DNS Merge Request Controller

PROJECT

@@ -167,4 +167,22 @@ resources:
   kind: TwistlockCredential
   path: valkyrie.dso.mil/valkyrie-api/apis/twistlock/v1alpha1
   version: v1alpha1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: valkyrie.dso.mil
+  group: gitlab
+  kind: DNSRepoCredential
+  path: valkyrie.dso.mil/valkyrie-api/apis/gitlab/v1alpha1
+  version: v1alpha1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: valkyrie.dso.mil
+  group: gitlab
+  kind: DNSRepoMergeRequest
+  path: valkyrie.dso.mil/valkyrie-api/apis/gitlab/v1alpha1
+  version: v1alpha1
 version: "3"

README.md

@@ -145,3 +145,44 @@ spec:
   credentialName: fortifycredential-sample
 ```
 4) Apply the resources created above to the k8s cluster
+
+### DNS Merge Request Controller Setup
+1) Create a secret that holds the project access token for DNS gitlab project.
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: dns-repo-secret
+type: Opaque
+data:
+  username: eW91cl90b2tlbg==
+  accessToken: eW91cl90b2tlbg==
+```
+2) Create a DNSRepoCredential resource
+```yaml
+apiVersion: gitlab.valkyrie.dso.mil/v1alpha1
+kind: DNSRepoCredential
+metadata:
+  name: dnsrepocredential-sample
+spec:
+  repoUrl: "https://code.il2.dso.mil/platform-one/products/valkyrie/dso-dns.git"
+  gitlabProjectId: 4548
+  usernameSecretRef:
+    name: dns-repo-secret
+    key: username
+  tokenSecretRef:
+    name: dns-repo-secret
+    key: accessToken
+```
+3) Create a DNSRepoMergeRequest resource
+```yaml
+apiVersion: gitlab.valkyrie.dso.mil/v1alpha1
+kind: DNSRepoMergeRequest
+metadata:
+  name: dnsrepomergerequest-sample
+spec:
+  credentialName: dnsrepocredential-sample
+  appHostname: "valkyrie-test"
+  targetEnvironment: "il2"
+```
+4) Apply the resources created above to the k8s cluster

apis/gitlab/v1alpha1/dnsrepocredential_types.go

+/*
+Copyright 2021.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import (
+	v1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// DNSRepoCredentialSpec defines the desired state of DNSRepoCredential
+type DNSRepoCredentialSpec struct {
+	// RepoURL is the url for the DNS git repository. For example: https://code.il2.dso.mil/platform-one/products/valkyrie/dso-dns.git
+	RepoURL string `json:"repoUrl,omitempty"`
+
+	// GitlabProjectID is the project ID of the DNS project in Gitlab
+	GitlabProjectID int `json:"gitlabProjectId,omitempty"`
+
+	// UsernameSecRef is the username of project bot will be used to clone the repo
+	UsernameSecRef v1.SecretKeySelector `json:"usernameSecretRef,omitempty"`
+
+	// TokenSecRef is the project bot token used to clone the repo
+	TokenSecRef v1.SecretKeySelector `json:"tokenSecretRef,omitempty"`
+}
+
+// DNSRepoCredentialStatus defines the observed state of DNSRepoCredential
+type DNSRepoCredentialStatus struct {
+	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
+	// Important: Run "make" to regenerate code after modifying this file
+}
+
+//+kubebuilder:object:root=true
+//+kubebuilder:subresource:status
+
+// DNSRepoCredential is the Schema for the dnsrepocredentials API
+type DNSRepoCredential struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   DNSRepoCredentialSpec   `json:"spec,omitempty"`
+	Status DNSRepoCredentialStatus `json:"status,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+
+// DNSRepoCredentialList contains a list of DNSRepoCredential
+type DNSRepoCredentialList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []DNSRepoCredential `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&DNSRepoCredential{}, &DNSRepoCredentialList{})
+}

apis/gitlab/v1alpha1/dnsrepocredential_types_test.go

+package v1alpha1
+
+import (
+	v1 "k8s.io/api/core/v1"
+	"reflect"
+	"testing"
+
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// testVarsDNSRepoCredential - Reusable test variables
+type testVarsDNSRepoCredential = struct {
+	testKind       string
+	testAPIVersion string
+	testSpec       string
+	testStatus     string
+
+	expectedKind       string
+	expectedAPIVersion string
+	expectedSpec       string
+	expectedStatus     string
+
+	testObject1 DNSRepoCredential
+	testObject2 DNSRepoCredential
+
+	objectItems1 []DNSRepoCredential
+	objectList1  DNSRepoCredentialList
+
+	objectItems2 []DNSRepoCredential
+	objectList2  DNSRepoCredentialList
+
+	// leave scaffold Foo value for testing?
+	testObjectSpec1 DNSRepoCredentialSpec
+	testObjectSpec2 DNSRepoCredentialSpec
+
+	// leave scaffold Foo value for testing?
+	testObjectStatus1 DNSRepoCredentialStatus
+	testObjectStatus2 DNSRepoCredentialStatus
+}
+
+// initVarsDNSRepoCredential - intialize test variables
+func initVarsDNSRepoCredential() testVarsDNSRepoCredential {
+	testVars := testVarsDNSRepoCredential{}
+
+	testVars.testKind = "TestKind"
+	testVars.testAPIVersion = "v22"
+	testVars.testSpec = "https://test.git"
+
+	testVars.expectedAPIVersion = testVars.testAPIVersion
+	testVars.expectedKind = testVars.testKind
+	testVars.expectedSpec = testVars.testSpec
+
+	var object1MetaType metav1.TypeMeta = metav1.TypeMeta{Kind: testVars.testKind, APIVersion: testVars.testAPIVersion}
+	testVars.testObject1 = DNSRepoCredential{TypeMeta: object1MetaType}
+
+	var object2MetaType metav1.TypeMeta = metav1.TypeMeta{Kind: "TestKind2", APIVersion: "V99"}
+	testVars.testObject2 = DNSRepoCredential{TypeMeta: object2MetaType}
+
+	var objectList1MetaType metav1.TypeMeta = metav1.TypeMeta{Kind: "TestKind_List", APIVersion: "V12"}
+	var objectItems1 []DNSRepoCredential = []DNSRepoCredential{testVars.testObject1, testVars.testObject2}
+	// test_object_list = DNSRepoCredentialList(objectList1MetaType,nil,object_items)
+	testVars.objectList1 = DNSRepoCredentialList{TypeMeta: objectList1MetaType, Items: objectItems1}
+
+	var objectList2MetaType metav1.TypeMeta = metav1.TypeMeta{Kind: "TestKind_List", APIVersion: "V12"}
+	var objectItems2 []DNSRepoCredential = []DNSRepoCredential{testVars.testObject2}
+	// test_object_list = DNSRepoCredentialList(objectList1MetaType,nil,object_items)
+	testVars.objectList2 = DNSRepoCredentialList{TypeMeta: objectList2MetaType, Items: objectItems2}
+
+	// leave scaffold Foo value for testing?
+	testVars.testObjectSpec1 = DNSRepoCredentialSpec{
+		RepoURL:         "https://test.git",
+		GitlabProjectID: 4351,
+		UsernameSecRef: v1.SecretKeySelector{
+			LocalObjectReference: v1.LocalObjectReference{Name: "secret"},
+			Key:                  "username",
+		},
+		TokenSecRef: v1.SecretKeySelector{
+			LocalObjectReference: v1.LocalObjectReference{Name: "secret"},
+			Key:                  "token",
+		},
+	}
+	testVars.testObjectSpec2 = DNSRepoCredentialSpec{
+		RepoURL:         "https://test22.git",
+		GitlabProjectID: 4351,
+		UsernameSecRef: v1.SecretKeySelector{
+			LocalObjectReference: v1.LocalObjectReference{Name: "secret"},
+			Key:                  "username",
+		},
+		TokenSecRef: v1.SecretKeySelector{
+			LocalObjectReference: v1.LocalObjectReference{Name: "secret"},
+			Key:                  "token",
+		},
+	}
+
+	return testVars
+}
+
+// TestGroupVarsDNSRepoCredential -
+func TestGroupVarsDNSRepoCredential(t *testing.T) {
+
+	xType := reflect.TypeOf(GroupVersion)
+	// convert object type to string
+	got := xType.String()
+	want := "schema.GroupVersion"
+
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+	t.Log("Success")
+}
+
+// TestTypesDNSRepoCredential -
+func TestTypesDNSRepoCredential(t *testing.T) {
+	lTestVars := initVarsDNSRepoCredential()
+	want := lTestVars.expectedAPIVersion
+	got := lTestVars.testObject1.APIVersion
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+	t.Log("Success")
+}
+
+// TestDeepCopyDeepCopyDNSRepoCredential -
+func TestDeepCopyDeepCopyDNSRepoCredential(t *testing.T) {
+	lTestVars := initVarsDNSRepoCredential()
+
+	newObject := lTestVars.testObject1.DeepCopy()
+
+	// check api version
+	got := newObject.APIVersion
+	want := lTestVars.expectedAPIVersion
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+
+	// check kind
+	got = newObject.Kind
+	want = lTestVars.expectedKind
+
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+
+	var nilTestPtr *DNSRepoCredential = nil
+	var val = nilTestPtr.DeepCopyObject()
+	if val != nil {
+		t.Errorf("got %s want %s", "not nil", "nil")
+	}
+
+	t.Log("Success")
+}
+
+// TestDeepCopyDeepCopyIntoDNSRepoCredential -
+func TestDeepCopyDeepCopyIntoDNSRepoCredential(t *testing.T) {
+	lTestVars := initVarsDNSRepoCredential()
+
+	lTestVars.testObject1.DeepCopyInto(&lTestVars.testObject2)
+
+	got := lTestVars.testObject2.APIVersion
+	want := lTestVars.expectedAPIVersion
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+	t.Log("Success")
+}
+
+// TestDeepCopyDeepCopyObjectDNSRepoCredential -
+func TestDeepCopyDeepCopyObjectDNSRepoCredential(t *testing.T) {
+	lTestVars := initVarsDNSRepoCredential()
+
+	newRuntimeObject := lTestVars.testObject1.DeepCopyObject()
+	newObject := newRuntimeObject.(*DNSRepoCredential)
+	got := newObject.APIVersion
+	want := lTestVars.expectedAPIVersion
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+	t.Log("Success")
+}
+
+// TestDeepCopyDeepCopyListDNSRepoCredential -
+func TestDeepCopyDeepCopyListDNSRepoCredential(t *testing.T) {
+	lTestVars := initVarsDNSRepoCredential()
+	newObjectList := lTestVars.objectList1.DeepCopy()
+
+	got := newObjectList.Items[0].APIVersion
+	want := lTestVars.expectedAPIVersion
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+
+	// a typed pointer set to nil
+	var nilTestPtr *DNSRepoCredentialList = nil
+	var val = nilTestPtr.DeepCopy()
+	if val != nil {
+		t.Errorf("got %s want %s", "not nil", "nil")
+	}
+	t.Log("Success")
+}
+
+// TestDeepCopyDeepCopyIntoListDNSRepoCredential -
+func TestDeepCopyDeepCopyIntoListDNSRepoCredential(t *testing.T) {
+	lTestVars := initVarsDNSRepoCredential()
+
+	lTestVars.objectList1.DeepCopyInto(&lTestVars.objectList2)
+
+	got := lTestVars.objectList2.Items[0].APIVersion
+	want := lTestVars.expectedAPIVersion
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+	t.Log("Success")
+}
+
+// TestDeepCopyDeepCopyListObjectDNSRepoCredential -
+func TestDeepCopyDeepCopyListObjectDNSRepoCredential(t *testing.T) {
+	lTestVars := initVarsDNSRepoCredential()
+
+	newRuntimeObject := lTestVars.objectList1.DeepCopyObject()
+	newObject := newRuntimeObject.(*DNSRepoCredentialList)
+	got := newObject.Items[0].APIVersion
+	want := lTestVars.expectedAPIVersion
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+
+	var nilTestPtr *DNSRepoCredentialList = nil
+	var val = nilTestPtr.DeepCopyObject()
+	if val != nil {
+		t.Errorf("got %s want %s", "not nil", "nil")
+	}
+
+	t.Log("Success")
+}
+
+// TestDeepCopyDeepCopySpecDNSRepoCredential -
+func TestDeepCopyDeepCopySpecDNSRepoCredential(t *testing.T) {
+	lTestVars := initVarsDNSRepoCredential()
+
+	newObjectList := lTestVars.testObjectSpec1.DeepCopy()
+
+	got := newObjectList.RepoURL
+	want := lTestVars.expectedSpec
+
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+
+	var nilTestPtr *DNSRepoCredentialSpec = nil
+	var val = nilTestPtr.DeepCopy()
+	if val != nil {
+		t.Errorf("got %s want %s", "not nil", "nil")
+	}
+	t.Log("Success")
+}
+
+// TestDeepCopyDeepCopySpecIntoDNSRepoCredential -
+func TestDeepCopyDeepCopySpecIntoDNSRepoCredential(t *testing.T) {
+	lTestVars := initVarsDNSRepoCredential()
+
+	lTestVars.testObjectSpec1.DeepCopyInto(&lTestVars.testObjectSpec2)
+
+	got := lTestVars.testObjectSpec2.RepoURL
+	want := lTestVars.expectedSpec
+
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+	t.Log("Success")
+}

apis/gitlab/v1alpha1/dnsrepomergerequest_types.go

+/*
+Copyright 2021.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// DNSRepoMergeRequestSpec defines the desired state of DNSRepoMergeRequest
+type DNSRepoMergeRequestSpec struct {
+	//RepoCredentialName is the name of the Kind DNSRepoCredential object in this namespace that contains authentication information.
+	RepoCredentialName string `json:"credentialName"`
+
+	//AppHostname is the hostname of the app want to be added
+	AppHostname string `json:"appHostname"`
+
+	//TargetEnvironment specify which impact level the DNS record will be created
+	TargetEnvironment string `json:"targetEnvironment"`
+}
+
+// DNSRepoMergeRequestStatus defines the observed state of DNSRepoMergeRequest
+type DNSRepoMergeRequestStatus struct {
+
+	//SourceBranch is the source branch of the merge request
+	// +optional
+	SourceBranch string `json:"sourceBranch"`
+
+	//TargetBranch is the target branch of the merge request
+	// +optional
+	TargetBranch string `json:"targetBranch"`
+
+	//ID is the merge request ID in the project
+	// +optional
+	ID *int `json:"id"`
+
+	//CreatedTime is the timestamp when the merge request was created by the controller.
+	//If the merge request already exists beforehand, this will not be set.
+	// +optional
+	CreatedTime *metav1.Time `json:"createdTime"`
+
+	//State represents current state of the resource
+	// +optional
+	State string `json:"state"`
+}
+
+//+kubebuilder:object:root=true
+//+kubebuilder:subresource:status
+
+// DNSRepoMergeRequest is the Schema for the dnsrepomergerequests API
+type DNSRepoMergeRequest struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   DNSRepoMergeRequestSpec   `json:"spec,omitempty"`
+	Status DNSRepoMergeRequestStatus `json:"status,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+
+// DNSRepoMergeRequestList contains a list of DNSRepoMergeRequest
+type DNSRepoMergeRequestList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []DNSRepoMergeRequest `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&DNSRepoMergeRequest{}, &DNSRepoMergeRequestList{})
+}

apis/gitlab/v1alpha1/dnsrepomergerequest_types_test.go

+package v1alpha1
+
+import (
+	"reflect"
+	"testing"
+
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// testVarsDNSRepoMergeRequest - Reusable test variables
+type testVarsDNSRepoMergeRequest = struct {
+	testKind       string
+	testAPIVersion string
+	testSpec       string
+	testStatus     string
+
+	expectedKind       string
+	expectedAPIVersion string
+	expectedSpec       string
+	expectedStatus     string
+
+	testObject1 DNSRepoMergeRequest
+	testObject2 DNSRepoMergeRequest
+
+	objectItems1 []DNSRepoMergeRequest
+	objectList1  DNSRepoMergeRequestList
+
+	objectItems2 []DNSRepoMergeRequest
+	objectList2  DNSRepoMergeRequestList
+
+	// leave scaffold Foo value for testing?
+	testObjectSpec1 DNSRepoMergeRequestSpec
+	testObjectSpec2 DNSRepoMergeRequestSpec
+
+	// leave scaffold Foo value for testing?
+	testObjectStatus1 DNSRepoMergeRequestStatus
+	testObjectStatus2 DNSRepoMergeRequestStatus
+}
+
+// initVarsDNSRepoMergeRequest - intialize test variables
+func initVarsDNSRepoMergeRequest() testVarsDNSRepoMergeRequest {
+	testVars := testVarsDNSRepoMergeRequest{}
+
+	testVars.testKind = "TestKind"
+	testVars.testAPIVersion = "v22"
+	testVars.testSpec = "valkyrie"
+	testVars.testStatus = "test status value"
+
+	testVars.expectedAPIVersion = testVars.testAPIVersion
+	testVars.expectedKind = testVars.testKind
+	testVars.expectedSpec = testVars.testSpec
+	testVars.expectedStatus = testVars.testStatus
+
+	var object1MetaType metav1.TypeMeta = metav1.TypeMeta{Kind: testVars.testKind, APIVersion: testVars.testAPIVersion}
+	testVars.testObject1 = DNSRepoMergeRequest{TypeMeta: object1MetaType}
+
+	var object2MetaType metav1.TypeMeta = metav1.TypeMeta{Kind: "TestKind2", APIVersion: "V99"}
+	testVars.testObject2 = DNSRepoMergeRequest{TypeMeta: object2MetaType}
+
+	var objectList1MetaType metav1.TypeMeta = metav1.TypeMeta{Kind: "TestKind_List", APIVersion: "V12"}
+	var objectItems1 []DNSRepoMergeRequest = []DNSRepoMergeRequest{testVars.testObject1, testVars.testObject2}
+	// test_object_list = DNSRepoMergeRequestList(objectList1MetaType,nil,object_items)
+	testVars.objectList1 = DNSRepoMergeRequestList{TypeMeta: objectList1MetaType, Items: objectItems1}
+
+	var objectList2MetaType metav1.TypeMeta = metav1.TypeMeta{Kind: "TestKind_List", APIVersion: "V12"}
+	var objectItems2 []DNSRepoMergeRequest = []DNSRepoMergeRequest{testVars.testObject2}
+	// test_object_list = DNSRepoMergeRequestList(objectList1MetaType,nil,object_items)
+	testVars.objectList2 = DNSRepoMergeRequestList{TypeMeta: objectList2MetaType, Items: objectItems2}
+
+	// leave scaffold Foo value for testing?
+	testVars.testObjectSpec1 = DNSRepoMergeRequestSpec{
+		AppHostname: "valkyrie",
+	}
+	testVars.testObjectSpec2 = DNSRepoMergeRequestSpec{
+		AppHostname: "valkyrie2",
+	}
+
+	return testVars
+}
+
+// TestGroupVarsDNSRepoMergeRequest -
+func TestGroupVarsDNSRepoMergeRequest(t *testing.T) {
+
+	xType := reflect.TypeOf(GroupVersion)
+	// convert object type to string
+	got := xType.String()
+	want := "schema.GroupVersion"
+
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+	t.Log("Success")
+}
+
+// TestTypesDNSRepoMergeRequest -
+func TestTypesDNSRepoMergeRequest(t *testing.T) {
+	lTestVars := initVarsDNSRepoMergeRequest()
+	want := lTestVars.expectedAPIVersion
+	got := lTestVars.testObject1.APIVersion
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+	t.Log("Success")
+}
+
+// TestDeepCopyDeepCopyDNSRepoMergeRequest -
+func TestDeepCopyDeepCopyDNSRepoMergeRequest(t *testing.T) {
+	lTestVars := initVarsDNSRepoMergeRequest()
+
+	newObject := lTestVars.testObject1.DeepCopy()
+
+	// check api version
+	got := newObject.APIVersion
+	want := lTestVars.expectedAPIVersion
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+
+	// check kind
+	got = newObject.Kind
+	want = lTestVars.expectedKind
+
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+
+	var nilTestPtr *DNSRepoMergeRequest = nil
+	var val = nilTestPtr.DeepCopyObject()
+	if val != nil {
+		t.Errorf("got %s want %s", "not nil", "nil")
+	}
+
+	t.Log("Success")
+}
+
+// TestDeepCopyDeepCopyIntoDNSRepoMergeRequest -
+func TestDeepCopyDeepCopyIntoDNSRepoMergeRequest(t *testing.T) {
+	lTestVars := initVarsDNSRepoMergeRequest()
+
+	lTestVars.testObject1.DeepCopyInto(&lTestVars.testObject2)
+
+	got := lTestVars.testObject2.APIVersion
+	want := lTestVars.expectedAPIVersion
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+	t.Log("Success")
+}
+
+// TestDeepCopyDeepCopyObjectDNSRepoMergeRequest -
+func TestDeepCopyDeepCopyObjectDNSRepoMergeRequest(t *testing.T) {
+	lTestVars := initVarsDNSRepoMergeRequest()
+
+	newRuntimeObject := lTestVars.testObject1.DeepCopyObject()
+	newObject := newRuntimeObject.(*DNSRepoMergeRequest)
+	got := newObject.APIVersion
+	want := lTestVars.expectedAPIVersion
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+	t.Log("Success")
+}
+
+// TestDeepCopyDeepCopyListDNSRepoMergeRequest -
+func TestDeepCopyDeepCopyListDNSRepoMergeRequest(t *testing.T) {
+	lTestVars := initVarsDNSRepoMergeRequest()
+	newObjectList := lTestVars.objectList1.DeepCopy()
+
+	got := newObjectList.Items[0].APIVersion
+	want := lTestVars.expectedAPIVersion
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+
+	// a typed pointer set to nil
+	var nilTestPtr *DNSRepoMergeRequestList = nil
+	var val = nilTestPtr.DeepCopy()
+	if val != nil {
+		t.Errorf("got %s want %s", "not nil", "nil")
+	}
+	t.Log("Success")
+}
+
+// TestDeepCopyDeepCopyIntoListDNSRepoMergeRequest -
+func TestDeepCopyDeepCopyIntoListDNSRepoMergeRequest(t *testing.T) {
+	lTestVars := initVarsDNSRepoMergeRequest()
+
+	lTestVars.objectList1.DeepCopyInto(&lTestVars.objectList2)
+
+	got := lTestVars.objectList2.Items[0].APIVersion
+	want := lTestVars.expectedAPIVersion
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+	t.Log("Success")
+}
+
+// TestDeepCopyDeepCopyListObjectDNSRepoMergeRequest -
+func TestDeepCopyDeepCopyListObjectDNSRepoMergeRequest(t *testing.T) {
+	lTestVars := initVarsDNSRepoMergeRequest()
+
+	newRuntimeObject := lTestVars.objectList1.DeepCopyObject()
+	newObject := newRuntimeObject.(*DNSRepoMergeRequestList)
+	got := newObject.Items[0].APIVersion
+	want := lTestVars.expectedAPIVersion
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+
+	var nilTestPtr *DNSRepoMergeRequestList = nil
+	var val = nilTestPtr.DeepCopyObject()
+	if val != nil {
+		t.Errorf("got %s want %s", "not nil", "nil")
+	}
+
+	t.Log("Success")
+}
+
+// TestDeepCopyDeepCopySpecDNSRepoMergeRequest -
+func TestDeepCopyDeepCopySpecDNSRepoMergeRequest(t *testing.T) {
+	lTestVars := initVarsDNSRepoMergeRequest()
+
+	newObjectList := lTestVars.testObjectSpec1.DeepCopy()
+
+	got := newObjectList.AppHostname
+	want := lTestVars.expectedSpec
+
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+
+	var nilTestPtr *DNSRepoMergeRequestSpec = nil
+	var val = nilTestPtr.DeepCopy()
+	if val != nil {
+		t.Errorf("got %s want %s", "not nil", "nil")
+	}
+	t.Log("Success")
+}
+
+// TestDeepCopyDeepCopySpecIntoDNSRepoMergeRequest -
+func TestDeepCopyDeepCopySpecIntoDNSRepoMergeRequest(t *testing.T) {
+	lTestVars := initVarsDNSRepoMergeRequest()
+
+	lTestVars.testObjectSpec1.DeepCopyInto(&lTestVars.testObjectSpec2)
+
+	got := lTestVars.testObjectSpec2.AppHostname
+	want := lTestVars.expectedSpec
+
+	if got != want {
+		t.Errorf("got %s want %s", got, want)
+	}
+	t.Log("Success")
+}

apis/gitlab/v1alpha1/zz_generated.deepcopy.go

@@ -24,6 +24,195 @@ import (
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DNSRepoCredential) DeepCopyInto(out *DNSRepoCredential) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	out.Status = in.Status
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSRepoCredential.
+func (in *DNSRepoCredential) DeepCopy() *DNSRepoCredential {
+	if in == nil {
+		return nil
+	}
+	out := new(DNSRepoCredential)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *DNSRepoCredential) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DNSRepoCredentialList) DeepCopyInto(out *DNSRepoCredentialList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ListMeta.DeepCopyInto(&out.ListMeta)
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]DNSRepoCredential, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSRepoCredentialList.
+func (in *DNSRepoCredentialList) DeepCopy() *DNSRepoCredentialList {
+	if in == nil {
+		return nil
+	}
+	out := new(DNSRepoCredentialList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *DNSRepoCredentialList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DNSRepoCredentialSpec) DeepCopyInto(out *DNSRepoCredentialSpec) {
+	*out = *in
+	in.UsernameSecRef.DeepCopyInto(&out.UsernameSecRef)
+	in.TokenSecRef.DeepCopyInto(&out.TokenSecRef)
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSRepoCredentialSpec.
+func (in *DNSRepoCredentialSpec) DeepCopy() *DNSRepoCredentialSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(DNSRepoCredentialSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DNSRepoCredentialStatus) DeepCopyInto(out *DNSRepoCredentialStatus) {
+	*out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSRepoCredentialStatus.
+func (in *DNSRepoCredentialStatus) DeepCopy() *DNSRepoCredentialStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(DNSRepoCredentialStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DNSRepoMergeRequest) DeepCopyInto(out *DNSRepoMergeRequest) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	out.Spec = in.Spec
+	in.Status.DeepCopyInto(&out.Status)
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSRepoMergeRequest.
+func (in *DNSRepoMergeRequest) DeepCopy() *DNSRepoMergeRequest {
+	if in == nil {
+		return nil
+	}
+	out := new(DNSRepoMergeRequest)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *DNSRepoMergeRequest) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DNSRepoMergeRequestList) DeepCopyInto(out *DNSRepoMergeRequestList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ListMeta.DeepCopyInto(&out.ListMeta)
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]DNSRepoMergeRequest, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSRepoMergeRequestList.
+func (in *DNSRepoMergeRequestList) DeepCopy() *DNSRepoMergeRequestList {
+	if in == nil {
+		return nil
+	}
+	out := new(DNSRepoMergeRequestList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *DNSRepoMergeRequestList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DNSRepoMergeRequestSpec) DeepCopyInto(out *DNSRepoMergeRequestSpec) {
+	*out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSRepoMergeRequestSpec.
+func (in *DNSRepoMergeRequestSpec) DeepCopy() *DNSRepoMergeRequestSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(DNSRepoMergeRequestSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DNSRepoMergeRequestStatus) DeepCopyInto(out *DNSRepoMergeRequestStatus) {
+	*out = *in
+	if in.ID != nil {
+		in, out := &in.ID, &out.ID
+		*out = new(int)
+		**out = **in
+	}
+	if in.CreatedTime != nil {
+		in, out := &in.CreatedTime, &out.CreatedTime
+		*out = (*in).DeepCopy()
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSRepoMergeRequestStatus.
+func (in *DNSRepoMergeRequestStatus) DeepCopy() *DNSRepoMergeRequestStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(DNSRepoMergeRequestStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *GitlabCredentials) DeepCopyInto(out *GitlabCredentials) {
 	*out = *in

clients/git/repo_client.go

+package git
+
+import (
+	"fmt"
+	"github.com/go-git/go-billy/v5"
+	"github.com/go-git/go-billy/v5/memfs"
+	"github.com/go-git/go-git/v5"
+	"github.com/go-git/go-git/v5/config"
+	"github.com/go-git/go-git/v5/plumbing"
+	"github.com/go-git/go-git/v5/plumbing/transport/http"
+	"github.com/go-git/go-git/v5/storage/memory"
+)
+
+//RepoClient - client interface
+type RepoClient interface {
+	CheckoutOrCreateBranch(branchName string) (err error)
+	GetFileSystem() *billy.Filesystem
+	AddFile(filePath string) (err error)
+	Commit(message string) (err error)
+	Push() (err error)
+	DeleteRemoteBranch(branchName string) (err error)
+}
+
+//RepoClientImpl client to manage an existing repo
+type RepoClientImpl struct {
+	repo *git.Repository
+	fs   *billy.Filesystem
+	auth *http.BasicAuth
+}
+
+//NewClient creates an new client to manage the repo.
+func NewClient(username string, accessToken string, repoURL string) (client *RepoClientImpl, err error) {
+	fs := memfs.New()
+	auth := &http.BasicAuth{
+		Username: username,
+		Password: accessToken,
+	}
+
+	r, err := git.Clone(memory.NewStorage(), fs, &git.CloneOptions{
+		URL:  repoURL,
+		Auth: auth,
+	})
+	if err != nil {
+		return
+	}
+
+	return &RepoClientImpl{
+		repo: r,
+		fs:   &fs,
+		auth: auth,
+	}, nil
+}
+
+//CheckoutOrCreateBranch checkout the branch if it exists, if it doesn't exist, it will create it then check it out
+func (c *RepoClientImpl) CheckoutOrCreateBranch(branchName string) (err error) {
+
+	w, err := c.repo.Worktree()
+	if err != nil {
+		return
+	}
+
+	branch := fmt.Sprintf("refs/heads/%s", branchName)
+	b := plumbing.ReferenceName(branch)
+	// First try to checkout branch
+	err = w.Checkout(&git.CheckoutOptions{Create: false, Force: false, Branch: b})
+
+	if err != nil {
+		// got an error  - try to create it
+		err = w.Checkout(&git.CheckoutOptions{Create: true, Force: false, Branch: b})
+		if err != nil {
+			return
+		}
+	}
+
+	return
+}
+
+//GetFileSystem gets the file system used to checkout the repo
+func (c *RepoClientImpl) GetFileSystem() *billy.Filesystem {
+	return c.fs
+}
+
+//AddFile adds the file to commit
+func (c *RepoClientImpl) AddFile(filePath string) (err error) {
+	w, err := c.repo.Worktree()
+	if err != nil {
+		return
+	}
+	_, err = w.Add(filePath)
+	return
+}
+
+//Commit commits the changes with a message
+func (c *RepoClientImpl) Commit(message string) (err error) {
+	w, err := c.repo.Worktree()
+	if err != nil {
+		return
+	}
+
+	_, err = w.Commit(message, &git.CommitOptions{})
+	return
+}
+
+//Push pushes commit to remote
+func (c *RepoClientImpl) Push() (err error) {
+	err = c.repo.Push(&git.PushOptions{
+		RemoteName: "origin",
+		Auth:       c.auth,
+	})
+	return
+}
+
+//DeleteRemoteBranch deletes the remote branch if it exists
+func (c *RepoClientImpl) DeleteRemoteBranch(branchName string) (err error) {
+	var originRemote *git.Remote
+	originRemote, err = c.repo.Remote("origin")
+	if err != nil {
+		return
+	}
+
+	err = originRemote.Push(&git.PushOptions{
+		Auth:     c.auth,
+		RefSpecs: []config.RefSpec{config.RefSpec(":refs/heads/" + branchName)},
+	})
+
+	//if already up-to-date, then it's already deleted
+	if err != nil && err.Error() == "already up-to-date" {
+		err = nil
+	}
+	return
+}

clients/gitlab/client.go

@@ -67,6 +67,10 @@ type Client interface {
 	AddProject(createProjectOptions gogitlab.CreateProjectOptions) (*gogitlab.Project, int, error)
 	UpdateProject(projectID int, editProjectOptions gogitlab.EditProjectOptions) (*gogitlab.Project, int, error)
 	DeleteProject(projectID int, waitInterval int, waitCount int) (int, error)
+	GetMergeRequestByID(projectID int, mergeRequestID int) (*gogitlab.MergeRequest, error)
+	GetMergeRequests(projectID int, sourceBranch string, targetBranch string) ([]*gogitlab.MergeRequest, error)
+	CreateMergeRequest(projectID int, mrOptions *gogitlab.CreateMergeRequestOptions) (*gogitlab.MergeRequest, error)
+	CloseMergeRequest(projectID int, mergeRequestID int) error
 }
 
 // ClientImpl -
@@ -719,3 +723,48 @@ func (r ClientImpl) DeleteProject(projectID int, waitInterval int, waitCount int
 	processComplete(logPrefix, returnStatusCode)
 	return returnStatusCode, nil
 }
+
+//GetMergeRequestByID gets the merge request by ID
+func (r ClientImpl) GetMergeRequestByID(projectID int, mergeRequestID int) (*gogitlab.MergeRequest, error) {
+	mr, _, err := r.client.MergeRequests.GetMergeRequest(projectID, mergeRequestID, &gogitlab.GetMergeRequestsOptions{})
+	if err != nil {
+		return nil, err
+	}
+	return mr, err
+}
+
+//GetMergeRequests gets the currently open merge requests filtered by the branches
+func (r ClientImpl) GetMergeRequests(projectID int, sourceBranch string, targetBranch string) ([]*gogitlab.MergeRequest, error) {
+	mrs, _, err := r.client.MergeRequests.ListProjectMergeRequests(projectID, &gogitlab.ListProjectMergeRequestsOptions{
+		SourceBranch: &sourceBranch,
+		TargetBranch: &targetBranch,
+	})
+	if err != nil {
+		return nil, err
+	}
+	return mrs, nil
+}
+
+//CreateMergeRequest creates an new merge request for the projectID
+func (r ClientImpl) CreateMergeRequest(projectID int, mrOptions *gogitlab.CreateMergeRequestOptions) (*gogitlab.MergeRequest, error) {
+	mr, _, err := r.client.MergeRequests.CreateMergeRequest(projectID, mrOptions)
+	if err != nil {
+		return nil, err
+	}
+	return mr, nil
+}
+
+//CloseMergeRequest closes an existing merge request
+func (r ClientImpl) CloseMergeRequest(projectID int, mergeRequestID int) error {
+	state := "close"
+	_, _, err := r.client.MergeRequests.UpdateMergeRequest(
+		projectID,
+		mergeRequestID,
+		&gogitlab.UpdateMergeRequestOptions{
+			StateEvent: &state,
+		})
+	if err != nil {
+		return err
+	}
+	return nil
+}

clients/gitlab/client_test.go

@@ -1565,3 +1565,184 @@ func TestClient_DeleteProject(t *testing.T) {
 		})
 	}
 }
+
+func TestClient_GetMergeRequests(t *testing.T) {
+
+	// setup a http client for use in mocking
+	testHTTPClient := &http.Client{}
+	httpmock.ActivateNonDefault(testHTTPClient)
+	defer httpmock.DeactivateAndReset()
+
+	testProjectID := 1
+	testSourceBranch := "sourceBranch"
+	testTargetBranch := "targetBranch"
+	testGetMRs := []*gogitlab.MergeRequest{
+		{
+			ID:              0,
+			IID:             0,
+			ProjectID:       testProjectID,
+			SourceBranch:    testSourceBranch,
+			TargetBranch:    testTargetBranch,
+			State:           "opened",
+			Upvotes:         0,
+			Downvotes:       0,
+			SourceProjectID: 0,
+			TargetProjectID: 0,
+		},
+	}
+
+	httpmock.RegisterResponder("GET",
+		`=~^https://test/api/v4/projects.*`,
+		func(req *http.Request) (*http.Response, error) {
+			return httpmock.NewJsonResponse(http.StatusOK, testGetMRs)
+		},
+	)
+
+	// test objects
+	testAPIUrl := "https://test/api/v4/"
+	testToken := "token"
+	// create a gitlab Client object, inject http client to allow for mocking using httpmock
+	testGitlabClient, _ := gogitlab.NewClient(testToken, gogitlab.WithBaseURL(testAPIUrl), gogitlab.WithHTTPClient(testHTTPClient))
+
+	type fields struct {
+		client *gogitlab.Client
+		token  string
+		apiURL string
+	}
+	type args struct {
+		projectID    int
+		sourceBranch string
+		targetBranch string
+	}
+	tests := []struct {
+		name    string
+		fields  fields
+		args    args
+		want    []*gogitlab.MergeRequest
+		want1   int
+		wantErr bool
+	}{
+		{
+			name:    "UpdateProject Success",
+			fields:  fields{client: testGitlabClient, token: testToken, apiURL: testAPIUrl},
+			args:    args{projectID: testProjectID, sourceBranch: testSourceBranch, targetBranch: testTargetBranch},
+			want:    testGetMRs,
+			want1:   http.StatusOK,
+			wantErr: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			r := ClientImpl{
+				client: tt.fields.client,
+				token:  tt.fields.token,
+				apiURL: tt.fields.apiURL,
+			}
+			got, err := r.GetMergeRequests(tt.args.projectID, tt.args.sourceBranch, tt.args.sourceBranch)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("Client.GetMergeRequests() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if got[0].ProjectID != tt.want[0].ProjectID {
+				t.Errorf("ProjectID got = %v, want %v", got, tt.want)
+			}
+			if got[0].SourceBranch != tt.want[0].SourceBranch {
+				t.Errorf("SourceBranch got = %v, want %v", got, tt.want)
+			}
+			if got[0].TargetBranch != tt.want[0].TargetBranch {
+				t.Errorf("TargetBranch got = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestClient_CreateMergeRequest(t *testing.T) {
+
+	// setup a http client for use in mocking
+	testHTTPClient := &http.Client{}
+	httpmock.ActivateNonDefault(testHTTPClient)
+	defer httpmock.DeactivateAndReset()
+
+	testProjectID := 1
+	testSourceBranch := "sourceBranch"
+	testTargetBranch := "targetBranch"
+	testGetMRs := &gogitlab.MergeRequest{
+		ID:              0,
+		IID:             0,
+		ProjectID:       testProjectID,
+		SourceBranch:    testSourceBranch,
+		TargetBranch:    testTargetBranch,
+		State:           "opened",
+		Upvotes:         0,
+		Downvotes:       0,
+		SourceProjectID: 0,
+		TargetProjectID: 0,
+	}
+
+	httpmock.RegisterResponder("POST",
+		`=~^https://test/api/v4/projects.*`,
+		func(req *http.Request) (*http.Response, error) {
+			return httpmock.NewJsonResponse(http.StatusOK, testGetMRs)
+		},
+	)
+
+	// test objects
+	testAPIUrl := "https://test/api/v4/"
+	testToken := "token"
+	// create a gitlab Client object, inject http client to allow for mocking using httpmock
+	testGitlabClient, _ := gogitlab.NewClient(testToken, gogitlab.WithBaseURL(testAPIUrl), gogitlab.WithHTTPClient(testHTTPClient))
+
+	type fields struct {
+		client *gogitlab.Client
+		token  string
+		apiURL string
+	}
+
+	type args struct {
+		projectID int
+		mrOptions *gogitlab.CreateMergeRequestOptions
+	}
+	tests := []struct {
+		name    string
+		fields  fields
+		args    args
+		want    *gogitlab.MergeRequest
+		want1   int
+		wantErr bool
+	}{
+		{
+			name:   "UpdateProject Success",
+			fields: fields{client: testGitlabClient, token: testToken, apiURL: testAPIUrl},
+			args: args{projectID: testProjectID, mrOptions: &gogitlab.CreateMergeRequestOptions{
+				SourceBranch: &testSourceBranch,
+				TargetBranch: &testTargetBranch,
+			}},
+			want:    testGetMRs,
+			want1:   http.StatusOK,
+			wantErr: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			r := ClientImpl{
+				client: tt.fields.client,
+				token:  tt.fields.token,
+				apiURL: tt.fields.apiURL,
+			}
+			got, err := r.CreateMergeRequest(tt.args.projectID, tt.args.mrOptions)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("Client.CreateMergeRequest() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if got.ProjectID != tt.want.ProjectID {
+				t.Errorf("ProjectID got = %v, want %v", got, tt.want)
+			}
+			if got.SourceBranch != tt.want.SourceBranch {
+				t.Errorf("SourceBranch got = %v, want %v", got, tt.want)
+			}
+			if got.TargetBranch != tt.want.TargetBranch {
+				t.Errorf("TargetBranch got = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}

config/crd/bases/gitlab.valkyrie.dso.mil_dnsrepocredentials.yaml

+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.4.1
+  creationTimestamp: null
+  name: dnsrepocredentials.gitlab.valkyrie.dso.mil
+spec:
+  group: gitlab.valkyrie.dso.mil
+  names:
+    kind: DNSRepoCredential
+    listKind: DNSRepoCredentialList
+    plural: dnsrepocredentials
+    singular: dnsrepocredential
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: DNSRepoCredential is the Schema for the dnsrepocredentials API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: DNSRepoCredentialSpec defines the desired state of DNSRepoCredential
+            properties:
+              gitlabProjectId:
+                description: GitlabProjectID is the project ID of the DNS project
+                  in Gitlab
+                type: integer
+              repoUrl:
+                description: 'RepoURL is the url for the DNS git repository. For example:
+                  https://code.il2.dso.mil/platform-one/products/valkyrie/dso-dns.git'
+                type: string
+              tokenSecretRef:
+                description: TokenSecRef is the project bot token used to clone the
+                  repo
+                properties:
+                  key:
+                    description: The key of the secret to select from.  Must be a
+                      valid secret key.
+                    type: string
+                  name:
+                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      TODO: Add other useful fields. apiVersion, kind, uid?'
+                    type: string
+                  optional:
+                    description: Specify whether the Secret or its key must be defined
+                    type: boolean
+                required:
+                - key
+                type: object
+              usernameSecretRef:
+                description: UsernameSecRef is the username of project bot will be
+                  used to clone the repo
+                properties:
+                  key:
+                    description: The key of the secret to select from.  Must be a
+                      valid secret key.
+                    type: string
+                  name:
+                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      TODO: Add other useful fields. apiVersion, kind, uid?'
+                    type: string
+                  optional:
+                    description: Specify whether the Secret or its key must be defined
+                    type: boolean
+                required:
+                - key
+                type: object
+            type: object
+          status:
+            description: DNSRepoCredentialStatus defines the observed state of DNSRepoCredential
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []

config/crd/bases/gitlab.valkyrie.dso.mil_dnsrepomergerequests.yaml

+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.4.1
+  creationTimestamp: null
+  name: dnsrepomergerequests.gitlab.valkyrie.dso.mil
+spec:
+  group: gitlab.valkyrie.dso.mil
+  names:
+    kind: DNSRepoMergeRequest
+    listKind: DNSRepoMergeRequestList
+    plural: dnsrepomergerequests
+    singular: dnsrepomergerequest
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: DNSRepoMergeRequest is the Schema for the dnsrepomergerequests
+          API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: DNSRepoMergeRequestSpec defines the desired state of DNSRepoMergeRequest
+            properties:
+              appHostname:
+                description: AppHostname is the hostname of the app want to be added
+                type: string
+              credentialName:
+                description: RepoCredentialName is the name of the Kind DNSRepoCredential
+                  object in this namespace that contains authentication information.
+                type: string
+              targetEnvironment:
+                description: TargetEnvironment specify which impact level the DNS
+                  record will be created
+                type: string
+            required:
+            - appHostname
+            - credentialName
+            - targetEnvironment
+            type: object
+          status:
+            description: DNSRepoMergeRequestStatus defines the observed state of DNSRepoMergeRequest
+            properties:
+              createdTime:
+                description: CreatedTime is the timestamp when the merge request was
+                  created by the controller. If the merge request already exists beforehand,
+                  this will not be set.
+                format: date-time
+                type: string
+              id:
+                description: ID is the merge request ID in the project
+                type: integer
+              sourceBranch:
+                description: SourceBranch is the source branch of the merge request
+                type: string
+              state:
+                description: State represents current state of the resource
+                type: string
+              targetBranch:
+                description: TargetBranch is the target branch of the merge request
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []

config/crd/bases/gitlab.valkyrie.dso.mil_groups.yaml

@@ -58,6 +58,11 @@ spec:
                 items:
                   description: ProjectSpec defines the desired state of Project
                   properties:
+                    gitlabCredentialsName:
+                      description: GitlabCredentialsName is the name of the object
+                        in this namespace that contains authentication information
+                        for logging into the
+                      type: string
                     groupId:
                       description: GroupID is the id of the GitLab Group id that owns
                         this project
@@ -97,6 +102,7 @@ spec:
                         will be created for this Project
                       type: string
                   required:
+                  - gitlabCredentialsName
                   - groupId
                   - impactLevel
                   - language

config/crd/bases/gitlab.valkyrie.dso.mil_projects.yaml

@@ -36,6 +36,11 @@ spec:
           spec:
             description: ProjectSpec defines the desired state of Project
             properties:
+              gitlabCredentialsName:
+                description: GitlabCredentialsName is the name of the object in this
+                  namespace that contains authentication information for logging into
+                  the
+                type: string
               groupId:
                 description: GroupID is the id of the GitLab Group id that owns this
                   project
@@ -75,6 +80,7 @@ spec:
                   be created for this Project
                 type: string
             required:
+            - gitlabCredentialsName
             - groupId
             - impactLevel
             - language

config/crd/kustomization.yaml

@@ -18,6 +18,8 @@ resources:
 - bases/gitlab.valkyrie.dso.mil_gitlabcredentials.yaml
 - bases/twistlock.valkyrie.dso.mil_twistlockpipelineconfigurations.yaml
 - bases/twistlock.valkyrie.dso.mil_twistlockcredentials.yaml
+- bases/gitlab.valkyrie.dso.mil_dnsrepocredentials.yaml
+- bases/gitlab.valkyrie.dso.mil_dnsrepomergerequests.yaml
 #+kubebuilder:scaffold:crdkustomizeresource
 
 patchesStrategicMerge:
@@ -38,6 +40,8 @@ patchesStrategicMerge:
 #- patches/webhook_in_fortifycredentials.yaml
 #- patches/webhook_in_gitlabcredentials.yaml
 #- patches/webhook_in_twistlockcredentials.yaml
+#- patches/webhook_in_dnsrepocredentials.yaml
+#- patches/webhook_in_dnsrepomergerequests.yaml
 #+kubebuilder:scaffold:crdkustomizewebhookpatch
 
 # [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix.
@@ -57,6 +61,8 @@ patchesStrategicMerge:
 #- patches/cainjection_in_fortifycredentials.yaml
 #- patches/cainjection_in_gitlabcredentials.yaml
 #- patches/cainjection_in_twistlockcredentials.yaml
+#- patches/cainjection_in_dnsrepocredentials.yaml
+#- patches/cainjection_in_dnsrepomergerequests.yaml
 #+kubebuilder:scaffold:crdkustomizecainjectionpatch
 
 # the following config is for teaching kustomize how to do kustomization for CRDs.

config/crd/patches/cainjection_in_dnsrepocredentials.yaml

+# The following patch adds a directive for certmanager to inject CA into the CRD
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+  name: dnsrepocredentials.gitlab.valkyrie.dso.mil

config/crd/patches/cainjection_in_dnsrepomergerequests.yaml

+# The following patch adds a directive for certmanager to inject CA into the CRD
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+  name: dnsrepomergerequests.gitlab.valkyrie.dso.mil

config/crd/patches/webhook_in_dnsrepocredentials.yaml

+# The following patch enables a conversion webhook for the CRD
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: dnsrepocredentials.gitlab.valkyrie.dso.mil
+spec:
+  conversion:
+    strategy: Webhook
+    webhook:
+      clientConfig:
+        service:
+          namespace: system
+          name: webhook-service
+          path: /convert
+      conversionReviewVersions:
+      - v1

config/crd/patches/webhook_in_dnsrepomergerequests.yaml

+# The following patch enables a conversion webhook for the CRD
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: dnsrepomergerequests.gitlab.valkyrie.dso.mil
+spec:
+  conversion:
+    strategy: Webhook
+    webhook:
+      clientConfig:
+        service:
+          namespace: system
+          name: webhook-service
+          path: /convert
+      conversionReviewVersions:
+      - v1

config/rbac/dnsrepocredential_editor_role.yaml

+# permissions for end users to edit dnsrepocredentials.
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: dnsrepocredential-editor-role
+rules:
+- apiGroups:
+  - gitlab.valkyrie.dso.mil
+  resources:
+  - dnsrepocredentials
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - gitlab.valkyrie.dso.mil
+  resources:
+  - dnsrepocredentials/status
+  verbs:
+  - get