]> git.apps.os.sepia.ceph.com Git - ceph.git/commitdiff
mgr/smb: add a new tls source component resource
authorJohn Mulligan <jmulligan@redhat.com>
Wed, 2 Jul 2025 21:45:42 +0000 (17:45 -0400)
committerAdam King <adking@redhat.com>
Thu, 21 Aug 2025 18:13:55 +0000 (14:13 -0400)
Add a new resource component for referencing a tls credential resource.
This works pretty much like the join auth resource in that a cluster
refers to a tls credential resource by name - avoiding having to have
potentially sensitive info stored in the cluster resource.

Signed-off-by: John Mulligan <jmulligan@redhat.com>
(cherry picked from commit ee5b41981a43da8cff889c80b001540538b08af6)

src/pybind/mgr/smb/resources.py

index 1320619650bf9a765a530639cbbf370f184aa09e..5c9149cd0267ee767de10b03909cc9b499c6fe7b 100644 (file)
@@ -25,6 +25,7 @@ from .enums import (
     LoginCategory,
     PasswordFilter,
     SMBClustering,
+    SourceReferenceType,
     TLSCredentialType,
     UserGroupSourceType,
 )
@@ -466,6 +467,27 @@ class ClusterBindIP(_RBase):
         return rc
 
 
+@resourcelib.component()
+class TLSSource(_RBase):
+    """Represents TLS Certificates and Keys used to configure SMB related
+    resources.
+    """
+
+    source_type: SourceReferenceType = SourceReferenceType.RESOURCE
+    ref: str = ''
+
+    def validate(self) -> None:
+        if not self.ref:
+            raise ValueError('reference value must be specified')
+        else:
+            validation.check_id(self.ref)
+
+    @resourcelib.customize
+    def _customize_resource(rc: resourcelib.Resource) -> resourcelib.Resource:
+        rc.ref.quiet = True
+        return rc
+
+
 @resourcelib.resource('ceph.smb.cluster')
 class Cluster(_RBase):
     """Represents a cluster (instance) that is / should be present."""