feat: [PL-58641]: oidc support for gcp sm and kms (#633)

* feat: [PL-58641]: oidc support for gcp sm and kms

* feat: [PL-58641]: add oidc support for gcp sm and gcp kms

* feat: [PL-58641]: add oidc support for gcp sm and gcp kms

Author: GokulBansal0

harness/nextgen/model_connector_info.go

@@ -48,6 +48,7 @@ type ConnectorInfo struct {
 	Dynatrace           *DynatraceConnectorDto          `json:"-"`
 	Gcp                 *GcpConnector                   `json:"-"`
 	GcpCloudCost        *GcpCloudCostConnectorDto       `json:"-"`
+	GcpKms              *GcpKmsConnector                `json:"-"`
 	Git                 *GitConfig                      `json:"-"`
 	Github              *GithubConnector                `json:"-"`
 	Gitlab              *GitlabConnector                `json:"-"`

harness/nextgen/model_connector_info_serializer.go

@@ -91,6 +91,8 @@ func (a *ConnectorInfo) UnmarshalJSON(data []byte) error {
 		err = json.Unmarshal(aux.Spec, &a.SumoLogic)
 	case ConnectorTypes.GcpSecretManager:
 		err = json.Unmarshal(aux.Spec, &a.GcpSecretManager)
+	case ConnectorTypes.GcpKms:
+		err = json.Unmarshal(aux.Spec, &a.GcpKms)
 	case ConnectorTypes.Spot:
 		err = json.Unmarshal(aux.Spec, &a.Spot)
 	case ConnectorTypes.ServiceNow:
@@ -191,6 +193,8 @@ func (a *ConnectorInfo) MarshalJSON() ([]byte, error) {
 		spec, err = json.Marshal(a.SumoLogic)
 	case ConnectorTypes.GcpSecretManager:
 		spec, err = json.Marshal(a.GcpSecretManager)
+	case ConnectorTypes.GcpKms:
+		spec, err = json.Marshal(a.GcpKms)
 	case ConnectorTypes.Spot:
 		spec, err = json.Marshal(a.Spot)
 	case ConnectorTypes.ServiceNow:

harness/nextgen/model_gcp_kms_connector.go

@@ -18,9 +18,15 @@ type GcpKmsConnector struct {
 	// Name of the Key Ring where Google Cloud Symmetric Key is created.
 	KeyRing string `json:"keyRing"`
 	// Name of the Google Cloud Symmetric Key.
-	KeyName     string `json:"keyName"`
-	Credentials string `json:"credentials"`
+	KeyName string `json:"keyName"`
+	// File Secret which is Service Account Key.
+	Credentials string `json:"credentials,omitempty"`
 	// List of Delegate Selectors that belong to the same Delegate and are used to connect to the Secret Manager.
-	DelegateSelectors []string `json:"delegateSelectors,omitempty"`
-	Default_          bool     `json:"default,omitempty"`
+	DelegateSelectors    []string        `json:"delegateSelectors,omitempty"`
+	OidcDetails          *GcpOidcDetails `json:"oidcDetails,omitempty"`
+	IgnoreTestConnection bool            `json:"ignoreTestConnection,omitempty"`
+	// Should the secret manager execute operations on the delegate, or via Harness platform
+	ExecuteOnDelegate bool   `json:"executeOnDelegate"`
+	Default_          bool   `json:"default"`
+	ConnectorType     string `json:"connectorType"`
 }

harness/nextgen/model_gcp_oidc_token_exchange_details_for_delegate.go

@@ -0,0 +1,20 @@
+/*
+ * Harness NextGen Software Delivery Platform API Reference
+ *
+ * This is the Open Api Spec 3 for the NextGen Manager. This is under active development. Beware of the breaking change with respect to the generated code stub
+ *
+ * API version: 3.0
+ * Contact: contact@harness.io
+ * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git)
+ */
+package nextgen
+
+type GcpOidcTokenExchangeDetailsForDelegate struct {
+	OidcIdToken                             string                          `json:"oidcIdToken,omitempty"`
+	OidcAccessTokenStsEndpoint              string                          `json:"oidcAccessTokenStsEndpoint,omitempty"`
+	OidcAccessTokenIamSaEndpoint            string                          `json:"oidcAccessTokenIamSaEndpoint,omitempty"`
+	GcpServiceAccountEmail                  string                          `json:"gcpServiceAccountEmail,omitempty"`
+	OidcWorkloadAccessTokenRequestStructure *OidcWorkloadAccessTokenRequest `json:"oidcWorkloadAccessTokenRequestStructure,omitempty"`
+	OidcChartmuseumGcpConfigStructure       *OidcChartmuseumGcpConfig       `json:"oidcChartmuseumGcpConfigStructure,omitempty"`
+	IdTokenExpiryTime                       int64                           `json:"idTokenExpiryTime,omitempty"`
+}

harness/nextgen/model_gcp_secret_manager.go

@@ -11,11 +11,17 @@ package nextgen
 
 // This contains details of GCP Secret Manager
 type GcpSecretManager struct {
-	ConnectorType string `json:"connectorType"`
-	IsDefault     bool   `json:"isDefault,omitempty"`
 	// Reference to the secret containing credentials of IAM service account for Google Secret Manager
-	CredentialsRef string `json:"credentialsRef"`
+	CredentialsRef string `json:"credentialsRef,omitempty"`
 	// List of Delegate Selectors that belong to the same Delegate and are used to connect to the Secret Manager.
 	DelegateSelectors []string `json:"delegateSelectors,omitempty"`
-	Default_          bool     `json:"default,omitempty"`
+	// Should the secret manager execute operations on the delegate, or via Harness platform
+	ExecuteOnDelegate bool `json:"executeOnDelegate"`
+	// Boolean value to indicate that Credentials are taken from the Delegate.
+	AssumeCredentialsOnDelegate            bool                                    `json:"assumeCredentialsOnDelegate"`
+	Credential                             *GcpConnectorCredential                 `json:"credential,omitempty"`
+	GcpOidcTokenExchangeDetailsForDelegate *GcpOidcTokenExchangeDetailsForDelegate `json:"gcpOidcTokenExchangeDetailsForDelegate,omitempty"`
+	IgnoreTestConnection                   bool                                    `json:"ignoreTestConnection,omitempty"`
+	Default_                               bool                                    `json:"default"`
+	ConnectorType                          string                                  `json:"connectorType"`
 }

harness/nextgen/model_oidc_access_token_options.go

@@ -0,0 +1,14 @@
+/*
+ * Harness NextGen Software Delivery Platform API Reference
+ *
+ * This is the Open Api Spec 3 for the NextGen Manager. This is under active development. Beware of the breaking change with respect to the generated code stub
+ *
+ * API version: 3.0
+ * Contact: contact@harness.io
+ * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git)
+ */
+package nextgen
+
+type OidcAccessTokenOptions struct {
+	UserProject string `json:"userProject,omitempty"`
+}

harness/nextgen/model_oidc_chartmuseum_gcp_config.go

@@ -0,0 +1,18 @@
+/*
+ * Harness NextGen Software Delivery Platform API Reference
+ *
+ * This is the Open Api Spec 3 for the NextGen Manager. This is under active development. Beware of the breaking change with respect to the generated code stub
+ *
+ * API version: 3.0
+ * Contact: contact@harness.io
+ * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git)
+ */
+package nextgen
+
+type OidcChartmuseumGcpConfig struct {
+	Type_                          string `json:"type,omitempty"`
+	Audience                       string `json:"audience,omitempty"`
+	SubjectTokenType               string `json:"subject_token_type,omitempty"`
+	TokenUrl                       string `json:"token_url,omitempty"`
+	ServiceAccountImpersonationUrl string `json:"service_account_impersonation_url,omitempty"`
+}

harness/nextgen/model_oidc_workload_access_token_request.go

@@ -0,0 +1,20 @@
+/*
+ * Harness NextGen Software Delivery Platform API Reference
+ *
+ * This is the Open Api Spec 3 for the NextGen Manager. This is under active development. Beware of the breaking change with respect to the generated code stub
+ *
+ * API version: 3.0
+ * Contact: contact@harness.io
+ * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git)
+ */
+package nextgen
+
+type OidcWorkloadAccessTokenRequest struct {
+	Audience           string                  `json:"audience,omitempty"`
+	GrantType          string                  `json:"grant_type,omitempty"`
+	RequestedTokenType string                  `json:"requested_token_type,omitempty"`
+	Scope              string                  `json:"scope,omitempty"`
+	SubjectTokenType   string                  `json:"subject_token_type,omitempty"`
+	SubjectToken       string                  `json:"subject_token,omitempty"`
+	Options            *OidcAccessTokenOptions `json:"options,omitempty"`
+}