From c0fc47b8e163526b75c018e941c374ca187eaaba Mon Sep 17 00:00:00 2001 From: GokulBansal0 Date: Thu, 30 Jan 2025 10:52:30 +0530 Subject: [PATCH] feat: [PL-58641]: oidc support for gcp sm and kms (#633) * feat: [PL-58641]: oidc support for gcp sm and kms * feat: [PL-58641]: add oidc support for gcp sm and gcp kms * feat: [PL-58641]: add oidc support for gcp sm and gcp kms --- harness/nextgen/model_connector_info.go | 1 + .../model_connector_info_serializer.go | 4 ++++ harness/nextgen/model_gcp_kms_connector.go | 14 +++++++++---- ...idc_token_exchange_details_for_delegate.go | 20 +++++++++++++++++++ harness/nextgen/model_gcp_secret_manager.go | 14 +++++++++---- .../model_oidc_access_token_options.go | 14 +++++++++++++ .../model_oidc_chartmuseum_gcp_config.go | 18 +++++++++++++++++ ...odel_oidc_workload_access_token_request.go | 20 +++++++++++++++++++ 8 files changed, 97 insertions(+), 8 deletions(-) create mode 100644 harness/nextgen/model_gcp_oidc_token_exchange_details_for_delegate.go create mode 100644 harness/nextgen/model_oidc_access_token_options.go create mode 100644 harness/nextgen/model_oidc_chartmuseum_gcp_config.go create mode 100644 harness/nextgen/model_oidc_workload_access_token_request.go diff --git a/harness/nextgen/model_connector_info.go b/harness/nextgen/model_connector_info.go index 4d9ff6ae..051e6cfd 100644 --- a/harness/nextgen/model_connector_info.go +++ b/harness/nextgen/model_connector_info.go @@ -48,6 +48,7 @@ type ConnectorInfo struct { Dynatrace *DynatraceConnectorDto `json:"-"` Gcp *GcpConnector `json:"-"` GcpCloudCost *GcpCloudCostConnectorDto `json:"-"` + GcpKms *GcpKmsConnector `json:"-"` Git *GitConfig `json:"-"` Github *GithubConnector `json:"-"` Gitlab *GitlabConnector `json:"-"` diff --git a/harness/nextgen/model_connector_info_serializer.go b/harness/nextgen/model_connector_info_serializer.go index b701c217..41928e34 100644 --- a/harness/nextgen/model_connector_info_serializer.go +++ b/harness/nextgen/model_connector_info_serializer.go @@ -91,6 +91,8 @@ func (a *ConnectorInfo) UnmarshalJSON(data []byte) error { err = json.Unmarshal(aux.Spec, &a.SumoLogic) case ConnectorTypes.GcpSecretManager: err = json.Unmarshal(aux.Spec, &a.GcpSecretManager) + case ConnectorTypes.GcpKms: + err = json.Unmarshal(aux.Spec, &a.GcpKms) case ConnectorTypes.Spot: err = json.Unmarshal(aux.Spec, &a.Spot) case ConnectorTypes.ServiceNow: @@ -191,6 +193,8 @@ func (a *ConnectorInfo) MarshalJSON() ([]byte, error) { spec, err = json.Marshal(a.SumoLogic) case ConnectorTypes.GcpSecretManager: spec, err = json.Marshal(a.GcpSecretManager) + case ConnectorTypes.GcpKms: + spec, err = json.Marshal(a.GcpKms) case ConnectorTypes.Spot: spec, err = json.Marshal(a.Spot) case ConnectorTypes.ServiceNow: diff --git a/harness/nextgen/model_gcp_kms_connector.go b/harness/nextgen/model_gcp_kms_connector.go index 0a1d7450..7c32313d 100644 --- a/harness/nextgen/model_gcp_kms_connector.go +++ b/harness/nextgen/model_gcp_kms_connector.go @@ -18,9 +18,15 @@ type GcpKmsConnector struct { // Name of the Key Ring where Google Cloud Symmetric Key is created. KeyRing string `json:"keyRing"` // Name of the Google Cloud Symmetric Key. - KeyName string `json:"keyName"` - Credentials string `json:"credentials"` + KeyName string `json:"keyName"` + // File Secret which is Service Account Key. + Credentials string `json:"credentials,omitempty"` // List of Delegate Selectors that belong to the same Delegate and are used to connect to the Secret Manager. - DelegateSelectors []string `json:"delegateSelectors,omitempty"` - Default_ bool `json:"default,omitempty"` + DelegateSelectors []string `json:"delegateSelectors,omitempty"` + OidcDetails *GcpOidcDetails `json:"oidcDetails,omitempty"` + IgnoreTestConnection bool `json:"ignoreTestConnection,omitempty"` + // Should the secret manager execute operations on the delegate, or via Harness platform + ExecuteOnDelegate bool `json:"executeOnDelegate"` + Default_ bool `json:"default"` + ConnectorType string `json:"connectorType"` } diff --git a/harness/nextgen/model_gcp_oidc_token_exchange_details_for_delegate.go b/harness/nextgen/model_gcp_oidc_token_exchange_details_for_delegate.go new file mode 100644 index 00000000..dba52175 --- /dev/null +++ b/harness/nextgen/model_gcp_oidc_token_exchange_details_for_delegate.go @@ -0,0 +1,20 @@ +/* + * Harness NextGen Software Delivery Platform API Reference + * + * This is the Open Api Spec 3 for the NextGen Manager. This is under active development. Beware of the breaking change with respect to the generated code stub + * + * API version: 3.0 + * Contact: contact@harness.io + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ +package nextgen + +type GcpOidcTokenExchangeDetailsForDelegate struct { + OidcIdToken string `json:"oidcIdToken,omitempty"` + OidcAccessTokenStsEndpoint string `json:"oidcAccessTokenStsEndpoint,omitempty"` + OidcAccessTokenIamSaEndpoint string `json:"oidcAccessTokenIamSaEndpoint,omitempty"` + GcpServiceAccountEmail string `json:"gcpServiceAccountEmail,omitempty"` + OidcWorkloadAccessTokenRequestStructure *OidcWorkloadAccessTokenRequest `json:"oidcWorkloadAccessTokenRequestStructure,omitempty"` + OidcChartmuseumGcpConfigStructure *OidcChartmuseumGcpConfig `json:"oidcChartmuseumGcpConfigStructure,omitempty"` + IdTokenExpiryTime int64 `json:"idTokenExpiryTime,omitempty"` +} diff --git a/harness/nextgen/model_gcp_secret_manager.go b/harness/nextgen/model_gcp_secret_manager.go index a79f68b3..01882ce9 100644 --- a/harness/nextgen/model_gcp_secret_manager.go +++ b/harness/nextgen/model_gcp_secret_manager.go @@ -11,11 +11,17 @@ package nextgen // This contains details of GCP Secret Manager type GcpSecretManager struct { - ConnectorType string `json:"connectorType"` - IsDefault bool `json:"isDefault,omitempty"` // Reference to the secret containing credentials of IAM service account for Google Secret Manager - CredentialsRef string `json:"credentialsRef"` + CredentialsRef string `json:"credentialsRef,omitempty"` // List of Delegate Selectors that belong to the same Delegate and are used to connect to the Secret Manager. DelegateSelectors []string `json:"delegateSelectors,omitempty"` - Default_ bool `json:"default,omitempty"` + // Should the secret manager execute operations on the delegate, or via Harness platform + ExecuteOnDelegate bool `json:"executeOnDelegate"` + // Boolean value to indicate that Credentials are taken from the Delegate. + AssumeCredentialsOnDelegate bool `json:"assumeCredentialsOnDelegate"` + Credential *GcpConnectorCredential `json:"credential,omitempty"` + GcpOidcTokenExchangeDetailsForDelegate *GcpOidcTokenExchangeDetailsForDelegate `json:"gcpOidcTokenExchangeDetailsForDelegate,omitempty"` + IgnoreTestConnection bool `json:"ignoreTestConnection,omitempty"` + Default_ bool `json:"default"` + ConnectorType string `json:"connectorType"` } diff --git a/harness/nextgen/model_oidc_access_token_options.go b/harness/nextgen/model_oidc_access_token_options.go new file mode 100644 index 00000000..960c8588 --- /dev/null +++ b/harness/nextgen/model_oidc_access_token_options.go @@ -0,0 +1,14 @@ +/* + * Harness NextGen Software Delivery Platform API Reference + * + * This is the Open Api Spec 3 for the NextGen Manager. This is under active development. Beware of the breaking change with respect to the generated code stub + * + * API version: 3.0 + * Contact: contact@harness.io + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ +package nextgen + +type OidcAccessTokenOptions struct { + UserProject string `json:"userProject,omitempty"` +} diff --git a/harness/nextgen/model_oidc_chartmuseum_gcp_config.go b/harness/nextgen/model_oidc_chartmuseum_gcp_config.go new file mode 100644 index 00000000..44a39d66 --- /dev/null +++ b/harness/nextgen/model_oidc_chartmuseum_gcp_config.go @@ -0,0 +1,18 @@ +/* + * Harness NextGen Software Delivery Platform API Reference + * + * This is the Open Api Spec 3 for the NextGen Manager. This is under active development. Beware of the breaking change with respect to the generated code stub + * + * API version: 3.0 + * Contact: contact@harness.io + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ +package nextgen + +type OidcChartmuseumGcpConfig struct { + Type_ string `json:"type,omitempty"` + Audience string `json:"audience,omitempty"` + SubjectTokenType string `json:"subject_token_type,omitempty"` + TokenUrl string `json:"token_url,omitempty"` + ServiceAccountImpersonationUrl string `json:"service_account_impersonation_url,omitempty"` +} diff --git a/harness/nextgen/model_oidc_workload_access_token_request.go b/harness/nextgen/model_oidc_workload_access_token_request.go new file mode 100644 index 00000000..ed842813 --- /dev/null +++ b/harness/nextgen/model_oidc_workload_access_token_request.go @@ -0,0 +1,20 @@ +/* + * Harness NextGen Software Delivery Platform API Reference + * + * This is the Open Api Spec 3 for the NextGen Manager. This is under active development. Beware of the breaking change with respect to the generated code stub + * + * API version: 3.0 + * Contact: contact@harness.io + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ +package nextgen + +type OidcWorkloadAccessTokenRequest struct { + Audience string `json:"audience,omitempty"` + GrantType string `json:"grant_type,omitempty"` + RequestedTokenType string `json:"requested_token_type,omitempty"` + Scope string `json:"scope,omitempty"` + SubjectTokenType string `json:"subject_token_type,omitempty"` + SubjectToken string `json:"subject_token,omitempty"` + Options *OidcAccessTokenOptions `json:"options,omitempty"` +}