0F3U09UdVpLRXlmcVI4UldrL3BGa1BuNWNrYTFqVG9pWDVsTGtKUXBWSzRRbllZL0k4NVZvZGFMVjQwRXAvNktYQzgyNjF2QUZRbERpTnJmbTA5N3FhMnVIRHduTFVCazVOT1RFVU5aSVRQM2s3ekdpY1R3VWpyS0JEMGgxamRkK0F4SHc5WTV3QmdSQmN1U245VmJXZ0MxQ2VYZjVrTEZ6NXdCcUlqNUVVOE9ZRExGOUtubFBMM1ZsdzU1WEp4Y2xJZ3dMWUp2RVJhRWxyL3l2bDJqb0R6T252akduWldTb1V3MkY4Q1hGc2tuL0tXL2ZXYmNUaC9KQ2t3MGx1Q3hKUnJIUkMzb0lvZkwyQnR1OVI1OTFQc3ZydzBpMXUxRGU1VGNWdVYwMGJJa2VXVkJDU0E5eVJHRE1aeXlYMVRESlk5RlRnMnQzaGZ5dEFnTUJBQUV3RFFZSktvWklodmNOQVFFTEJRQURnZ0lCQUtmbTB2eUJXcXNST1Y1VDFwTWRBQkpyb3VFQkxjMlNCOFhGd2FxQ3Nxa3ZTSHpFbmtPMjZxWUhpUWZiSzB4U1VVaHdrVTNZSGsvaDAwSE9NT2ttQzV1UXFEQU5uNzljdThEUWlaUTRaaFZORnFPMXRZNk9PaUVnS2NoZGhSMVJ5OFpEdlVOQ0VHaWpMc21nbGlza0JMaDFnMHlLK2dkcXlDZWl2WXMxKzV2UlNtSXBDWmFLLzlpRDUzdWUzekVMc2lMWnprcGh6dEppR3pwdjlsNmo2VnRnVnp4bkZnR0NBWTYrd0RkUG9jVXd1K0c2WTI4OHo5anlHN1dPMi8zcytwN2lPdGcrLzNTbFg1Y1hISWhMZ3I0SzQzRjM1SXh0eFJ6QWlFZmtOcmxvaDJqYUcxeGd6RkxzR2c3L2hsVDlLNEc4RlZ3YlRONUZYRUdqUk1kOGpEVm1oSjV6ZVFUU1hsdU5VUkF2R1FHNlBCakhwY2pEeUR4QjQ4Y3pzWEhOcnJRVlNucjdHUGJKRExiNlJ6aHEzM1VibHJiWUZBOEIwT01IZHFjUjZ6NXdRVEFxUDdwQlVQbkZjajBSSGEwN2VtV1pSZG5DNFN2S0ZiUE1GWXRVT05qaDhFNExuL0pVVm1KaEV6bURsQnNza3ZSTTc5aDRVVjdlcGQzOThlUXBSb0VWU2xpcmY2OWx5bi9oODZUdlNSWVF2d1VNYmhMZ1RJT255bXl3Ukw5MFIzQ0pQTXYrZVhneG5raXYrb2JtckRnLzMxV2cxbnFLMUVUbWlaWldzTXhOK1J4R3c2b3Fhak5qS2VlemYwNnRONTdKRGRIdUhxUzlta3VCZ3A5VmVLY1F6RU9OeUxpTmdzaHBuQnBROS9qYzdDbnFyT1g0UmMvMUVVNVNSM3U1Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=
  hostName: aHR0cHM6Ly9sb2NhbGhvc3QyOjg0NDM=
kind: Secret
metadata:
  name: foo-1-ep-crt-1
  namespace: default
type: Opaque

Sample kaniko User volume

  mgwSecrets: |
   - name: test1secret
     mountLocation: /home/ballerina/test1secret
     subPath: test1secret
     namespace: micro
   - name: test1secretEnv
     asEnvVar: true
     context: kaniko

Documentation

Docs will be updated

Test environment

with private HTTPS registry Docker Desktop