chore: Move opnsense credential secret from example into domain. There is an architectural problem around secrets still but its definitely something we want to manage for the user

2025-09-02 11:46:43 -04:00
parent d24ea23413
commit 75f27a2b85
9 changed files with 35 additions and 14 deletions
--- a/examples/okd_pxe/src/topology.rs
+++ b/examples/okd_pxe/src/topology.rs
@@ -1,28 +1,22 @@
 use cidr::Ipv4Cidr;
 use harmony::{
-    hardware::{FirewallGroup, HostCategory, Location, PhysicalHost, SwitchGroup},
+    config::secret::OPNSenseFirewallCredentials,
+    hardware::{Location, SwitchGroup},
    infra::opnsense::OPNSenseManagementInterface,
    inventory::Inventory,
    topology::{HAClusterTopology, LogicalHost, UnmanagedRouter},
 };
 use harmony_macros::{ip, ipv4};
-use harmony_secret::{Secret, SecretManager};
-use serde::{Deserialize, Serialize};
+use harmony_secret::SecretManager;
 use std::{net::IpAddr, sync::Arc};

-#[derive(Secret, Serialize, Deserialize, Debug, PartialEq)]
-struct OPNSenseFirewallConfig {
-    username: String,
-    password: String,
-}
-
 pub async fn get_topology() -> HAClusterTopology {
    let firewall = harmony::topology::LogicalHost {
        ip: ip!("192.168.1.1"),
        name: String::from("opnsense-1"),
    };

-    let config = SecretManager::get::<OPNSenseFirewallConfig>().await;
+    let config = SecretManager::get::<OPNSenseFirewallCredentials>().await;
    let config = config.unwrap();

    let opnsense = Arc::new(