From f8f2b2574d492202a65cedcb4f3fef82929d33fa Mon Sep 17 00:00:00 2001 From: Daniel Hougaard <62331820+DanielHougaard@users.noreply.github.com> Date: Wed, 6 Mar 2024 02:21:16 +0100 Subject: [PATCH] Feat: Machine Identity support (types) --- .../controllers/infisicalsecret_helper.go | 3 +- k8-operator/packages/api/models.go | 40 +++++++++++++++++++ 2 files changed, 41 insertions(+), 2 deletions(-) diff --git a/k8-operator/controllers/infisicalsecret_helper.go b/k8-operator/controllers/infisicalsecret_helper.go index 9de1121fd6..622d1fa5da 100644 --- a/k8-operator/controllers/infisicalsecret_helper.go +++ b/k8-operator/controllers/infisicalsecret_helper.go @@ -6,7 +6,6 @@ import ( "strings" "github.com/Infisical/infisical/k8-operator/api/v1alpha1" - "github.com/Infisical/infisical/k8-operator/packages/api" "github.com/Infisical/infisical/k8-operator/packages/model" "github.com/Infisical/infisical/k8-operator/packages/util" corev1 "k8s.io/api/core/v1" @@ -303,7 +302,7 @@ func (r *InfisicalSecretReconciler) ReconcileInfisicalSecret(ctx context.Context // } var plainTextSecretsFromApi []model.SingleEnvironmentVariable - var updateAttributes api.UpdateAttributes + var updateAttributes model.UpdateAttributes if authStrategy == AuthStrategy.SERVICE_ACCOUNT { // Service Account plainTextSecretsFromApi, updateAttributes, err = util.GetPlainTextSecretsViaServiceAccount(serviceAccountCreds, infisicalSecret.Spec.Authentication.ServiceAccount.ProjectId, infisicalSecret.Spec.Authentication.ServiceAccount.EnvironmentName, secretVersionBasedOnETag) diff --git a/k8-operator/packages/api/models.go b/k8-operator/packages/api/models.go index a72ccfc499..fa618791b9 100644 --- a/k8-operator/packages/api/models.go +++ b/k8-operator/packages/api/models.go @@ -65,6 +65,17 @@ type EncryptedSecretV3 struct { UpdatedAt time.Time `json:"updatedAt"` } +type DecryptedSecretV3 struct { + ID string `json:"id"` + Workspace string `json:"workspace"` + Environment string `json:"environment"` + Version int `json:"version"` + Type string `json:"string"` + SecretKey string `json:"secretKey"` + SecretValue string `json:"secretValue"` + SecretComment string `json:"secretComment"` +} + type ImportedSecretV3 struct { Environment string `json:"environment"` FolderId string `json:"folderId"` @@ -79,6 +90,19 @@ type GetEncryptedSecretsV3Response struct { ETag string `json:"ETag,omitempty"` } +type GetDecryptedSecretsV3Response struct { + Secrets []DecryptedSecretV3 `json:"secrets"` + ETag string `json:"ETag,omitempty"` + Modified bool `json:"modified,omitempty"` +} + +type GetDecryptedSecretsV3Request struct { + ProjectID string `json:"projectId"` + Environment string `json:"environment"` + SecretPath string `json:"secretPath"` + ETag string `json:"etag,omitempty"` +} + type GetServiceTokenDetailsResponse struct { ID string `json:"_id"` Name string `json:"name"` @@ -101,6 +125,13 @@ type ServiceAccountDetailsResponse struct { } `json:"serviceAccount"` } +type MachineIdentityDetailsResponse struct { + AccessToken string `json:"accessToken"` + ExpiresIn int `json:"expiresIn"` + AccessTokenMaxTTL int `json:"accessTokenMaxTTL"` + TokenType string `json:"tokenType"` +} + type ServiceAccountWorkspacePermission struct { ID string `json:"_id"` ServiceAccount string `json:"serviceAccount"` @@ -128,6 +159,15 @@ type GetServiceAccountKeysRequest struct { ServiceAccountId string `json:"id"` } +type MachineIdentityUniversalAuthLoginRequest struct { + ClientId string `json:"clientId"` + ClientSecret string `json:"clientSecret"` +} + +type MachineIdentityUniversalAuthRefreshRequest struct { + AccessToken string `json:"accessToken"` +} + type ServiceAccountKey struct { ID string `json:"_id"` EncryptedKey string `json:"encryptedKey"`