mgr/smb: create a new resource component for remote control

Remote control is a new optional feature of the samba-container. It runs
a small "sidecar" service that provides a (g)RPC interface that bridges
certain runtime operations, like disconnecting a particular client,
from the cloudy-gRPC world to samba's existing tooling.
Add a new type that can be used to configure this sidecar service.

Signed-off-by: John Mulligan <jmulligan@redhat.com>

diff --git a/src/pybind/mgr/smb/resources.py b/src/pybind/mgr/smb/resources.py
index 5c9149cd0267ee767de10b03909cc9b499c6fe7b..3b50017336d4be5686771681a3fa616b1898cf34 100644 (file)
--- a/src/pybind/mgr/smb/resources.py
+++ b/src/pybind/mgr/smb/resources.py
@@ -488,6 +488,28 @@ class TLSSource(_RBase):
         return rc
 
 
+@resourcelib.component()
+class RemoteControl(_RBase):
+    # enabled can be set to explicitly toggle the remote control server
+    enabled: Optional[bool] = None
+    # cert specifies the ssl/tls certificate to use
+    cert: Optional[TLSSource] = None
+    # cert specifies the ssl/tls server key to use
+    key: Optional[TLSSource] = None
+    # ca_cert specifies the ssl/tls ca cert for mTLS auth
+    ca_cert: Optional[TLSSource] = None
+
+    def validate(self) -> None:
+        if bool(self.cert) ^ bool(self.key):
+            raise ValueError('cert and key values must be provided together')
+
+    @property
+    def is_enabled(self) -> bool:
+        if self.enabled is not None:
+            return self.enabled
+        return bool(self.cert and self.key)
+
+
 @resourcelib.resource('ceph.smb.cluster')
 class Cluster(_RBase):
     """Represents a cluster (instance) that is / should be present."""