Insert refs into existing certificates APIs

Signed-off-by: EdgeJ <[email protected]>
crossplane-contrib · Mar 30, 2022 · 45ef7e0 · 45ef7e0
1 parent efae962
commit 45ef7e0
Show file tree

Hide file tree

Showing 6 changed files with 123 additions and 66 deletions.
diff --git a/apis/elbv2/v1alpha1/custom_types.go b/apis/elbv2/v1alpha1/custom_types.go
@@ -2,6 +2,24 @@ package v1alpha1
 
 import xpv1 "github.com/crossplane/crossplane-runtime/apis/common/v1"
 
+// CustomCertificate includes custom fields about certificates.
+type CustomCertificate struct {
+	// [HTTPS and TLS listeners] The default certificate for the listener.
+	// +optional
+	CertificateARN *string `json:"certificateARN,omitempty"`
+
+	// Reference to Certificates for Certificate ARN
+	// +optional
+	CertificateARNRef *xpv1.Reference `json:"certificateARNRef,omitempty"`
+
+	// Selector for references to Certificate for CertificateArn
+	// +optional
+	CertificateARNSelector *xpv1.Selector `json:"certificateARNSelector,omitempty"`
+
+	// +optional
+	IsDefault bool `json:"isDefault,omitempty"`
+}
+
 // CustomTargetGroupTuple includes custom fields about target groups.
 // Only used with ForwardActionConfig to route to multiple target groups.
 type CustomTargetGroupTuple struct { // inject refs and selectors into TargetGroupTuple
@@ -91,15 +109,11 @@ type CustomAction struct {
 
 // CustomListenerParameters includes the custom fields of Listener.
 type CustomListenerParameters struct {
-	// [HTTPS and TLS listeners] The default certificate for the listener.
+	// [HTTPS and TLS listeners] The default certificate
+	// for the listener. You must provide exactly one certificate.
+	// Set CertificateArn to the certificate ARN but do not set IsDefault.
 	// +optional
-	CertificateARN *string `json:"certificateArn,omitempty"`
-
-	// Reference to Certificates for Certificate ARN
-	CertificateARNRef *xpv1.Reference `json:"certificateArnRef,omitempty"`
-
-	// Selector for references to Certificate for CertificateArn
-	CertificateARNSelector *xpv1.Selector `json:"certificateArnSelector,omitempty"`
+	Certificates []*CustomCertificate `json:"certificates,omitempty"`
 
 	// The actions for the default rule.
 	// +kubebuilder:validation:Required

diff --git a/apis/elbv2/v1alpha1/referencers.go b/apis/elbv2/v1alpha1/referencers.go
@@ -30,21 +30,23 @@ func (mg *Listener) ResolveReferences(ctx context.Context, c client.Reader) erro
 	r := reference.NewAPIResolver(c, mg)
 
 	// resolve certificate ARN reference
-	rsp, err := r.Resolve(ctx, reference.ResolutionRequest{
-		CurrentValue: reference.FromPtrValue(mg.Spec.ForProvider.CertificateARN),
-		Reference:    mg.Spec.ForProvider.CertificateARNRef,
-		Selector:     mg.Spec.ForProvider.CertificateARNSelector,
-		To:           reference.To{Managed: &acm.Certificate{}, List: &acm.CertificateList{}},
-		Extract:      reference.ExternalName(),
-	})
-	if err != nil {
-		return errors.Wrap(err, "spec.forProvider.certificateArn")
+	for i := range mg.Spec.ForProvider.Certificates {
+		rsp, err := r.Resolve(ctx, reference.ResolutionRequest{
+			CurrentValue: reference.FromPtrValue(mg.Spec.ForProvider.Certificates[i].CertificateARN),
+			Reference:    mg.Spec.ForProvider.Certificates[i].CertificateARNRef,
+			Selector:     mg.Spec.ForProvider.Certificates[i].CertificateARNSelector,
+			To:           reference.To{Managed: &acm.Certificate{}, List: &acm.CertificateList{}},
+			Extract:      reference.ExternalName(),
+		})
+		if err != nil {
+			return errors.Wrap(err, "spec.forProvider.certificateArn")
+		}
+		mg.Spec.ForProvider.Certificates[i].CertificateARN = reference.ToPtrValue(rsp.ResolvedValue)
+		mg.Spec.ForProvider.Certificates[i].CertificateARNRef = rsp.ResolvedReference
 	}
-	mg.Spec.ForProvider.CertificateARN = reference.ToPtrValue(rsp.ResolvedValue)
-	mg.Spec.ForProvider.CertificateARNRef = rsp.ResolvedReference
 
 	// resolve loadbalancer ARN reference
-	rsp, err = r.Resolve(ctx, reference.ResolutionRequest{
+	rsp, err := r.Resolve(ctx, reference.ResolutionRequest{
 		CurrentValue: reference.FromPtrValue(mg.Spec.ForProvider.LoadBalancerARN),
 		Reference:    mg.Spec.ForProvider.LoadBalancerARNRef,
 		Selector:     mg.Spec.ForProvider.LoadBalancerARNSelector,

diff --git a/apis/elbv2/v1alpha1/zz_generated.deepcopy.go b/apis/elbv2/v1alpha1/zz_generated.deepcopy.go
diff --git a/examples/elbv2/listener.yaml b/examples/elbv2/listener.yaml
@@ -45,8 +45,9 @@ metadata:
 spec:
   forProvider:
     region: us-east-1
-    certificateArnRef:
-      name: dev.crossplane.io
+    certificates:
+      - certificateARNRef:
+          name: dev.crossplane.io
     defaultActions:
       - actionType: forward
         forwardConfig:

diff --git a/package/crds/elbv2.aws.crossplane.io_listeners.yaml b/package/crds/elbv2.aws.crossplane.io_listeners.yaml
@@ -71,33 +71,47 @@ spec:
                     items:
                       type: string
                     type: array
-                  certificateArn:
+                  certificates:
                     description: '[HTTPS and TLS listeners] The default certificate
-                      for the listener.'
-                    type: string
-                  certificateArnRef:
-                    description: Reference to Certificates for Certificate ARN
-                    properties:
-                      name:
-                        description: Name of the referenced object.
-                        type: string
-                    required:
-                    - name
-                    type: object
-                  certificateArnSelector:
-                    description: Selector for references to Certificate for CertificateArn
-                    properties:
-                      matchControllerRef:
-                        description: MatchControllerRef ensures an object with the
-                          same controller reference as the selecting object is selected.
-                        type: boolean
-                      matchLabels:
-                        additionalProperties:
+                      for the listener. You must provide exactly one certificate.
+                      Set CertificateArn to the certificate ARN but do not set IsDefault.'
+                    items:
+                      description: CustomCertificate includes custom fields about
+                        certificates.
+                      properties:
+                        certificateARN:
+                          description: '[HTTPS and TLS listeners] The default certificate
+                            for the listener.'
                           type: string
-                        description: MatchLabels ensures an object with matching labels
-                          is selected.
-                        type: object
-                    type: object
+                        certificateARNRef:
+                          description: Reference to Certificates for Certificate ARN
+                          properties:
+                            name:
+                              description: Name of the referenced object.
+                              type: string
+                          required:
+                          - name
+                          type: object
+                        certificateARNSelector:
+                          description: Selector for references to Certificate for
+                            CertificateArn
+                          properties:
+                            matchControllerRef:
+                              description: MatchControllerRef ensures an object with
+                                the same controller reference as the selecting object
+                                is selected.
+                              type: boolean
+                            matchLabels:
+                              additionalProperties:
+                                type: string
+                              description: MatchLabels ensures an object with matching
+                                labels is selected.
+                              type: object
+                          type: object
+                        isDefault:
+                          type: boolean
+                      type: object
+                    type: array
                   defaultActions:
                     description: The actions for the default rule.
                     items:

diff --git a/pkg/controller/elbv2/listener/setup.go b/pkg/controller/elbv2/listener/setup.go
@@ -220,11 +220,11 @@ func generateDefaultActions(cr *svcapitypes.Listener) []*svcsdk.Action { //nolin
 func preCreate(_ context.Context, cr *svcapitypes.Listener, obs *svcsdk.CreateListenerInput) error {
 	obs.DefaultActions = generateDefaultActions(cr)
 	obs.LoadBalancerArn = cr.Spec.ForProvider.LoadBalancerARN
-	if cr.Spec.ForProvider.CertificateARN != nil {
-		obs.Certificates = []*svcsdk.Certificate{
-			{
-				CertificateArn: cr.Spec.ForProvider.CertificateARN,
-			},
+	for i := range cr.Spec.ForProvider.Certificates {
+		if cr.Spec.ForProvider.Certificates[i].CertificateARN != nil {
+			obs.Certificates = append(obs.Certificates, &svcsdk.Certificate{
+				CertificateArn: cr.Spec.ForProvider.Certificates[i].CertificateARN,
+			})
 		}
 	}
 	return nil