fix: add missing omitempty json tags for optional fields (#2855)

The missing tags can confuse some tools.

Fixes: #2853

Signed-off-by: Thomas Way <thomas@6f.io>

apis/externalsecrets/v1alpha1/pushsecret_types.go

@@ -28,10 +28,10 @@ const (
 type PushSecretStoreRef struct {
 	// Optionally, sync to the SecretStore of the given name
 	// +optional
-	Name string `json:"name"`
+	Name string `json:"name,omitempty"`
 	// Optionally, sync to secret stores with label selector
 	// +optional
-	LabelSelector *metav1.LabelSelector `json:"labelSelector"`
+	LabelSelector *metav1.LabelSelector `json:"labelSelector,omitempty"`
 	// Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
 	// Defaults to `SecretStore`
 	// +kubebuilder:default="SecretStore"

apis/externalsecrets/v1alpha1/secretstore_akeyless_types.go

@@ -43,7 +43,7 @@ type AkeylessAuth struct {
 	// Reference to a Secret that contains the details
 	// to authenticate with Akeyless.
 	// +optional
-	SecretRef AkeylessAuthSecretRef `json:"secretRef"`
+	SecretRef AkeylessAuthSecretRef `json:"secretRef,omitempty"`
 
 	// Kubernetes authenticates with Akeyless by passing the ServiceAccount
 	// token stored in the named Secret resource.

apis/externalsecrets/v1alpha1/secretstore_aws_types.go

@@ -65,7 +65,7 @@ type AWSProvider struct {
 	// if not set aws sdk will infer credentials from your environment
 	// see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
 	// +optional
-	Auth AWSAuth `json:"auth"`
+	Auth AWSAuth `json:"auth,omitempty"`
 
 	// Role is a Role ARN which the SecretManager provider will assume
 	// +optional

apis/externalsecrets/v1alpha1/secretstore_kubernetes_types.go

@@ -52,7 +52,7 @@ type KubernetesProvider struct {
 	// Remote namespace to fetch the secrets from
 	// +kubebuilder:default= default
 	// +optional
-	RemoteNamespace string `json:"remoteNamespace"`
+	RemoteNamespace string `json:"remoteNamespace,omitempty"`
 }
 
 // +kubebuilder:validation:MinProperties=1

apis/externalsecrets/v1alpha1/secretstore_types.go

@@ -24,7 +24,7 @@ type SecretStoreSpec struct {
 	// Used to select the correct ESO controller (think: ingress.ingressClassName)
 	// The ESO controller is instantiated with a specific controller name and filters ES based on this property
 	// +optional
-	Controller string `json:"controller"`
+	Controller string `json:"controller,omitempty"`
 
 	// Used to configure the provider. Only one provider may be set
 	Provider *SecretStoreProvider `json:"provider"`
@@ -124,7 +124,7 @@ type SecretStoreStatusCondition struct {
 // SecretStoreStatus defines the observed state of the SecretStore.
 type SecretStoreStatus struct {
 	// +optional
-	Conditions []SecretStoreStatusCondition `json:"conditions"`
+	Conditions []SecretStoreStatusCondition `json:"conditions,omitempty"`
 }
 
 // +kubebuilder:object:root=true

apis/externalsecrets/v1alpha1/secretstore_vault_types.go

@@ -64,7 +64,7 @@ type VaultProvider struct {
 	// for fetching secrets from Vault is optional and will be appended
 	// if not present in specified path.
 	// +optional
-	Path *string `json:"path"`
+	Path *string `json:"path,omitempty"`
 
 	// Version is the Vault KV secret engine version. This can be either "v1" or
 	// "v2". Version defaults to "v2".
@@ -235,7 +235,7 @@ type VaultJwtAuth struct {
 	// Role is a JWT role to authenticate using the JWT/OIDC Vault
 	// authentication method
 	// +optional
-	Role string `json:"role"`
+	Role string `json:"role,omitempty"`
 
 	// Optional SecretRef that refers to a key in a Secret resource containing JWT token to
 	// authenticate with Vault using the JWT/OIDC authentication method.

apis/externalsecrets/v1beta1/clusterexternalsecret_types.go

@@ -26,11 +26,11 @@ type ClusterExternalSecretSpec struct {
 
 	// The name of the external secrets to be created defaults to the name of the ClusterExternalSecret
 	// +optional
-	ExternalSecretName string `json:"externalSecretName"`
+	ExternalSecretName string `json:"externalSecretName,omitempty"`
 
 	// The metadata of the external secrets to be created
 	// +optional
-	ExternalSecretMetadata ExternalSecretMetadata `json:"externalSecretMetadata"`
+	ExternalSecretMetadata ExternalSecretMetadata `json:"externalSecretMetadata,omitempty"`
 
 	// The labels to select by to find the Namespaces to create the ExternalSecrets in.
 	// +optional

apis/externalsecrets/v1beta1/externalsecret_types.go

@@ -336,7 +336,7 @@ type FindName struct {
 // ExternalSecretSpec defines the desired state of ExternalSecret.
 type ExternalSecretSpec struct {
 	// +optional
-	SecretStoreRef SecretStoreRef `json:"secretStoreRef"`
+	SecretStoreRef SecretStoreRef `json:"secretStoreRef,omitempty"`
 	// +kubebuilder:default={creationPolicy:Owner,deletionPolicy:Retain}
 	// +optional
 	Target ExternalSecretTarget `json:"target,omitempty"`
@@ -363,7 +363,7 @@ type ExternalSecretSpec struct {
 // +kubebuilder:validation:MaxProperties=1
 type StoreSourceRef struct {
 	// +optional
-	SecretStoreRef SecretStoreRef `json:"storeRef"`
+	SecretStoreRef SecretStoreRef `json:"storeRef,omitempty"`
 
 	// GeneratorRef points to a generator custom resource.
 	//

apis/externalsecrets/v1beta1/secretstore_akeyless_types.go

@@ -43,7 +43,7 @@ type AkeylessAuth struct {
 	// Reference to a Secret that contains the details
 	// to authenticate with Akeyless.
 	// +optional
-	SecretRef AkeylessAuthSecretRef `json:"secretRef"`
+	SecretRef AkeylessAuthSecretRef `json:"secretRef,omitempty"`
 
 	// Kubernetes authenticates with Akeyless by passing the ServiceAccount
 	// token stored in the named Secret resource.

apis/externalsecrets/v1beta1/secretstore_aws_types.go

@@ -76,7 +76,7 @@ type AWSProvider struct {
 	// if not set aws sdk will infer credentials from your environment
 	// see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
 	// +optional
-	Auth AWSAuth `json:"auth"`
+	Auth AWSAuth `json:"auth,omitempty"`
 
 	// Role is a Role ARN which the SecretManager provider will assume
 	// +optional

apis/externalsecrets/v1beta1/secretstore_conjur_types.go

@@ -27,9 +27,9 @@ type ConjurProvider struct {
 
 type ConjurAuth struct {
 	// +optional
-	Apikey *ConjurApikey `json:"apikey"`
+	Apikey *ConjurApikey `json:"apikey,omitempty"`
 	// +optional
-	Jwt *ConjurJWT `json:"jwt"`
+	Jwt *ConjurJWT `json:"jwt,omitempty"`
 }
 
 type ConjurApikey struct {
@@ -52,5 +52,5 @@ type ConjurJWT struct {
 	// Optional ServiceAccountRef specifies the Kubernetes service account for which to request
 	// a token for with the `TokenRequest` API.
 	// +optional
-	ServiceAccountRef *esmeta.ServiceAccountSelector `json:"serviceAccountRef"`
+	ServiceAccountRef *esmeta.ServiceAccountSelector `json:"serviceAccountRef,omitempty"`
 }

apis/externalsecrets/v1beta1/secretstore_kubernetes_types.go

@@ -45,7 +45,7 @@ type KubernetesProvider struct {
 	// Remote namespace to fetch the secrets from
 	// +kubebuilder:default= default
 	// +optional
-	RemoteNamespace string `json:"remoteNamespace"`
+	RemoteNamespace string `json:"remoteNamespace,omitempty"`
 }
 
 // +kubebuilder:validation:MinProperties=1

apis/externalsecrets/v1beta1/secretstore_types.go

@@ -24,7 +24,7 @@ type SecretStoreSpec struct {
 	// Used to select the correct ESO controller (think: ingress.ingressClassName)
 	// The ESO controller is instantiated with a specific controller name and filters ES based on this property
 	// +optional
-	Controller string `json:"controller"`
+	Controller string `json:"controller,omitempty"`
 
 	// Used to configure the provider. Only one provider may be set
 	Provider *SecretStoreProvider `json:"provider"`
@@ -35,7 +35,7 @@ type SecretStoreSpec struct {
 
 	// Used to configure store refresh interval in seconds. Empty or 0 will default to the controller config.
 	// +optional
-	RefreshInterval int `json:"refreshInterval"`
+	RefreshInterval int `json:"refreshInterval,omitempty"`
 
 	// Used to constraint a ClusterSecretStore to specific namespaces. Relevant only to ClusterSecretStore
 	// +optional
@@ -213,9 +213,9 @@ const (
 // SecretStoreStatus defines the observed state of the SecretStore.
 type SecretStoreStatus struct {
 	// +optional
-	Conditions []SecretStoreStatusCondition `json:"conditions"`
+	Conditions []SecretStoreStatusCondition `json:"conditions,omitempty"`
 	// +optional
-	Capabilities SecretStoreCapabilities `json:"capabilities"`
+	Capabilities SecretStoreCapabilities `json:"capabilities,omitempty"`
 }
 
 // +kubebuilder:object:root=true

apis/externalsecrets/v1beta1/secretstore_vault_types.go

@@ -39,7 +39,7 @@ type VaultProvider struct {
 	// for fetching secrets from Vault is optional and will be appended
 	// if not present in specified path.
 	// +optional
-	Path *string `json:"path"`
+	Path *string `json:"path,omitempty"`
 
 	// Version is the Vault KV secret engine version. This can be either "v1" or
 	// "v2". Version defaults to "v2".
@@ -260,7 +260,7 @@ type VaultJwtAuth struct {
 	// Role is a JWT role to authenticate using the JWT/OIDC Vault
 	// authentication method
 	// +optional
-	Role string `json:"role"`
+	Role string `json:"role,omitempty"`
 
 	// Optional SecretRef that refers to a key in a Secret resource containing JWT token to
 	// authenticate with Vault using the JWT/OIDC authentication method.

apis/generators/v1alpha1/generator_ecr.go

@@ -26,12 +26,12 @@ type ECRAuthorizationTokenSpec struct {
 
 	// Auth defines how to authenticate with AWS
 	// +optional
-	Auth AWSAuth `json:"auth"`
+	Auth AWSAuth `json:"auth,omitempty"`
 
 	// You can assume a role before making calls to the
 	// desired AWS service.
 	// +optional
-	Role string `json:"role"`
+	Role string `json:"role,omitempty"`
 }
 
 // AWSAuth tells the controller how to do authentication with aws.

apis/generators/v1alpha1/generator_fake.go

@@ -23,7 +23,7 @@ type FakeSpec struct {
 	// Used to select the correct ESO controller (think: ingress.ingressClassName)
 	// The ESO controller is instantiated with a specific controller name and filters VDS based on this property
 	// +optional
-	Controller string `json:"controller"`
+	Controller string `json:"controller,omitempty"`
 
 	// Data defines the static data returned
 	// by this generator.

apis/generators/v1alpha1/generator_vault.go

@@ -25,7 +25,7 @@ type VaultDynamicSecretSpec struct {
 	// Used to select the correct ESO controller (think: ingress.ingressClassName)
 	// The ESO controller is instantiated with a specific controller name and filters VDS based on this property
 	// +optional
-	Controller string `json:"controller"`
+	Controller string `json:"controller,omitempty"`
 
 	// Vault API method to use (GET/POST/other)
 	Method string `json:"method,omitempty"`