fix: use derive custom resource for kube-rs rather than a yaml string

2025-10-21 11:44:01 -04:00 · 2025-10-21 11:44:01 -04:00 · 8932bf3cf7
commit 8932bf3cf7
parent 770f1fea4a
1 changed files with 78 additions and 26 deletions
--- a/harmony/src/modules/cert_manager/cluster_issuer.rs
+++ b/harmony/src/modules/cert_manager/cluster_issuer.rs
@ -2,7 +2,9 @@ use std::sync::Arc;

 use async_trait::async_trait;
 use harmony_types::id::Id;
-use serde::Serialize;
+use kube::{CustomResource, api::ObjectMeta};
+use schemars::JsonSchema;
+use serde::{Deserialize, Serialize};

 use crate::{
    data::Version,
@ -13,14 +15,14 @@ use crate::{
 };

 #[derive(Clone, Debug, Serialize)]
-pub struct ClusterIssuer {
+pub struct ClusterIssuerScore {
    email: String,
    server: String,
    issuer_name: String,
    namespace: String,
 }

-impl<T: Topology + K8sclient> Score<T> for ClusterIssuer {
+impl<T: Topology + K8sclient> Score<T> for ClusterIssuerScore {
    fn name(&self) -> String {
        "ClusterIssuerScore".to_string()
    }
@ -35,7 +37,7 @@ impl<T: Topology + K8sclient> Score<T> for ClusterIssuer {

 #[derive(Debug, Clone)]
 pub struct ClusterIssuerInterpret {
-    score: ClusterIssuer,
+    score: ClusterIssuerScore,
 }

 #[async_trait]
@ -71,7 +73,7 @@ impl ClusterIssuerInterpret {
        &self,
        client: &Arc<K8sClient>,
    ) -> Result<Outcome, InterpretError> {
-        let cert_manager = "cet-manager".to_string();
+        let cert_manager = "cert-manager".to_string();
        let operator_namespace = "openshift-operators".to_string();
        match client
            .get_deployment(&cert_manager, Some(&operator_namespace))
@ -108,31 +110,35 @@ impl ClusterIssuerInterpret {
        }
    }

-    fn build_cluster_issuer(&self) -> Result<String, InterpretError> {
+    fn build_cluster_issuer(&self) -> Result<ClusterIssuer, InterpretError> {
        let issuer_name = &self.score.issuer_name;
        let email = &self.score.email;
        let server = &self.score.server;
        let namespace = &self.score.namespace;
-        let cluster_issuer = format!(
-            r#"
-apiVersion: cert-manager.io/v1
-kind: ClusterIssuer
-metadata:
-    - apiVersion: cert-manager.io/v1
-      manager: cert-manager-clusterissuers
-  name: {issuer_name}
-  namespace: {namespace}
-spec:
-  acme:
-    email: {email}
-    privateKeySecretRef:
-      name: {issuer_name}
-    server: {server}
-    solvers:
-      - http01:
-          ingress:
-            class: nginx"#,
-        );
+        let cluster_issuer = ClusterIssuer {
+            metadata: ObjectMeta {
+                name: Some(issuer_name.to_string()),
+                namespace: Some(namespace.to_string()),
+                ..Default::default()
+            },
+            spec: ClusterIssuerSpec {
+                acme: AcmeSpec {
+                    email: email.to_string(),
+                    private_key_secret_ref: PrivateKeySecretRef {
+                        name: issuer_name.to_string(),
+                    },
+                    server: server.to_string(),
+                    solvers: vec![SolverSpec {
+                        http01: Some(Http01Solver {
+                            ingress: Http01Ingress {
+                                class: "nginx".to_string(),
+                            },
+                        }),
+                    }],
+                },
+            },
+        };
+
        Ok(cluster_issuer)
    }

@ -155,3 +161,49 @@ spec:
        )))
    }
 }
+
+#[derive(CustomResource, Deserialize, Serialize, Clone, Debug, JsonSchema)]
+#[kube(
+    group = "cert-manager.io",
+    version = "v1",
+    kind = "ClusterIssuer",
+    plural = "clusterissuers"
+)]
+#[serde(rename_all = "camelCase")]
+pub struct ClusterIssuerSpec {
+    pub acme: AcmeSpec,
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, JsonSchema)]
+#[serde(rename_all = "camelCase")]
+pub struct AcmeSpec {
+    pub email: String,
+    pub private_key_secret_ref: PrivateKeySecretRef,
+    pub server: String,
+    pub solvers: Vec<SolverSpec>,
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, JsonSchema)]
+#[serde(rename_all = "camelCase")]
+pub struct PrivateKeySecretRef {
+    pub name: String,
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, JsonSchema)]
+#[serde(rename_all = "camelCase")]
+pub struct SolverSpec {
+    pub http01: Option<Http01Solver>,
+    // Other solver types (e.g., dns01) would go here as Options
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, JsonSchema)]
+#[serde(rename_all = "camelCase")]
+pub struct Http01Solver {
+    pub ingress: Http01Ingress,
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, JsonSchema)]
+#[serde(rename_all = "camelCase")]
+pub struct Http01Ingress {
+    pub class: String,
+}