update: source github.com/jsonnet-libs/k8s@6f69530d

Author: mriedmann

1.2/_custom/secretProviderClass.libsonnet

@@ -0,0 +1,134 @@
+local d = import 'doc-util/main.libsonnet';
+
+local patch = {
+  secretProviderClass+: {
+    local secrets_store_csi_driver = self,
+    spec+: {
+      parameters+: {
+        '#newAzureParameters':: d.fn(
+          help=' shortcut to define new azure specific prameters with defaults',
+          args=[
+            d.arg('tenantId', d.T.string),
+            d.arg('keyvaultName', d.T.string),
+            d.arg('userAssignedIdentityId', d.T.string),
+            d.arg('useVMManagedIdentity', d.T.bool, 'true'),
+            d.arg('usePodIdentity', d.T.bool, 'false'),
+          ]
+        ),
+        newAzureParameters(
+          tenantId,
+          keyvaultName,
+          userAssignedIdentityId,
+          useVMManagedIdentity=true,
+          usePodIdentity=false
+        ):: {
+              cloudName: '',
+              objects: '',
+            }
+            + self.withTenantId(tenantId)
+            + self.withKeyvaultName(keyvaultName)
+            + self.withUserAssignedIdentityId(userAssignedIdentityId)
+            + self.withUseVMManagedIdentity(useVMManagedIdentity)
+            + self.withUsePodIdentity(usePodIdentity),
+
+        '#withUsePodIdentity':: d.fn(help='Helper-function to set attribute according to to specification (https://learn.microsoft.com/en-us/azure/aks/csi-secrets-store-identity-access#use-a-user-assigned-managed-identity)', args=[d.arg('usePodIdentity', d.T.bool)]),
+        withUsePodIdentity(usePodIdentity):: { usePodIdentity: std.toString(usePodIdentity) },
+        '#withUseVMManagedIdentity':: d.fn(help='Helper-function to set attribute according to to specification (https://learn.microsoft.com/en-us/azure/aks/csi-secrets-store-identity-access#use-a-user-assigned-managed-identity)', args=[d.arg('withUseVMManagedIdentity', d.T.bool)]),
+        withUseVMManagedIdentity(useVMManagedIdentity):: { useVMManagedIdentity: std.toString(useVMManagedIdentity) },
+        '#withUserAssignedIdentityId':: d.fn(help='Helper-function to set attribute according to to specification (https://learn.microsoft.com/en-us/azure/aks/csi-secrets-store-identity-access#use-a-user-assigned-managed-identity)', args=[d.arg('withUserAssignedIdentityId', d.T.string)]),
+        withUserAssignedIdentityId(userAssignedIdentityID):: { userAssignedIdentityID: userAssignedIdentityID },
+        '#withKeyvaultName':: d.fn(help='Helper-function to set attribute according to to specification (https://learn.microsoft.com/en-us/azure/aks/csi-secrets-store-identity-access#use-a-user-assigned-managed-identity)', args=[d.arg('withKeyvaultName', d.T.string)]),
+        withKeyvaultName(keyvaultName):: { keyvaultName: keyvaultName },
+        '#withCloudName':: d.fn(help='Helper-function to set attribute according to to specification (https://learn.microsoft.com/en-us/azure/aks/csi-secrets-store-identity-access#use-a-user-assigned-managed-identity)', args=[d.arg('withCloudName', d.T.string)]),
+        withCloudName(cloudName):: { cloudName: cloudName },
+        '#withTenantId':: d.fn(help='Helper-function to set attribute according to to specification (https://learn.microsoft.com/en-us/azure/aks/csi-secrets-store-identity-access#use-a-user-assigned-managed-identity)', args=[d.arg('withTenantId', d.T.string)]),
+        withTenantId(tenantId):: { tenantId: tenantId },
+
+        '#withObjects':: d.fn(help='Function to render objects-text. Takes an object-array e.g. [{objectName:"name",objectType:"secret"}] or an single object.', args=[d.arg('objects', d.T.array)]),
+        withObjects(objects):: {
+          objects: std.manifestYamlDoc({
+            local f = function(x) std.join('', std.map(function(y) |||
+              %s: '%s'
+            ||| % [y, x[y]], std.objectFields(x))),
+            array: std.map(
+              f,
+              if std.isArray(objects) then objects else [objects]
+            ),
+          }, indent_array_in_object=true, quote_keys=false),
+        },
+      },
+      secretObjects+: {
+        data+: {
+          '#new':: d.fn(
+            help='Create new secretsObjects data entry. Object has to have an objectName field or should be provided as objectName string',
+            args=[
+              d.arg('key', d.T.string),
+              d.arg('object', d.T.object),
+            ]
+          ),
+          new(key, object)::
+            local objectName = if std.isObject(object) then object.objectName else object;
+            {}
+            + secrets_store_csi_driver.spec.secretObjects.data.withKey(key)
+            + secrets_store_csi_driver.spec.secretObjects.data.withObjectName(objectName),
+        },
+        '#new':: d.fn(
+          help='Create new secretsObject.',
+          args=[
+            d.arg('name', d.T.string),
+            d.arg('objects', d.T.array),
+          ]
+        ),
+        new(name, objects, type='Opaque')::
+          {}
+          + secrets_store_csi_driver.spec.secretObjects.withSecretName(name)
+          + secrets_store_csi_driver.spec.secretObjects.withType(type)
+          + secrets_store_csi_driver.spec.secretObjects.withData(
+            [secrets_store_csi_driver.spec.secretObjects.data.new(x, objects[x]) for x in std.objectFields(objects)]
+          ),
+      },
+    },
+    '#new':: d.fn(
+      help='Create new azure specific secretProviderClass.',
+      args=[
+        d.arg('name', d.T.string),
+        d.arg('tenantId', d.T.string),
+        d.arg('keyvaultName', d.T.string),
+        d.arg('userAssignedIdentityId', d.T.string),
+        d.arg('objects', d.T.array, '[]'),
+        d.arg('secretName', d.T.array, 'null'),
+        d.arg('secretObjects', d.T.array, '[]'),
+      ]
+    ),
+    newAzure(
+      name,
+      tenantId,
+      keyvaultName,
+      userAssignedIdentityId,
+      objects=[],
+      secretName=null,
+      secretObjects=[]
+    ):: self.new(name)
+        + self.spec.withProvider('azure')
+        + {
+          spec+: {
+            parameters+: secrets_store_csi_driver.spec.parameters.newAzureParameters(
+              userAssignedIdentityId=userAssignedIdentityId,
+              keyvaultName=keyvaultName,
+              tenantId=tenantId
+            ) + secrets_store_csi_driver.spec.parameters.withObjects(std.objectValues(objects)),
+          },
+        }
+        + if secretName != null then self.spec.withSecretObjects([
+          secrets_store_csi_driver.spec.secretObjects.new(secretName, objects),
+        ]) else {}
+                + self.spec.withSecretObjects(secretObjects),
+  },
+};
+
+{
+  nogroup+: {
+    v1+: patch,
+    v1alpha1+: patch,
+  },
+}

1.2/main.libsonnet

@@ -1 +1 @@
-(import 'gen.libsonnet')
+(import 'gen.libsonnet') + (import '_custom/secretProviderClass.libsonnet')

docs/1.2/nogroup/v1/secretProviderClass.md

@@ -8,7 +8,7 @@ permalink: /1.2/nogroup/v1/secretProviderClass/
 
 ## Index
 
-* [`fn new(name)`](#fn-new)
+* [`fn new(name, tenantId, keyvaultName, userAssignedIdentityId, objects='[]', secretName='null', secretObjects='[]')`](#fn-new)
 * [`obj metadata`](#obj-metadata)
   * [`fn withAnnotations(annotations)`](#fn-metadatawithannotations)
   * [`fn withAnnotationsMixin(annotations)`](#fn-metadatawithannotationsmixin)
@@ -35,7 +35,17 @@ permalink: /1.2/nogroup/v1/secretProviderClass/
   * [`fn withProvider(provider)`](#fn-specwithprovider)
   * [`fn withSecretObjects(secretObjects)`](#fn-specwithsecretobjects)
   * [`fn withSecretObjectsMixin(secretObjects)`](#fn-specwithsecretobjectsmixin)
+  * [`obj spec.parameters`](#obj-specparameters)
+    * [`fn newAzureParameters(tenantId, keyvaultName, userAssignedIdentityId, useVMManagedIdentity='true', usePodIdentity='false')`](#fn-specparametersnewazureparameters)
+    * [`fn withCloudName(withCloudName)`](#fn-specparameterswithcloudname)
+    * [`fn withKeyvaultName(withKeyvaultName)`](#fn-specparameterswithkeyvaultname)
+    * [`fn withObjects(objects)`](#fn-specparameterswithobjects)
+    * [`fn withTenantId(withTenantId)`](#fn-specparameterswithtenantid)
+    * [`fn withUsePodIdentity(usePodIdentity)`](#fn-specparameterswithusepodidentity)
+    * [`fn withUseVMManagedIdentity(withUseVMManagedIdentity)`](#fn-specparameterswithusevmmanagedidentity)
+    * [`fn withUserAssignedIdentityId(withUserAssignedIdentityId)`](#fn-specparameterswithuserassignedidentityid)
   * [`obj spec.secretObjects`](#obj-specsecretobjects)
+    * [`fn new(name, objects)`](#fn-specsecretobjectsnew)
     * [`fn withAnnotations(annotations)`](#fn-specsecretobjectswithannotations)
     * [`fn withAnnotationsMixin(annotations)`](#fn-specsecretobjectswithannotationsmixin)
     * [`fn withData(data)`](#fn-specsecretobjectswithdata)
@@ -45,6 +55,7 @@ permalink: /1.2/nogroup/v1/secretProviderClass/
     * [`fn withSecretName(secretName)`](#fn-specsecretobjectswithsecretname)
     * [`fn withType(type)`](#fn-specsecretobjectswithtype)
     * [`obj spec.secretObjects.data`](#obj-specsecretobjectsdata)
+      * [`fn new(key, object)`](#fn-specsecretobjectsdatanew)
       * [`fn withKey(key)`](#fn-specsecretobjectsdatawithkey)
       * [`fn withObjectName(objectName)`](#fn-specsecretobjectsdatawithobjectname)
 
@@ -53,10 +64,10 @@ permalink: /1.2/nogroup/v1/secretProviderClass/
 ### fn new
 
 ```ts
-new(name)
+new(name, tenantId, keyvaultName, userAssignedIdentityId, objects='[]', secretName='null', secretObjects='[]')
 ```
 
-new returns an instance of SecretProviderClass
+Create new azure specific secretProviderClass.
 
 ## obj metadata
 
@@ -270,10 +281,86 @@ withSecretObjectsMixin(secretObjects)
 
 **Note:** This function appends passed data to existing values
 
+## obj spec.parameters
+
+
+
+### fn spec.parameters.newAzureParameters
+
+```ts
+newAzureParameters(tenantId, keyvaultName, userAssignedIdentityId, useVMManagedIdentity='true', usePodIdentity='false')
+```
+
+ shortcut to define new azure specific prameters with defaults
+
+### fn spec.parameters.withCloudName
+
+```ts
+withCloudName(withCloudName)
+```
+
+Helper-function to set attribute according to to specification (https://learn.microsoft.com/en-us/azure/aks/csi-secrets-store-identity-access#use-a-user-assigned-managed-identity)
+
+### fn spec.parameters.withKeyvaultName
+
+```ts
+withKeyvaultName(withKeyvaultName)
+```
+
+Helper-function to set attribute according to to specification (https://learn.microsoft.com/en-us/azure/aks/csi-secrets-store-identity-access#use-a-user-assigned-managed-identity)
+
+### fn spec.parameters.withObjects
+
+```ts
+withObjects(objects)
+```
+
+Function to render objects-text. Takes an object-array e.g. [{objectName:"name",objectType:"secret"}] or an single object.
+
+### fn spec.parameters.withTenantId
+
+```ts
+withTenantId(withTenantId)
+```
+
+Helper-function to set attribute according to to specification (https://learn.microsoft.com/en-us/azure/aks/csi-secrets-store-identity-access#use-a-user-assigned-managed-identity)
+
+### fn spec.parameters.withUsePodIdentity
+
+```ts
+withUsePodIdentity(usePodIdentity)
+```
+
+Helper-function to set attribute according to to specification (https://learn.microsoft.com/en-us/azure/aks/csi-secrets-store-identity-access#use-a-user-assigned-managed-identity)
+
+### fn spec.parameters.withUseVMManagedIdentity
+
+```ts
+withUseVMManagedIdentity(withUseVMManagedIdentity)
+```
+
+Helper-function to set attribute according to to specification (https://learn.microsoft.com/en-us/azure/aks/csi-secrets-store-identity-access#use-a-user-assigned-managed-identity)
+
+### fn spec.parameters.withUserAssignedIdentityId
+
+```ts
+withUserAssignedIdentityId(withUserAssignedIdentityId)
+```
+
+Helper-function to set attribute according to to specification (https://learn.microsoft.com/en-us/azure/aks/csi-secrets-store-identity-access#use-a-user-assigned-managed-identity)
+
 ## obj spec.secretObjects
 
 
 
+### fn spec.secretObjects.new
+
+```ts
+new(name, objects)
+```
+
+Create new secretsObject.
+
 ### fn spec.secretObjects.withAnnotations
 
 ```ts
@@ -348,6 +435,14 @@ withType(type)
 
 
 
+### fn spec.secretObjects.data.new
+
+```ts
+new(key, object)
+```
+
+Create new secretsObjects data entry. Object has to have an objectName field or should be provided as objectName string
+
 ### fn spec.secretObjects.data.withKey
 
 ```ts