WIP: connection credentials

src/servala/core/models/service.py

@@ -605,3 +605,80 @@ class ServiceInstance(ServalaModelMixin, models.Model):
         if not (status := self.kubernetes_object.get("status")):
             return []
         return status.get("conditions") or []
+
+    @cached_property
+    def connection_credentials(self):
+        """
+        Get connection credentials via spec.resourceRef.
+        The resource referenced there has the information which secret
+        we want in spec.writeConnectionSecretToRef.name and spec.writeConnectionSecretToRef.namespace.
+        """
+        if not self.kubernetes_object:
+            return {}
+        if not (
+            resource_ref := self.kubernetes_object.get("spec", {}).get("resourceRef")
+        ):
+            return {}
+
+        try:
+            group = resource_ref.get("apiVersion", "").split("/")[0]
+            version = resource_ref.get("apiVersion", "").split("/")[1]
+            kind = resource_ref.get("kind")
+            name = resource_ref.get("name")
+            namespace = resource_ref.get("namespace", self.organization.namespace)
+
+            if not all([group, version, kind, name]):
+                return {}
+
+            plural = kind.lower()
+            if not plural.endswith("s"):
+                plural = f"{plural}s"
+
+            api_instance = client.CustomObjectsApi(
+                self.context.control_plane.get_kubernetes_client()
+            )
+
+            referenced_obj = api_instance.get_namespaced_custom_object(
+                group=group,
+                version=version,
+                namespace=namespace,
+                plural=plural,
+                name=name,
+            )
+
+            secret_ref = referenced_obj.get("spec", {}).get(
+                "writeConnectionSecretToRef"
+            )
+            if not secret_ref:
+                return {}
+
+            secret_name = secret_ref.get("name")
+            secret_namespace = secret_ref.get("namespace", namespace)
+
+            if not secret_name:
+                return {}
+
+            # Get the secret data
+            v1 = kubernetes.client.CoreV1Api(
+                self.context.control_plane.get_kubernetes_client()
+            )
+            secret = v1.read_namespaced_secret(
+                name=secret_name, namespace=secret_namespace
+            )
+
+            # Secret data is base64 encoded
+            credentials = {}
+            if hasattr(secret, "data") and secret.data:
+                import base64
+
+                for key, value in secret.data.items():
+                    try:
+                        credentials[key] = base64.b64decode(value).decode("utf-8")
+                    except Exception:
+                        credentials[key] = f"<binary data: {len(value)} bytes>"
+
+            return credentials
+        except ApiException as e:
+            return {"error": str(e)}
+        except Exception as e:
+            return {"error": str(e)}

src/servala/frontend/templates/frontend/organizations/service_instance_detail.html

@@ -131,6 +131,39 @@
                     </div>
                 </div>
             {% endif %}
+            {% if instance.connection_credentials %}
+                <div class="card">
+                    <div class="card-header">
+                        <h4>{% translate "Connection Credentials" %}</h4>
+                    </div>
+                    <div class="card-body">
+                        <div class="table-responsive">
+                            <table class="table table-bordered">
+                                <thead>
+                                    <tr>
+                                        <th>{% translate "Name" %}</th>
+                                        <th>{% translate "Value" %}</th>
+                                    </tr>
+                                </thead>
+                                <tbody>
+                                    {% for key, value in instance.connection_credentials.items %}
+                                        <tr>
+                                            <td>{{ key }}</td>
+                                            <td>
+                                                {% if key == "error" %}
+                                                    <span class="text-danger">{{ value }}</span>
+                                                {% else %}
+                                                    <code>{{ value }}</code>
+                                                {% endif %}
+                                            </td>
+                                        </tr>
+                                    {% endfor %}
+                                </tbody>
+                            </table>
+                        </div>
+                    </div>
+                </div>
+            {% endif %}
         </div>
     </section>
 {% endblock content %}