Introduce actions

Dockerfile

@@ -15,6 +15,7 @@ RUN go mod download
 COPY main.go main.go
 COPY api/ api/
 COPY controllers/ controllers/
+COPY client/ client/
 
 # Build
 # the GOARCH has not a default value to allow the binary be built according to the host where the command

PROJECT

@@ -20,4 +20,49 @@ resources:
   kind: Securesign
   path: github.com/securesign/operator/api/v1alpha1
   version: v1alpha1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: redhat.com
+  group: rhtas
+  kind: Fulcio
+  path: github.com/securesign/operator/api/v1alpha1
+  version: v1alpha1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: redhat.com
+  group: rhtas
+  kind: Trillian
+  path: github.com/securesign/operator/api/v1alpha1
+  version: v1alpha1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: redhat.com
+  group: rhtas
+  kind: Rekor
+  path: github.com/securesign/operator/api/v1alpha1
+  version: v1alpha1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: redhat.com
+  group: rhtas
+  kind: Tuf
+  path: github.com/securesign/operator/api/v1alpha1
+  version: v1alpha1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: redhat.com
+  group: rhtas
+  kind: CTlog
+  path: github.com/securesign/operator/api/v1alpha1
+  version: v1alpha1
 version: "3"

api/v1alpha1/ctlog_types.go

@@ -0,0 +1,42 @@
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
+// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
+
+// CTlogSpec defines the desired state of CTlog
+type CTlogSpec struct {
+}
+
+// CTlogStatus defines the observed state of CTlog
+type CTlogStatus struct {
+	Phase Phase `json:"phase"`
+}
+
+//+kubebuilder:object:root=true
+//+kubebuilder:subresource:status
+
+// CTlog is the Schema for the ctlogs API
+type CTlog struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   CTlogSpec   `json:"spec,omitempty"`
+	Status CTlogStatus `json:"status,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+
+// CTlogList contains a list of CTlog
+type CTlogList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []CTlog `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&CTlog{}, &CTlogList{})
+}

api/v1alpha1/fulcio_types.go

@@ -0,0 +1,52 @@
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
+// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
+
+// FulcioSpec defines the desired state of Fulcio
+type FulcioSpec struct {
+	External    bool                  `json:"external,omitempty"`
+	KeySecret   string                `json:"keySecret,omitempty"`
+	OidcIssuers map[string]OidcIssuer `json:"oidcIssuers,omitempty"`
+}
+
+type OidcIssuer struct {
+	ClientID  string `json:"ClientID"`
+	IssuerURL string `json:"IssuerURL"`
+	Type      string `json:"Type"`
+}
+
+// FulcioStatus defines the observed state of Fulcio
+type FulcioStatus struct {
+	Url   string `json:"url,omitempty"`
+	Phase Phase  `json:"Phase,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+//+kubebuilder:subresource:status
+
+// Fulcio is the Schema for the fulcios API
+type Fulcio struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   FulcioSpec   `json:"spec,omitempty"`
+	Status FulcioStatus `json:"status,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+
+// FulcioList contains a list of Fulcio
+type FulcioList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []Fulcio `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&Fulcio{}, &FulcioList{})
+}

api/v1alpha1/phase.go

@@ -0,0 +1,12 @@
+package v1alpha1
+
+type Phase string
+
+const (
+	PhaseNone             Phase = ""
+	PhaseInitialization   Phase = "Initialization"
+	PhaseReady            Phase = "Ready"
+	PhasePending          Phase = "Pending"
+	PhaseError            Phase = "Error"
+	PhaseDuplicitResource       = "DuplicitResource"
+)

api/v1alpha1/rekor_types.go

@@ -0,0 +1,46 @@
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
+// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
+
+// RekorSpec defines the desired state of Rekor
+type RekorSpec struct {
+	External  bool   `json:"external,omitempty"`
+	KeySecret string `json:"keySecret,omitempty"`
+	PvcName   string `json:"pvcName,omitempty"`
+}
+
+// RekorStatus defines the observed state of Rekor
+type RekorStatus struct {
+	Url   string `json:"url,omitempty"`
+	Phase Phase  `json:"phase,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+//+kubebuilder:subresource:status
+
+// Rekor is the Schema for the rekors API
+type Rekor struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   RekorSpec   `json:"spec,omitempty"`
+	Status RekorStatus `json:"status,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+
+// RekorList contains a list of Rekor
+type RekorList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []Rekor `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&Rekor{}, &RekorList{})
+}

api/v1alpha1/securesign_types.go

@@ -41,17 +41,22 @@ type SecuresignSpec struct {
 	// Important: Run "make" to regenerate code after modifying this file
 
 	// Foo is an example field of Securesign. Edit securesign_types.go to remove/update
-	FulcioPublicKey  string `json:"fulcioPublicKey,omitempty"`
-	FulcioPrivateKey string `json:"fulcioPrivateKey,omitempty"`
-	FulcioCert       string `json:"fulcioCert,omitempty"`
-	FulcioPassword   string `json:"fulcioPassword,omitempty"`
-	RekorPrivateKey  string `json:"rekorPrivateKey,omitempty"`
+	Rekor    RekorSpec    `json:"rekor"`
+	Fulcio   FulcioSpec   `json:"fulcio"`
+	Trillian TrillianSpec `json:"trillian"`
+	Tuf      TufSpec      `json:"tuf"`
+	Ctlog    CTlogSpec    `json:"ctlog,omitempty"`
 }
 
 // SecuresignStatus defines the observed state of Securesign
 type SecuresignStatus struct {
 	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
 	// Important: Run "make" to regenerate code after modifying this file
+	Trillian string `json:"trillian"`
+	Fulcio   string `json:"fulcio"`
+	Tuf      string `json:"tuf"`
+	CTlog    string `json:"ctlog"`
+	Rekor    string `json:"rekor"`
 }
 
 //+kubebuilder:object:root=true

api/v1alpha1/trillian_types.go

@@ -0,0 +1,68 @@
+/*
+Copyright 2023.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
+// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
+
+// TrillianSpec defines the desired state of Trillian
+type TrillianSpec struct {
+	// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
+	// Important: Run "make" to regenerate code after modifying this file
+
+	// Foo is an example field of Trillian. Edit trillian_types.go to remove/update
+	LogSignerImage string `json:"logSignerImage,omitempty"`
+	ServerImage    string `json:"serverImage,omitempty"`
+	DbImage        string `json:"dbImage,omitempty"`
+	PvcName        string `json:"pvcName,omitempty"`
+}
+
+// TrillianStatus defines the observed state of Trillian
+type TrillianStatus struct {
+	Phase Phase `json:"Phase"`
+	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
+	// Important: Run "make" to regenerate code after modifying this file
+}
+
+//+kubebuilder:object:root=true
+//+kubebuilder:subresource:status
+
+// Trillian is the Schema for the trillians API
+type Trillian struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   TrillianSpec   `json:"spec,omitempty"`
+	Status TrillianStatus `json:"status,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+
+// TrillianList contains a list of Trillian
+type TrillianList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []Trillian `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&Trillian{}, &TrillianList{})
+}

api/v1alpha1/tuf_types.go

@@ -0,0 +1,45 @@
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
+// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
+
+// TufSpec defines the desired state of Tuf
+type TufSpec struct {
+	External bool   `json:"external,omitempty"`
+	Image    string `json:"image,omitempty"`
+}
+
+// TufStatus defines the observed state of Tuf
+type TufStatus struct {
+	Url   string `json:"url,omitempty"`
+	Phase Phase  `json:"Phase"`
+}
+
+//+kubebuilder:object:root=true
+//+kubebuilder:subresource:status
+
+// Tuf is the Schema for the tufs API
+type Tuf struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   TufSpec   `json:"spec,omitempty"`
+	Status TufStatus `json:"status,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+
+// TufList contains a list of Tuf
+type TufList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []Tuf `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&Tuf{}, &TufList{})
+}