Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implemented storage encryption feature support #618

Merged
merged 8 commits into from
Jan 26, 2023
Merged

Implemented storage encryption feature support #618

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
34e22fc
implemented storage encryption feature
kasabe28 Jan 24, 2023
aa1357f
generated api reference docs
kasabe28 Jan 24, 2023
76f5521
changes for review comments
kasabe28 Jan 24, 2023
3a06293
changes for review comments
kasabe28 Jan 25, 2023
e50f7e3
Merge branch 'main' into feature/storage-encryption
kasabe28 Jan 25, 2023
6d530d9
updated go.sum
kasabe28 Jan 25, 2023
f34aa39
fixed typo
kasabe28 Jan 25, 2023
e913bb7
fixed typo
kasabe28 Jan 25, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 11 additions & 1 deletion api/storage/v1alpha1/volume_types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,11 @@
package v1alpha1

import (
commonv1alpha1 "github.com/onmetal/onmetal-api/api/common/v1alpha1"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime/schema"

commonv1alpha1 "github.com/onmetal/onmetal-api/api/common/v1alpha1"
)

// VolumeGK is a helper to easily access the GroupKind information of an Volume
Expand All @@ -29,6 +30,13 @@ var VolumeGK = schema.GroupKind{
Kind: "Volume",
}

// VolumeEncryption represents information to encrypt a volume.
type VolumeEncryption struct {
// SecretRef references the Secret containing the encryption key to encrypt a Volume.
// This secret is created by user with encryptionKey as Key and base64 encoded 256-bit encryption key as Value.
SecretRef corev1.LocalObjectReference `json:"secretRef"`
}

// VolumeSpec defines the desired state of Volume
type VolumeSpec struct {
// VolumeClassRef is the VolumeClass of a volume
Expand All @@ -52,6 +60,8 @@ type VolumeSpec struct {
// Tolerations define tolerations the Volume has. Only any VolumePool whose taints
// covered by Tolerations will be considered to host the Volume.
Tolerations []commonv1alpha1.Toleration `json:"tolerations,omitempty"`
// Encryption is an optional field which provides attributes to encrypt Volume.
Encryption *VolumeEncryption `json:"encryption,omitempty"`
}

// VolumeAccess represents information on how to access a volume.
Expand Down
22 changes: 22 additions & 0 deletions api/storage/v1alpha1/zz_generated.deepcopy.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 10 additions & 0 deletions client-go/applyconfigurations/internal/internal.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

42 changes: 42 additions & 0 deletions client-go/applyconfigurations/storage/v1alpha1/volumeencryption.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 9 additions & 0 deletions client-go/applyconfigurations/storage/v1alpha1/volumespec.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions client-go/applyconfigurations/utils.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

32 changes: 31 additions & 1 deletion client-go/openapi/zz_generated.openapi.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

65 changes: 65 additions & 0 deletions docs/api-reference/compute.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,20 @@ If empty, a scheduler will figure out an appropriate pool to run the machine in.
</tr>
<tr>
<td>
<code>power</code><br/>
<em>
<a href="#compute.api.onmetal.de/v1alpha1.Power">
Power
</a>
</em>
</td>
<td>
<p>Power ist the desired machine power state.
adracus marked this conversation as resolved.
Show resolved Hide resolved
Defaults to PowerOn.</p>
</td>
</tr>
<tr>
<td>
<code>image</code><br/>
<em>
string
Expand Down Expand Up @@ -1000,6 +1014,20 @@ If empty, a scheduler will figure out an appropriate pool to run the machine in.
</tr>
<tr>
<td>
<code>power</code><br/>
<em>
<a href="#compute.api.onmetal.de/v1alpha1.Power">
Power
</a>
</em>
</td>
<td>
<p>Power ist the desired machine power state.
Defaults to PowerOn.</p>
</td>
</tr>
<tr>
<td>
<code>image</code><br/>
<em>
string
Expand Down Expand Up @@ -1121,6 +1149,9 @@ MachinePool.</p>
</tr><tr><td><p>&#34;Shutdown&#34;</p></td>
<td><p>MachineStateShutdown means the machine is shut down.</p>
</td>
</tr><tr><td><p>&#34;Terminated&#34;</p></td>
<td><p>MachineStateTerminated means the machine has been permanently stopped and cannot be started.</p>
</td>
</tr></tbody>
</table>
<h3 id="compute.api.onmetal.de/v1alpha1.MachineStatus">MachineStatus
Expand All @@ -1141,6 +1172,17 @@ MachinePool.</p>
<tbody>
<tr>
<td>
<code>machineID</code><br/>
<em>
string
</em>
</td>
<td>
<p>MachineID is the provider specific machine ID in the format &lsquo;<type>://<machine_id>&rsquo;.</p>
</td>
</tr>
<tr>
<td>
<code>machinePoolObservedGeneration</code><br/>
<em>
int64
Expand Down Expand Up @@ -1458,6 +1500,29 @@ Kubernetes meta/v1.Time
</tr>
</tbody>
</table>
<h3 id="compute.api.onmetal.de/v1alpha1.Power">Power
(<code>string</code> alias)</h3>
<p>
(<em>Appears on:</em><a href="#compute.api.onmetal.de/v1alpha1.MachineSpec">MachineSpec</a>)
</p>
<div>
<p>Power is the desired power state of a Machine.</p>
</div>
<table>
<thead>
<tr>
<th>Value</th>
<th>Description</th>
</tr>
</thead>
<tbody><tr><td><p>&#34;Off&#34;</p></td>
<td><p>PowerOff indicates that a Machine should be powered off.</p>
</td>
</tr><tr><td><p>&#34;On&#34;</p></td>
<td><p>PowerOn indicates that a Machine should be powered on.</p>
</td>
</tr></tbody>
</table>
<h3 id="compute.api.onmetal.de/v1alpha1.Volume">Volume
</h3>
<p>
Expand Down
13 changes: 13 additions & 0 deletions docs/api-reference/networking.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1939,6 +1939,19 @@ NetworkInterfacePhase
</tr>
<tr>
<td>
<code>machinePoolRef</code><br/>
<em>
<a href="https://v1-25.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#localobjectreference-v1-core">
Kubernetes core/v1.LocalObjectReference
</a>
</em>
</td>
<td>
<p>MachinePoolRef is the machine pool the network interface is currently on, if any.</p>
</td>
</tr>
<tr>
<td>
<code>lastPhaseTransitionTime</code><br/>
<em>
<a href="https://v1-25.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#time-v1-meta">
Expand Down
Loading