Add ClientCertAdditionalData.

xuezhaojun · xuezhaojun · commit ce48d31690d0 · 2024-03-11T17:36:31.000+08:00
Signed-off-by: xuezhaojun &lt;zxue@redhat.com&gt;
diff --git a/addon/v1alpha1/0000_01_addon.open-cluster-management.io_managedclusteraddons.crd.yaml b/addon/v1alpha1/0000_01_addon.open-cluster-management.io_managedclusteraddons.crd.yaml
@@ -309,6 +309,22 @@ spec:
                     addon agent to register to hub. The Klusterlet agent will create
                     a csr for the addon agent with the registrationConfig.
                   properties:
+                    clientCertAdditionalData:
+                      additionalProperties:
+                        type: string
+                      description: The signed CSR client certificates will be stored
+                        in the secret on the agent, clientCertAdditionalData is the
+                        additional data that will stored with the client certificate
+                        secret. Also, the change of the additional data will trigger
+                        the CSR renewal.
+                      type: object
+                    hubSensitive:
+                      default: true
+                      description: HubSensitive is a flag to indicate whether the
+                        registrationConfig is sensitive to the hub. If it is set to
+                        true, the renewal of the CSR will be triggered when the hub
+                        is changed.
+                      type: boolean
                     signerName:
                       description: signerName is the name of signer that addon agent
                         will use to create csr.
diff --git a/addon/v1alpha1/types_managedclusteraddon.go b/addon/v1alpha1/types_managedclusteraddon.go
@@ -68,6 +68,18 @@ type RegistrationConfig struct {
 	//
 	// +optional
 	Subject Subject `json:"subject,omitempty"`
+
+	// HubSensitive is a flag to indicate whether the registrationConfig is sensitive to the hub.
+	// If it is set to true, the renewal of the CSR will be triggered when the hub is changed.
+	// +optional
+	// +kubebuilder:default=true
+	HubSensitive bool `json:"hubSensitive,omitempty"`
+
+	// The signed CSR client certificates will be stored in the secret on the agent, clientCertAdditionalData
+	// is the additional data that will stored with the client certificate secret.
+	// Also, the change of the additional data will trigger the CSR renewal.
+	// +optional
+	ClientCertAdditionalData map[string]string `json:"clientCertAdditionalData,omitempty"`
 }
 
 type AddOnConfig struct {
diff --git a/addon/v1alpha1/zz_generated.swagger_doc_generated.go b/addon/v1alpha1/zz_generated.swagger_doc_generated.go
