Add domain settings and smpt

[ZITADOPER-1]

src/internal/controller/zitadelcluster_controller.go

@@ -42,6 +42,7 @@ import (
 	"github.com/hashicorp/go-multierror"
 	"github.com/zitadel/zitadel-go/v2/pkg/client/middleware"
 	"github.com/zitadel/zitadel-go/v2/pkg/client/system"
+	adm "github.com/zitadel/zitadel-go/v2/pkg/client/zitadel/admin"
 	authn "github.com/zitadel/zitadel-go/v2/pkg/client/zitadel/authn"
 	"github.com/zitadel/zitadel-go/v2/pkg/client/zitadel/management"
 	pb "github.com/zitadel/zitadel-go/v2/pkg/client/zitadel/system"
@@ -152,6 +153,14 @@ func (r *ZitadelClusterReconciler) Reconcile(ctx context.Context, req ctrl.Reque
 			Name:      "DefaultInstance",
 			Reconcile: r.reconcileDefaultInstance,
 		},
+		{
+			Name:      "SMTPConfig",
+			Reconcile: r.reconcileSMTPConfig,
+		},
+		{
+			Name:      "DomainPolicyConfig",
+			Reconcile: r.reconcileDomainPolicy,
+		},
 		{
 			Name:      "InitialAdminSecret",
 			Reconcile: r.reconcileInitialAdminPassword,
@@ -448,6 +457,48 @@ func (r *ZitadelClusterReconciler) reconcileDefaultInstance(ctx context.Context,
 	return ctrl.Result{}, nil
 }
 
+func (r *ZitadelClusterReconciler) reconcileSMTPConfig(ctx context.Context, zitadel *zitadelv1alpha1.ZitadelCluster) (ctrl.Result, error) {
+	adminClient, err := zitadelClient.NewAdminClient(ctx, zitadel, *r.RefResolver)
+	if err != nil {
+		return ctrl.Result{}, err
+	}
+	adminRequest := &adm.AddSMTPConfigRequest{
+		SenderAddress:  zitadel.Spec.SMTPConfig.SenderAddress,
+		SenderName:     zitadel.Spec.SMTPConfig.SenderName,
+		Tls:            zitadel.Spec.SMTPConfig.TLS,
+		Host:           zitadel.Spec.SMTPConfig.Host,
+		ReplyToAddress: zitadel.Spec.SMTPConfig.ReplyToAddress,
+	}
+	if zitadel.Spec.SMTPConfig.User != nil && zitadel.Spec.SMTPConfig.Password != nil {
+		passwordSecret, err := r.RefResolver.SecretKeyRef(ctx, zitadel.Spec.SMTPConfig.Password.SecretKeyRef, zitadel.Namespace)
+		if err != nil {
+			return ctrl.Result{}, err
+		}
+		adminRequest.Password = passwordSecret
+		adminRequest.User = *zitadel.Spec.SMTPConfig.User
+	}
+
+	if _, err = adminClient.AddSMTPConfig(ctx, adminRequest); err != nil {
+		return ctrl.Result{}, fmt.Errorf("Could not add SMTP config: %v", err)
+	}
+	return ctrl.Result{}, nil
+}
+
+func (r *ZitadelClusterReconciler) reconcileDomainPolicy(ctx context.Context, zitadel *zitadelv1alpha1.ZitadelCluster) (ctrl.Result, error) {
+	adminClient, err := zitadelClient.NewAdminClient(ctx, zitadel, *r.RefResolver)
+	if err != nil {
+		return ctrl.Result{}, err
+	}
+	if _, err = adminClient.UpdateDomainPolicy(ctx, &adm.UpdateDomainPolicyRequest{
+		UserLoginMustBeDomain:                  zitadel.Spec.DomainSettings.UserLoginMustBeDomain,
+		ValidateOrgDomains:                     zitadel.Spec.DomainSettings.ValidateOrgDomains,
+		SmtpSenderAddressMatchesInstanceDomain: zitadel.Spec.DomainSettings.SMTPSenderAddressMatchesInstanceDomain,
+	}); err != nil {
+		return ctrl.Result{}, fmt.Errorf("Could not update domain policy config: %v", err)
+	}
+	return ctrl.Result{}, nil
+}
+
 func (r *ZitadelClusterReconciler) reconcileInitialAdminPassword(ctx context.Context, zitadel *zitadelv1alpha1.ZitadelCluster) (ctrl.Result, error) {
 	secretName := admin.AdminPasswordSecretName(zitadel)
 	key := types.NamespacedName{
@@ -540,6 +591,7 @@ func (r *ZitadelClusterReconciler) reconcileInitialHumanUser(ctx context.Context
 	zitadel.Status.InitialAdminId = userid
 	return ctrl.Result{}, r.Status().Patch(ctx, zitadel, patch)
 }
+
 func GetIssuer(zitadel *zitadelv1alpha1.ZitadelCluster) string {
 	scheme := "http"
 	if zitadel.Spec.ExternalSecure {