second round of reviews

helm/install.go

@@ -0,0 +1,26 @@
+package helm
+
+import (
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+
+	helmv1beta1 "github.com/openshift/api/helm/v1beta1"
+)
+
+const (
+	GroupName = "helm.openshift.io"
+)
+
+var (
+	schemeBuilder = runtime.NewSchemeBuilder(helmv1beta1.Install)
+	// Install is a function which adds every version of this group to a scheme
+	Install = schemeBuilder.AddToScheme
+)
+
+func Resource(resource string) schema.GroupResource {
+	return schema.GroupResource{Group: GroupName, Resource: resource}
+}
+
+func Kind(kind string) schema.GroupKind {
+	return schema.GroupKind{Group: GroupName, Kind: kind}
+}

helm/v1beta1/0000_10-helm-chart-repository.crd.yaml

@@ -11,8 +11,6 @@ spec:
     listKind: HelmChartRepositoryList
     plural: helmchartrepositories
     singular: helmchartrepository
-    shortNames:
-    - hcr
   versions:
   - name: v1beta1
     served: true
@@ -43,20 +41,43 @@ spec:
           description: spec holds user settable values for configuration
           type: object
           properties:
-            ca:
-              description: ca is an optional reference to a config map by name containing
-                the PEM-encoded CA bundle. It is used as a trust anchor to validate
-                the TLS certificate presented by the remote server. The key "ca.crt"
-                is used to locate the data. If empty, the default system roots are
-                used. The namespace for this config map is openshift-config.
+            connectionConfig:
+              description: Required configuration for connecting to the chart repo
               type: object
-              required:
-              - name
               properties:
-                name:
-                  description: name is the metadata.name of the referenced config
-                    map
+                ca:
+                  description: ca is an optional reference to a config map by name
+                    containing the PEM-encoded CA bundle. It is used as a trust anchor
+                    to validate the TLS certificate presented by the remote server.
+                    The key "ca-bundle.crt" is used to locate the data. If empty,
+                    the default system roots are used. The namespace for this config
+                    map is openshift-config.
+                  type: object
+                  required:
+                  - name
+                  properties:
+                    name:
+                      description: name is the metadata.name of the referenced config
+                        map
+                      type: string
+                tlsClientConfig:
+                  description: tlsClientConfig is an optional reference to a secret
+                    by name that contains the PEM-encoded TLS client certificate and
+                    private key to present when connecting to the server. The key
+                    "tls.crt" is used to locate the client certificate. The key "tls.key"
+                    is used to locate the private key. The namespace for this secret
+                    is openshift-config.
+                  type: object
+                  required:
+                  - name
+                  properties:
+                    name:
+                      description: name is the metadata.name of the referenced secret
+                      type: string
+                url:
+                  description: Chart repository URL
                   type: string
+                  pattern: ^https?:\/\/
             description:
               description: Optional human readable repository description, it can
                 be used by UI for displaying purposes
@@ -67,34 +88,6 @@ spec:
                 can be used by UI for displaying purposes
               type: string
               minLength: 1
-            tlsClientCert:
-              description: tlsClientCert is an optional reference to a secret by name
-                that contains the PEM-encoded TLS client certificate to present when
-                connecting to the server. The key "client.crt" is used to locate the
-                data. The namespace for this secret is openshift-config.
-              type: object
-              required:
-              - name
-              properties:
-                name:
-                  description: name is the metadata.name of the referenced secret
-                  type: string
-            tlsClientKey:
-              description: tlsClientKey is an optional reference to a secret by name
-                that contains the PEM-encoded TLS private key for the client certificate
-                referenced in tlsClientCert. The key "client.key" is used to locate
-                the data. The namespace for this secret is openshift-config.
-              type: object
-              required:
-              - name
-              properties:
-                name:
-                  description: name is the metadata.name of the referenced secret
-                  type: string
-            url:
-              description: Chart repository URL
-              type: string
-              pattern: ^https?:\/\/
         status:
           description: Observed status of the repository within the cluster..
           type: object

helm/v1beta1/types_helm.go

@@ -47,7 +47,7 @@ type HelmChartRepositorySpec struct {
 	Description string `json:"description,omitempty"`
 
 	// Required configuration for connecting to the chart repo
-	ConnectionConfig `json:",inline"`
+	ConnectionConfig ConnectionConfig `json:"connectionConfig"`
 }
 
 type ConnectionConfig struct {
@@ -58,25 +58,19 @@ type ConnectionConfig struct {
 
 	// ca is an optional reference to a config map by name containing the PEM-encoded CA bundle.
 	// It is used as a trust anchor to validate the TLS certificate presented by the remote server.
-	// The key "ca.crt" is used to locate the data.
+	// The key "ca-bundle.crt" is used to locate the data.
 	// If empty, the default system roots are used.
 	// The namespace for this config map is openshift-config.
 	// +optional
-	CA *configv1.ConfigMapNameReference `json:"ca,omitempty"`
+	CA configv1.ConfigMapNameReference `json:"ca,omitempty"`
 
-	// tlsClientCert is an optional reference to a secret by name that contains the
-	// PEM-encoded TLS client certificate to present when connecting to the server.
-	// The key "client.crt" is used to locate the data.
+	// tlsClientConfig is an optional reference to a secret by name that contains the
+	// PEM-encoded TLS client certificate and private key to present when connecting to the server.
+	// The key "tls.crt" is used to locate the client certificate.
+	// The key "tls.key" is used to locate the private key.
 	// The namespace for this secret is openshift-config.
 	// +optional
-	TLSClientCert *configv1.SecretNameReference `json:"tlsClientCert,omitempty"`
-
-	// tlsClientKey is an optional reference to a secret by name that contains the
-	// PEM-encoded TLS private key for the client certificate referenced in tlsClientCert.
-	// The key "client.key" is used to locate the data.
-	// The namespace for this secret is openshift-config.
-	// +optional
-	TLSClientKey *configv1.SecretNameReference `json:"tlsClientKey,omitempty"`
+	TLSClientConfig configv1.SecretNameReference `json:"tlsClientConfig,omitempty"`
 }
 
 type HelmChartRepositoryStatus struct {

install.go

@@ -37,6 +37,7 @@ import (
 	"github.com/openshift/api/authorization"
 	"github.com/openshift/api/build"
 	"github.com/openshift/api/config"
+	"github.com/openshift/api/helm"
 	"github.com/openshift/api/image"
 	"github.com/openshift/api/imageregistry"
 	"github.com/openshift/api/kubecontrolplane"
@@ -65,6 +66,7 @@ var (
 		authorization.Install,
 		build.Install,
 		config.Install,
+		helm.Install,
 		image.Install,
 		imageregistry.Install,
 		kubecontrolplane.Install,