Add key fields individually in secret

[ZITADOPER-1]

src/internal/controller/apiapp_controller.go

@@ -18,6 +18,7 @@ package controller
 
 import (
 	"context"
+	"encoding/json"
 	"fmt"
 	"strings"
 	"time"
@@ -187,6 +188,14 @@ func (wr *wrappedAPIAppReconciler) reconcileApp(ctx context.Context, ztdClient *
 	return wr.Client.Status().Patch(ctx, wr.APIApp, patch)
 }
 
+type Key struct {
+	Type     string `json:"type"`
+	KeyID    string `json:"keyId"`
+	Key      string `json:"key"`
+	AppID    string `json:"appId"`
+	ClientID string `json:"clientId"`
+}
+
 func (wr *wrappedAPIAppReconciler) reconcileKeys(ctx context.Context, ztdClient *management.Client) error {
 	if wr.APIApp.Spec.AuthMethodType == "API_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT" {
 		org, err := wr.APIApp.Organization(ctx, wr.refResolver)
@@ -227,8 +236,17 @@ func (wr *wrappedAPIAppReconciler) reconcileKeys(ctx context.Context, ztdClient
 			Name:      wr.APIApp.Name + "-privatekey-secret",
 			Namespace: wr.APIApp.Namespace,
 		}
-
-		secretData := map[string][]byte{"key.json": resp.KeyDetails}
+		var jsonKey Key
+		if err = json.Unmarshal(resp.KeyDetails, &jsonKey); err != nil {
+			return fmt.Errorf("Could not unmarshal key details: %v", err)
+		}
+		secretData := map[string][]byte{
+			"clientId": []byte(jsonKey.ClientID),
+			"type":     []byte(jsonKey.Type),
+			"keyId":    []byte(jsonKey.KeyID),
+			"appId":    []byte(jsonKey.AppID),
+			"key":      []byte(jsonKey.Key),
+		}
 		secret, err := wr.Builder.BuildSecret(builder.SecretOpts{Immutable: true, Zitadel: nil, Key: key, Data: secretData}, wr.APIApp)
 		if err != nil {
 			return fmt.Errorf("error building Secret: %v", err)
@@ -239,7 +257,6 @@ func (wr *wrappedAPIAppReconciler) reconcileKeys(ctx context.Context, ztdClient
 		patch := ctrlClient.MergeFrom(wr.APIApp.DeepCopy())
 		wr.APIApp.Status.KeyId = resp.Id
 		return wr.Client.Status().Patch(ctx, wr.APIApp, patch)
-
 	}
 	return nil
 }