Documentation ¶
Overview ¶
Package v1alpha1 contains API Schema definitions for the terraform v1alpha1 API group +k8s:deepcopy-gen=package,register +groupName=terraform.appvia.io
Index ¶
- Constants
- Variables
- func Resource(resource string) schema.GroupResource
- type CloudResource
- func (in *CloudResource) DeepCopy() *CloudResource
- func (in *CloudResource) DeepCopyInto(out *CloudResource)
- func (in *CloudResource) DeepCopyObject() runtime.Object
- func (c *CloudResource) GetCommonStatus() *corev1alpha1.CommonStatus
- func (c *CloudResource) GetNamespacedName() types.NamespacedName
- func (c *CloudResource) GetTerraformConfigSecretName() string
- func (c *CloudResource) GetTerraformCostSecretName() string
- func (c *CloudResource) GetTerraformPolicySecretName() string
- func (c *CloudResource) GetTerraformStateSecretName() string
- func (c *CloudResource) HasApproval() bool
- func (c *CloudResource) HasRetryableAnnotation() bool
- func (c *CloudResource) IsRetryable() bool
- func (c *CloudResource) IsRetryableValid() bool
- func (c *CloudResource) NeedsApproval() bool
- type CloudResourceList
- type CloudResourceRevisionStatus
- type CloudResourceSpec
- type CloudResourceStatus
- type Configuration
- func (in *Configuration) DeepCopy() *Configuration
- func (in *Configuration) DeepCopyInto(out *Configuration)
- func (in *Configuration) DeepCopyObject() runtime.Object
- func (c *Configuration) GetCommonStatus() *corev1alpha1.CommonStatus
- func (c *Configuration) GetNamespacedName() types.NamespacedName
- func (c *Configuration) GetTerraformConfigSecretName() string
- func (c *Configuration) GetTerraformCostSecretName() string
- func (c *Configuration) GetTerraformPolicySecretName() string
- func (c *Configuration) GetTerraformStateSecretName() string
- func (c *Configuration) HasApproval() bool
- func (c *Configuration) HasRetryableAnnotation() bool
- func (c *Configuration) IsManaged() bool
- func (c *Configuration) IsRetryable() bool
- func (c *Configuration) IsRetryableValid() bool
- func (c *Configuration) NeedsApproval() bool
- type ConfigurationList
- type ConfigurationRevisionStatus
- type ConfigurationSpec
- type ConfigurationStatus
- type Constraints
- type Context
- type ContextList
- func (in *ContextList) DeepCopy() *ContextList
- func (in *ContextList) DeepCopyInto(out *ContextList)
- func (in *ContextList) DeepCopyObject() runtime.Object
- func (c *ContextList) GetItem(name string) (Context, bool)
- func (c *ContextList) HasItem(name string) bool
- func (c *ContextList) Merge(items []Context)
- type ContextSpec
- func (in *ContextSpec) DeepCopy() *ContextSpec
- func (in *ContextSpec) DeepCopyInto(out *ContextSpec)
- func (c *ContextSpec) GetVariable(key string) (interface{}, bool, error)
- func (c *ContextSpec) GetVariableValue(name string) (runtime.RawExtension, bool)
- func (c *ContextSpec) HasVariable(name string) bool
- func (c *ContextSpec) HasVariables() bool
- type ContextStatus
- type CostStatus
- type DefaultVariables
- type DefaultVariablesSelector
- func (in *DefaultVariablesSelector) DeepCopy() *DefaultVariablesSelector
- func (in *DefaultVariablesSelector) DeepCopyInto(out *DefaultVariablesSelector)
- func (d DefaultVariablesSelector) IsLabelsMatch(object client.Object) (bool, error)
- func (d DefaultVariablesSelector) IsModulesMatch(config *Configuration) (bool, error)
- type ExternalCheck
- type ExternalSource
- type JobMetadata
- type ModuleConstraint
- type Plan
- func (in *Plan) DeepCopy() *Plan
- func (in *Plan) DeepCopyInto(out *Plan)
- func (in *Plan) DeepCopyObject() runtime.Object
- func (c *Plan) GetCommonStatus() *corev1alpha1.CommonStatus
- func (c *Plan) GetNamespacedName() types.NamespacedName
- func (c *Plan) GetRevision(version string) (PlanRevision, bool)
- func (c *Plan) HasRevision(version string) bool
- func (c *Plan) ListRevisions() []string
- func (c *Plan) RemoveRevision(version string)
- type PlanList
- type PlanReference
- type PlanRevision
- type PlanSpec
- type PlanStatus
- type Policy
- type PolicyConstraint
- type PolicyList
- type PolicySpec
- type PolicyStatus
- type PreloadConfiguration
- type Provider
- func (in *Provider) DeepCopy() *Provider
- func (in *Provider) DeepCopyInto(out *Provider)
- func (in *Provider) DeepCopyObject() runtime.Object
- func (p *Provider) GetCommonStatus() *corev1alpha1.CommonStatus
- func (p *Provider) GetConfiguration() []byte
- func (p *Provider) GetNamespacedName() types.NamespacedName
- func (p *Provider) HasBackendTemplate() bool
- func (p *Provider) HasConfiguration() bool
- func (p *Provider) IsPreloadingEnabled() bool
- func (p *Provider) JobAnnotations() map[string]string
- func (p *Provider) JobLabels() map[string]string
- type ProviderList
- func (in *ProviderList) DeepCopy() *ProviderList
- func (in *ProviderList) DeepCopyInto(out *ProviderList)
- func (in *ProviderList) DeepCopyObject() runtime.Object
- func (c *ProviderList) GetItem(name string) (Provider, bool)
- func (c *ProviderList) HasItem(name string) bool
- func (c *ProviderList) Merge(items []Provider)
- type ProviderReference
- type ProviderSpec
- type ProviderStatus
- type ProviderType
- type ResourceStatus
- type Revision
- func (in *Revision) DeepCopy() *Revision
- func (in *Revision) DeepCopyInto(out *Revision)
- func (in *Revision) DeepCopyObject() runtime.Object
- func (c *Revision) GetCommonStatus() *corev1alpha1.CommonStatus
- func (c *Revision) GetNamespacedName() types.NamespacedName
- func (c *Revision) ListOfInputs() []string
- type RevisionContextDependency
- type RevisionDefinition
- type RevisionDependency
- type RevisionInput
- type RevisionList
- type RevisionProviderDependency
- type RevisionSpec
- type RevisionStatus
- type RevisionTerranetesDependency
- type Selector
- type SourceType
- type ValueFromList
- type ValueFromSource
- type WriteConnectionSecret
- func (w *WriteConnectionSecret) AddKey(key, override string)
- func (in *WriteConnectionSecret) DeepCopy() *WriteConnectionSecret
- func (in *WriteConnectionSecret) DeepCopyInto(out *WriteConnectionSecret)
- func (w *WriteConnectionSecret) HasKeys() bool
- func (w *WriteConnectionSecret) IsValid() error
- func (w *WriteConnectionSecret) KeysMap() (map[string]string, error)
Constants ¶
const ( // ConditionConfigurationReady indicate the status of the configuration ConditionConfigurationReady corev1alpha1.ConditionType = "ConfigurationReady" // ConditionConfigurationStatus indicate the status of the configuration ConditionConfigurationStatus corev1alpha1.ConditionType = "ConfigurationStatus" )
const ( // CloudResourceNameLabel is the label used to identify the cloud resource the // configuration belongs to CloudResourceNameLabel = "terraform.appvia.io/cloud-resource-name" // CloudResourcePlanNameLabel is the name of the plan the cloud resource is associated with CloudResourcePlanNameLabel = RevisionPlanNameLabel // CloudResourceRevisionLabel is the revision version of the cloud resource is // associated with CloudResourceRevisionLabel = RevisionLabel // CloudResourceRevisionNameLabel is the revision name of the cloud resource is // associated with CloudResourceRevisionNameLabel = RevisionNameLabel )
const ( // ConditionProviderReady indicate the status of the provider ConditionProviderReady corev1alpha1.ConditionType = "ProviderReady" // ConditionTerraformPlan indicates the status of the terraform plan ConditionTerraformPlan corev1alpha1.ConditionType = "TerraformPlan" // ConditionTerraformPolicy indicates the status of the terraform apply ConditionTerraformPolicy corev1alpha1.ConditionType = "SecurityPolicy" // ConditionTerraformApply indicates the status of the terraform apply ConditionTerraformApply corev1alpha1.ConditionType = "TerraformApply" )
const ( // ApplyAnnotation is the annotation used to mark a resource as a plan rather than apply ApplyAnnotation = "terraform.appvia.io/apply" // DriftAnnotation is the annotation used to mark a resource for drift detection DriftAnnotation = "terraform.appvia.io/drift" // ReconcileAnnotation is the label used control reconciliation ReconcileAnnotation = "terraform.appvia.io/reconcile" // RetryAnnotation is the annotation used to mark a resource for retry RetryAnnotation = "terraform.appvia.io/retry" // OrphanAnnotation is the label used to orphan a configuration OrphanAnnotation = "terraform.appvia.io/orphan" // VersionAnnotation is the label used to hold the version VersionAnnotation = "terraform.appvia.io/version" )
const ( // CheckovJobTemplateConfigMapKey is the key name for the job template in the configmap CheckovJobTemplateConfigMapKey = "checkov.yaml" // TerraformBackendSecretKey is the key name for the terraform backend in the secret TerraformBackendSecretKey = "backend.tf" // TerraformVariablesConfigMapKey is the key name for the terraform variables in the configmap TerraformVariablesConfigMapKey = "variables.tfvars.json" // TerraformProviderConfigMapKey is the key name for the terraform variables in the configmap TerraformProviderConfigMapKey = "provider.tf" // TerraformJobTemplateConfigMapKey is the key name for the job template in the configmap TerraformJobTemplateConfigMapKey = "job.yaml" )
const ( // ConfigurationGenerationLabel is the label used to identify a configuration generation ConfigurationGenerationLabel = "terraform.appvia.io/generation" // ConfigurationNameLabel is the label used to identify a configuration ConfigurationNameLabel = "terraform.appvia.io/configuration" // ConfigurationUIDLabel is the uid of the configuration ConfigurationUIDLabel = "terraform.appvia.io/configuration-uid" // ConfigurationNamespaceLabel is the label used to identify a configuration namespace ConfigurationNamespaceLabel = "terraform.appvia.io/namespace" // ConfigurationStageLabel is the label used to identify a configuration stage ConfigurationStageLabel = "terraform.appvia.io/stage" // ConfigurationPlanLabel is the label which contains the plan name for a configuration ConfigurationPlanLabel = RevisionPlanNameLabel // ConfigurationRevisionLabelName is the name of the revision being used ConfigurationRevisionLabelName = RevisionLabel // ConfigurationRevisionVersion is the version of the revision ConfigurationRevisionVersion = "terranetes.appvia.io/revision-version" )
const ( // StageTerraformApply is the stage for a terraform apply StageTerraformApply = "apply" // StageTerraformDestroy is the stage for a terraform destroy StageTerraformDestroy = "destroy" // StageTerraformPlan is the stage for a terraform plan StageTerraformPlan = "plan" // StageTerraformVerify is the stage for a verify StageTerraformVerify = "verify" )
const ( // ContextDescription is the description field name ContextDescription = "description" // ContextValue is the value field name ContextValue = "value" )
const ( // DefaultVariablesAnnotation is the annotation applied when default variables are set DefaultVariablesAnnotation = "terraform.appvia.io/defaults" // SkipDefaultsValidationCheck is the annotation indicating to skip the check SkipDefaultsValidationCheck = "terraform.appvia.io/skip-defaults-check" )
const ( // SourceSecret is the source type for a secret SourceSecret = "secret" // SourceInjected indicates the source is pod identity SourceInjected = "injected" )
const ( // RevisionPlanNameLabel is the label for the plan name RevisionPlanNameLabel = "terraform.appvia.io/plan" // RevisionLabel is the label for the plan version RevisionLabel = "terraform.appvia.io/revision" // RevisionNameLabel is the label for the revision name RevisionNameLabel = "terraform.appvia.io/revision-name" )
const ( // RevisionSkipUpdateProtectionAnnotation is the annotation to skip update protection RevisionSkipUpdateProtectionAnnotation = "terraform.appvia.io/revision.skip-update-protection" // RevisionUsageExampleAnnotation is the annotation for the example RevisionUsageExampleAnnotation = "terraform.appvia.io/revision.usage" // RevisionChangeLogAnnotation is the annotation for the change log RevisionChangeLogAnnotation = "terraform.appvia.io/revision.changelog" // RevisionSourceLinkAnnotation is the annotation for the source link RevisionSourceLinkAnnotation = "terraform.appvia.io/revision.sourcelink" )
const CloudResourceKind = "CloudResource"
CloudResourceKind is the kind for a CloudResource
const ( // ConditionProviderPreload indicate the status of the provider preloading ConditionProviderPreload corev1alpha1.ConditionType = "PreloadReady" )
const ConfigurationKind = "Configuration"
ConfigurationKind is the kind for a Configuration
const ContextKind = "Context"
ContextKind is the kind for a Context
const GroupName = "terraform.appvia.io"
GroupName specifies the group name used to register the objects.
const PlanKind = "Plan"
PlanKind is the kind for a Plan
const PolicyKind = "Policy"
PolicyKind is the kind for a Policy
const ProviderKind = "Provider"
ProviderKind is the kind for a Provider
const (
// ProviderSecretSkipChecks is the annotation to skip checks on the secret keys
ProviderSecretSkipChecks = "providers.terraform.appvia.io/skip-checks"
)
const RevisionKind = "Revision"
RevisionKind is the kind for a revision
const (
// TerraformStateSecretKey is the key used by the terraform state secret
TerraformStateSecretKey = "tfstate"
)
Variables ¶
var ( // DefaultProviderAnnotation indicates the default provider for all unset configurations DefaultProviderAnnotation = "terranetes.appvia.io/default-provider" // PreloadJobLabel is used to label the preload job PreloadJobLabel = "terranetes.appvia.io/preload-job" // PreloadProviderLabel is used to label the preload provider PreloadProviderLabel = "terranetes.appvia.io/preload-provider-name" )
var ( // localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes. SchemeBuilder runtime.SchemeBuilder // Depreciated: use Install instead AddToScheme = localSchemeBuilder.AddToScheme Install = localSchemeBuilder.AddToScheme )
var CloudResourceGVK = schema.GroupVersionKind{ Group: GroupVersion.Group, Version: GroupVersion.Version, Kind: CloudResourceKind, }
CloudResourceGVK is the GVK for a CloudResource
var ConfigurationGVK = schema.GroupVersionKind{ Group: GroupVersion.Group, Version: GroupVersion.Version, Kind: ConfigurationKind, }
ConfigurationGVK is the GVK for a Configuration
var DefaultCloudResourceConditions = append( []corev1alpha1.ConditionSpec{ {Type: ConditionConfigurationReady, Name: "Configuration Ready"}, {Type: ConditionConfigurationStatus, Name: "Configuration Status"}, }, DefaultConfigurationConditions..., )
DefaultCloudResourceConditions are the default conditions for all cloud resources
var DefaultConfigurationConditions = []corev1alpha1.ConditionSpec{ {Type: ConditionProviderReady, Name: "Provider ready"}, {Type: ConditionTerraformPlan, Name: "Terraform Plan"}, {Type: ConditionTerraformPolicy, Name: "Security Policy"}, {Type: ConditionTerraformApply, Name: "Terraform Apply"}, {Type: corev1alpha1.ConditionReady, Name: "Ready"}, }
DefaultConfigurationConditions are the default conditions for all configurations
var DefaultInputsConditions = []corev1alpha1.ConditionSpec{ {Type: corev1alpha1.ConditionReady, Name: "Ready"}, }
DefaultInputsConditions are the default conditions for all contexts
var DefaultPlanConditions = []corev1alpha1.ConditionSpec{ {Type: corev1alpha1.ConditionReady, Name: "Ready"}, }
DefaultPlanConditions are the default conditions for all plans
var DefaultProviderConditions = []corev1alpha1.ConditionSpec{ {Type: corev1alpha1.ConditionReady, Name: "Provider Ready"}, {Type: ConditionProviderPreload, Name: "Preload Data"}, }
DefaultProviderConditions returns the default conditions for a provider
var DefaultRevisionConditions = []corev1alpha1.ConditionSpec{ {Type: corev1alpha1.ConditionReady, Name: "Ready"}, }
DefaultRevisionConditions are the default conditions for all revisions
var GroupVersion = v1.GroupVersion{Group: GroupName, Version: "v1alpha1"}
GroupVersion specifies the group and the version used to register the objects.
var PolicyGVK = schema.GroupVersionKind{ Group: GroupVersion.Group, Version: GroupVersion.Version, Kind: PolicyKind, }
PolicyGVK is the GVK for a Policy
var ProviderGVK = schema.GroupVersionKind{ Group: GroupVersion.Group, Version: GroupVersion.Version, Kind: ProviderKind, }
ProviderGVK is the GVK for a Provider
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
SchemeGroupVersion is group version used to register these objects Deprecated: use GroupVersion instead.
Functions ¶
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource takes an unqualified resource and returns a Group qualified GroupResource
Types ¶
type CloudResource ¶ added in v0.4.0
type CloudResource struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec CloudResourceSpec `json:"spec,omitempty"` Status CloudResourceStatus `json:"status,omitempty"` }
CloudResource is the schema for terraform definitions in terraform controller +k8s:openapi-gen=true +kubebuilder:object:root=true +kubebuilder:subresource:status +kubebuilder:resource:path=cloudresources,scope=Namespaced,categories={terraform} +kubebuilder:printcolumn:name="Plan",type="string",JSONPath=".spec.plan.name" +kubebuilder:printcolumn:name="Revision",type="string",JSONPath=".spec.plan.revision" +kubebuilder:printcolumn:name="Secret",type="string",JSONPath=".spec.writeConnectionSecretToRef.name" +kubebuilder:printcolumn:name="Configuration",type="string",JSONPath=".status.configurationName" +kubebuilder:printcolumn:name="Estimated",type="string",JSONPath=".status.costs.monthly" +kubebuilder:printcolumn:name="Update",type="string",JSONPath=".status.updateAvailable" +kubebuilder:printcolumn:name="Synchronized",type="string",JSONPath=".status.resourceStatus" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
func NewCloudResource ¶ added in v0.4.0
func NewCloudResource(namespace, name string) *CloudResource
NewCloudResource returns an empty configuration
func NewCloudResourceFromRevision ¶ added in v0.4.0
func NewCloudResourceFromRevision(revision *Revision) (*CloudResource, error)
NewCloudResourceFromRevision returns a new cloud resource from a revision
func (*CloudResource) DeepCopy ¶ added in v0.4.0
func (in *CloudResource) DeepCopy() *CloudResource
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudResource.
func (*CloudResource) DeepCopyInto ¶ added in v0.4.0
func (in *CloudResource) DeepCopyInto(out *CloudResource)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CloudResource) DeepCopyObject ¶ added in v0.4.0
func (in *CloudResource) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*CloudResource) GetCommonStatus ¶ added in v0.4.0
func (c *CloudResource) GetCommonStatus() *corev1alpha1.CommonStatus
GetCommonStatus returns the common status
func (*CloudResource) GetNamespacedName ¶ added in v0.4.0
func (c *CloudResource) GetNamespacedName() types.NamespacedName
GetNamespacedName returns the namespaced resource type
func (*CloudResource) GetTerraformConfigSecretName ¶ added in v0.4.0
func (c *CloudResource) GetTerraformConfigSecretName() string
GetTerraformConfigSecretName returns the name of the configuration secret
func (*CloudResource) GetTerraformCostSecretName ¶ added in v0.4.0
func (c *CloudResource) GetTerraformCostSecretName() string
GetTerraformCostSecretName returns the name which should be used for the costs report
func (*CloudResource) GetTerraformPolicySecretName ¶ added in v0.4.0
func (c *CloudResource) GetTerraformPolicySecretName() string
GetTerraformPolicySecretName returns the name of the secret holding the terraform state
func (*CloudResource) GetTerraformStateSecretName ¶ added in v0.4.0
func (c *CloudResource) GetTerraformStateSecretName() string
GetTerraformStateSecretName returns the name of the secret holding the terraform state
func (*CloudResource) HasApproval ¶ added in v0.4.0
func (c *CloudResource) HasApproval() bool
HasApproval returns true if the configuration has an approval
func (*CloudResource) HasRetryableAnnotation ¶ added in v0.4.0
func (c *CloudResource) HasRetryableAnnotation() bool
HasRetryableAnnotation returns true if the configuration has the retryable annotation
func (*CloudResource) IsRetryable ¶ added in v0.4.0
func (c *CloudResource) IsRetryable() bool
IsRetryable returns true if the configuration is in a state where it can be retried
func (*CloudResource) IsRetryableValid ¶ added in v0.4.0
func (c *CloudResource) IsRetryableValid() bool
IsRetryableValid returns true if the retryable annotation is valid
func (*CloudResource) NeedsApproval ¶ added in v0.4.0
func (c *CloudResource) NeedsApproval() bool
NeedsApproval returns true if the configuration needs approval
type CloudResourceList ¶ added in v0.4.0
type CloudResourceList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []CloudResource `json:"items"` }
CloudResourceList contains a list of cloudresources
func (*CloudResourceList) DeepCopy ¶ added in v0.4.0
func (in *CloudResourceList) DeepCopy() *CloudResourceList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudResourceList.
func (*CloudResourceList) DeepCopyInto ¶ added in v0.4.0
func (in *CloudResourceList) DeepCopyInto(out *CloudResourceList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CloudResourceList) DeepCopyObject ¶ added in v0.4.0
func (in *CloudResourceList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type CloudResourceRevisionStatus ¶ added in v0.4.0
type CloudResourceRevisionStatus struct { corev1alpha1.CommonStatus `json:",inline"` // Revision is the revision number of the configuration // +kubebuilder:validation:Optional Revision string `json:"revision,omitempty"` }
CloudResourceRevisionStatus defines the observed state of CloudResource
func (*CloudResourceRevisionStatus) DeepCopy ¶ added in v0.4.0
func (in *CloudResourceRevisionStatus) DeepCopy() *CloudResourceRevisionStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudResourceRevisionStatus.
func (*CloudResourceRevisionStatus) DeepCopyInto ¶ added in v0.4.0
func (in *CloudResourceRevisionStatus) DeepCopyInto(out *CloudResourceRevisionStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CloudResourceSpec ¶ added in v0.4.0
type CloudResourceSpec struct { // Auth is used to configure any options required when the source of the terraform // module is private or requires credentials to retrieve. This could be SSH keys or git // user/pass or AWS credentials for an s3 bucket. // +kubebuilder:validation:Optional Auth *v1.SecretReference `json:"auth,omitempty"` // EnableAutoApproval when enabled indicates the configuration does not need to be // manually approved. On a change to the configuration, the controller will automatically // approve the configuration. Note it still needs to adhere to any checks or policies. // +kubebuilder:validation:Optional EnableAutoApproval bool `json:"enableAutoApproval,omitempty"` // EnableDriftDetection when enabled run periodic reconciliation configurations looking // for any drift between the expected and current state. If any drift is detected the // status is changed and a kubernetes event raised. EnableDriftDetection bool `json:"enableDriftDetection,omitempty"` // Plan is the reference to the plan which this cloud resource is associated with. This // field is required, and needs both the name and version the plan revision to use // +kubebuilder:validation:Required Plan PlanReference `json:"plan"` // ProviderRef is the reference to the provider which should be used to execute this // configuration. // +kubebuilder:validation:Optional ProviderRef *ProviderReference `json:"providerRef,omitempty"` // WriteConnectionSecretToRef is the name for a secret. On execution of the terraform module // any module outputs are written to this secret. The outputs are automatically uppercased // and ready to be consumed as environment variables. // +kubebuilder:validation:Optional // WriteConnectionSecretRef is the secret where the terraform outputs will be written. // +kubebuilder:validation:Required WriteConnectionSecretToRef *WriteConnectionSecret `json:"writeConnectionSecretToRef,omitempty"` // Variables provides the inputs for the terraform module itself. These are passed to the // terraform executor and used to execute the plan, apply and destroy phases. // +kubebuilder:validation:Optional // +kubebuilder:pruning:PreserveUnknownFields Variables *runtime.RawExtension `json:"variables,omitempty"` // ValueFromSource is a collection of value from sources, where the source of the value // is taken from a secret // +kubebuilder:validation:Optional ValueFrom ValueFromList `json:"valueFrom,omitempty"` // TerraformVersion provides the ability to override the default terraform version. Before // changing this field its best to consult with platform administrator. As the // value of this field is used to change the tag of the terraform container image. // +kubebuilder:validation:Optional TerraformVersion string `json:"terraformVersion,omitempty"` }
CloudResourceSpec defines the desired state of a terraform +k8s:openapi-gen=true
func (*CloudResourceSpec) DeepCopy ¶ added in v0.4.0
func (in *CloudResourceSpec) DeepCopy() *CloudResourceSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudResourceSpec.
func (*CloudResourceSpec) DeepCopyInto ¶ added in v0.4.0
func (in *CloudResourceSpec) DeepCopyInto(out *CloudResourceSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CloudResourceSpec) HasValueFrom ¶ added in v0.4.0
func (c *CloudResourceSpec) HasValueFrom() bool
HasValueFrom returns true if the configuration has variables
func (*CloudResourceSpec) HasVariables ¶ added in v0.4.0
func (c *CloudResourceSpec) HasVariables() bool
HasVariables returns true if the configuration has variables
type CloudResourceStatus ¶ added in v0.4.0
type CloudResourceStatus struct { corev1alpha1.CommonStatus `json:",inline"` // ConfigurationName is the of the configuration this cloudresource is managing on behalf of // +kubebuilder:validation:Optional ConfigurationName string `json:"configurationName,omitempty"` // Configuration is the state taken from the underlying configuration // +kubebuilder:validation:Optional ConfigurationStatus ConfigurationStatus `json:"configurationStatus,omitempty"` // Costs is the predicted costs of this configuration. Note this field is only populated // when the integration has been configured by the administrator. // +kubebuilder:validation:Optional Costs *CostStatus `json:"costs,omitempty"` // Resources is the number of managed cloud resources which are currently under management. // This field is taken from the terraform state itself. // +kubebuilder:validation:Optional Resources *int `json:"resources,omitempty"` // ResourceStatus indicates the status of the resources and if the resources are insync with the // configuration // +kubebuilder:validation:Optional ResourceStatus ResourceStatus `json:"resourceStatus,omitempty"` // UpdateAvailable indicates if there is a new version of the plan available // +kubebuilder:validation:Optional UpdateAvailable string `json:"updateAvailable,omitempty"` }
CloudResourceStatus defines the observed state of a terraform +k8s:openapi-gen=true
func (*CloudResourceStatus) DeepCopy ¶ added in v0.4.0
func (in *CloudResourceStatus) DeepCopy() *CloudResourceStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudResourceStatus.
func (*CloudResourceStatus) DeepCopyInto ¶ added in v0.4.0
func (in *CloudResourceStatus) DeepCopyInto(out *CloudResourceStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Configuration ¶
type Configuration struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec ConfigurationSpec `json:"spec,omitempty"` Status ConfigurationStatus `json:"status,omitempty"` }
Configuration is the schema for terraform definitions in terraform controller +k8s:openapi-gen=true +kubebuilder:object:root=true +kubebuilder:subresource:status +kubebuilder:printcolumn:name="Module",type="string",JSONPath=".spec.module" +kubebuilder:printcolumn:name="Plan",type="string",JSONPath=".spec.plan.name",priority=1 +kubebuilder:printcolumn:name="Secret",type="string",JSONPath=".spec.writeConnectionSecretToRef.name" +kubebuilder:printcolumn:name="Drift Detection",type="boolean",JSONPath=".spec.enableDriftDetection" +kubebuilder:printcolumn:name="Estimated",type="string",JSONPath=".status.costs.monthly" +kubebuilder:printcolumn:name="Synchronized",type="string",JSONPath=".status.resourceStatus" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
func NewConfiguration ¶
func NewConfiguration(namespace, name string) *Configuration
NewConfiguration returns an empty configuration
func (*Configuration) DeepCopy ¶
func (in *Configuration) DeepCopy() *Configuration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Configuration.
func (*Configuration) DeepCopyInto ¶
func (in *Configuration) DeepCopyInto(out *Configuration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Configuration) DeepCopyObject ¶
func (in *Configuration) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*Configuration) GetCommonStatus ¶
func (c *Configuration) GetCommonStatus() *corev1alpha1.CommonStatus
GetCommonStatus returns the common status
func (*Configuration) GetNamespacedName ¶
func (c *Configuration) GetNamespacedName() types.NamespacedName
GetNamespacedName returns the namespaced resource type
func (*Configuration) GetTerraformConfigSecretName ¶
func (c *Configuration) GetTerraformConfigSecretName() string
GetTerraformConfigSecretName returns the name of the configuration secret
func (*Configuration) GetTerraformCostSecretName ¶
func (c *Configuration) GetTerraformCostSecretName() string
GetTerraformCostSecretName returns the name which should be used for the costs report
func (*Configuration) GetTerraformPolicySecretName ¶
func (c *Configuration) GetTerraformPolicySecretName() string
GetTerraformPolicySecretName returns the name of the secret holding the terraform state
func (*Configuration) GetTerraformStateSecretName ¶
func (c *Configuration) GetTerraformStateSecretName() string
GetTerraformStateSecretName returns the name of the secret holding the terraform state
func (*Configuration) HasApproval ¶
func (c *Configuration) HasApproval() bool
HasApproval returns true if the configuration has an approval
func (*Configuration) HasRetryableAnnotation ¶ added in v0.3.14
func (c *Configuration) HasRetryableAnnotation() bool
HasRetryableAnnotation returns true if the configuration has the retryable annotation
func (*Configuration) IsManaged ¶ added in v0.4.0
func (c *Configuration) IsManaged() bool
IsManaged returns true if the configuration is managed
func (*Configuration) IsRetryable ¶ added in v0.3.14
func (c *Configuration) IsRetryable() bool
IsRetryable returns true if the configuration is in a state where it can be retried
func (*Configuration) IsRetryableValid ¶ added in v0.3.14
func (c *Configuration) IsRetryableValid() bool
IsRetryableValid returns true if the retryable annotation is valid
func (*Configuration) NeedsApproval ¶
func (c *Configuration) NeedsApproval() bool
NeedsApproval returns true if the configuration needs approval
type ConfigurationList ¶
type ConfigurationList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []Configuration `json:"items"` }
ConfigurationList contains a list of configurations
func (*ConfigurationList) DeepCopy ¶
func (in *ConfigurationList) DeepCopy() *ConfigurationList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigurationList.
func (*ConfigurationList) DeepCopyInto ¶
func (in *ConfigurationList) DeepCopyInto(out *ConfigurationList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ConfigurationList) DeepCopyObject ¶
func (in *ConfigurationList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ConfigurationRevisionStatus ¶ added in v0.4.0
type ConfigurationRevisionStatus struct { // Revision is the revision number of the configuration // +kubebuilder:validation:Optional Revision string `json:"revision,omitempty"` }
ConfigurationRevisionStatus defines the observed state of Configuration
func (*ConfigurationRevisionStatus) DeepCopy ¶ added in v0.4.0
func (in *ConfigurationRevisionStatus) DeepCopy() *ConfigurationRevisionStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigurationRevisionStatus.
func (*ConfigurationRevisionStatus) DeepCopyInto ¶ added in v0.4.0
func (in *ConfigurationRevisionStatus) DeepCopyInto(out *ConfigurationRevisionStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ConfigurationSpec ¶
type ConfigurationSpec struct { // Auth is used to configure any options required when the source of the terraform // module is private or requires credentials to retrieve. This could be SSH keys or git // user/pass or AWS credentials for an s3 bucket. // +kubebuilder:validation:Optional Auth *v1.SecretReference `json:"auth,omitempty"` // EnableAutoApproval when enabled indicates the configuration does not need to be // manually approved. On a change to the configuration, the controller will automatically // approve the configuration. Note it still needs to adhere to any checks or policies. // +kubebuilder:validation:Optional EnableAutoApproval bool `json:"enableAutoApproval,omitempty"` // EnableDriftDetection when enabled run periodic reconciliation configurations looking // for any drift between the expected and current state. If any drift is detected the // status is changed and a kubernetes event raised. EnableDriftDetection bool `json:"enableDriftDetection,omitempty"` // Module is the URL to the source of the terraform module. The format of the URL is // a direct implementation of terraform's module reference. Please see the following // repository for more details https://github.com/hashicorp/go-getter // +kubebuilder:validation:Required Module string `json:"module"` // Plan is an optional reference to a plan this configuration is associated with. If // not set and a policy exists to enforce a plan, the configuration will be rejected. // +kubebuilder:validation:Optional Plan *PlanReference `json:"plan,omitempty"` // ProviderRef is the reference to the provider which should be used to execute this // configuration. // +kubebuilder:validation:Optional ProviderRef *ProviderReference `json:"providerRef,omitempty"` // WriteConnectionSecretToRef is the name for a secret. On execution of the terraform module // any module outputs are written to this secret. The outputs are automatically uppercased // and ready to be consumed as environment variables. // +kubebuilder:validation:Optional // WriteConnectionSecretRef is the secret where the terraform outputs will be written. // +kubebuilder:validation:Required WriteConnectionSecretToRef *WriteConnectionSecret `json:"writeConnectionSecretToRef,omitempty"` // Variables provides the inputs for the terraform module itself. These are passed to the // terraform executor and used to execute the plan, apply and destroy phases. // +kubebuilder:validation:Optional // +kubebuilder:pruning:PreserveUnknownFields Variables *runtime.RawExtension `json:"variables,omitempty"` // ValueFromSource is a collection of value from sources, where the source of the value // is taken from a secret // +kubebuilder:validation:Optional ValueFrom ValueFromList `json:"valueFrom,omitempty"` // TerraformVersion provides the ability to override the default terraform version. Before // changing this field its best to consult with platform administrator. As the // value of this field is used to change the tag of the terraform container image. // +kubebuilder:validation:Optional TerraformVersion string `json:"terraformVersion,omitempty"` }
ConfigurationSpec defines the desired state of a terraform +k8s:openapi-gen=true
func (*ConfigurationSpec) DeepCopy ¶
func (in *ConfigurationSpec) DeepCopy() *ConfigurationSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigurationSpec.
func (*ConfigurationSpec) DeepCopyInto ¶
func (in *ConfigurationSpec) DeepCopyInto(out *ConfigurationSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ConfigurationSpec) GetVariables ¶ added in v0.4.0
func (c *ConfigurationSpec) GetVariables() (map[string]interface{}, error)
GetVariables returns the variables for the configuration
func (*ConfigurationSpec) HasValueFrom ¶ added in v0.4.0
func (c *ConfigurationSpec) HasValueFrom() bool
HasValueFrom returns true if the configuration has a value from
func (*ConfigurationSpec) HasVariables ¶ added in v0.4.0
func (c *ConfigurationSpec) HasVariables() bool
HasVariables returns true if the configuration has variables
type ConfigurationStatus ¶
type ConfigurationStatus struct { corev1alpha1.CommonStatus `json:",inline"` // Costs is the predicted costs of this configuration. Note this field is only populated // when the integration has been configured by the administrator. // +kubebuilder:validation:Optional Costs *CostStatus `json:"costs,omitempty"` // DriftTimestamp is the timestamp of the last drift detection // +kubebuilder:validation:Optional DriftTimestamp string `json:"driftTimestamp,omitempty"` // Resources is the number of managed cloud resources which are currently under management. // This field is taken from the terraform state itself. // +kubebuilder:validation:Optional Resources *int `json:"resources,omitempty"` // ResourceStatus indicates the status of the resources and if the resources are insync with the // configuration ResourceStatus ResourceStatus `json:"resourceStatus,omitempty"` // TerraformVersion is the version of terraform which was last used to run this // configuration // +kubebuilder:validation:Optional TerraformVersion string `json:"terraformVersion,omitempty"` }
ConfigurationStatus defines the observed state of a terraform +k8s:openapi-gen=true
func (*ConfigurationStatus) DeepCopy ¶
func (in *ConfigurationStatus) DeepCopy() *ConfigurationStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigurationStatus.
func (*ConfigurationStatus) DeepCopyInto ¶
func (in *ConfigurationStatus) DeepCopyInto(out *ConfigurationStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Constraints ¶
type Constraints struct { // Modules provides the ability to control the source for all terraform modules. Allowing // platform teams to control where the modules can be downloaded from. // +kubebuilder:validation:Optional Modules *ModuleConstraint `json:"modules,omitempty"` // Checkov provides the ability to enforce a set of security standards on all configurations. // These can be configured to target specific resources based on namespace and resource // labels // +kubebuilder:validation:Optional Checkov *PolicyConstraint `json:"checkov,omitempty"` }
Constraints defined a collection of constraints which can be applied against the terraform configurations
func (*Constraints) DeepCopy ¶
func (in *Constraints) DeepCopy() *Constraints
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Constraints.
func (*Constraints) DeepCopyInto ¶
func (in *Constraints) DeepCopyInto(out *Constraints)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Context ¶ added in v0.3.25
type Context struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec ContextSpec `json:"spec,omitempty"` Status ContextStatus `json:"status,omitempty"` }
Context is the schema for the context type +k8s:openapi-gen=true +kubebuilder:object:root=true +kubebuilder:subresource:status +kubebuilder:resource:path=contexts,scope=Cluster,categories={terraform} +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
func NewContext ¶ added in v0.3.25
NewContext creates a new Context
func (*Context) DeepCopy ¶ added in v0.3.25
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Context.
func (*Context) DeepCopyInto ¶ added in v0.3.25
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Context) DeepCopyObject ¶ added in v0.3.25
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*Context) GetNamespacedName ¶ added in v0.3.25
func (c *Context) GetNamespacedName() types.NamespacedName
GetNamespacedName returns the namespaced resource type
type ContextList ¶ added in v0.3.25
type ContextList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []Context `json:"items"` }
ContextList contains a list of contexts
func (*ContextList) DeepCopy ¶ added in v0.3.25
func (in *ContextList) DeepCopy() *ContextList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContextList.
func (*ContextList) DeepCopyInto ¶ added in v0.3.25
func (in *ContextList) DeepCopyInto(out *ContextList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ContextList) DeepCopyObject ¶ added in v0.3.25
func (in *ContextList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*ContextList) GetItem ¶ added in v0.4.0
func (c *ContextList) GetItem(name string) (Context, bool)
GetItem returns the item if the list contains the item name
func (*ContextList) HasItem ¶ added in v0.4.0
func (c *ContextList) HasItem(name string) bool
HasItem returns true if the list contains the item name
func (*ContextList) Merge ¶ added in v0.4.0
func (c *ContextList) Merge(items []Context)
Merge is called to merge any items which don't exist in the list
type ContextSpec ¶ added in v0.3.25
type ContextSpec struct { // Variables is a list of variables which can be used globally by Context resources. // The structure of the variables is a map of key/value pairs, which MUST have both // a description and a value. // +kubebuilder:validation:Required Variables map[string]runtime.RawExtension `json:"variables"` }
ContextSpec defines the desired state for a context +k8s:openapi-gen=true
func (*ContextSpec) DeepCopy ¶ added in v0.3.25
func (in *ContextSpec) DeepCopy() *ContextSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContextSpec.
func (*ContextSpec) DeepCopyInto ¶ added in v0.3.25
func (in *ContextSpec) DeepCopyInto(out *ContextSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ContextSpec) GetVariable ¶ added in v0.4.0
func (c *ContextSpec) GetVariable(key string) (interface{}, bool, error)
GetVariable returns the variable value if it exists
func (*ContextSpec) GetVariableValue ¶ added in v0.3.25
func (c *ContextSpec) GetVariableValue(name string) (runtime.RawExtension, bool)
GetVariableValue returns the string value of the a variable
func (*ContextSpec) HasVariable ¶ added in v0.3.25
func (c *ContextSpec) HasVariable(name string) bool
HasVariable returns true if the context has variables defined
func (*ContextSpec) HasVariables ¶ added in v0.3.25
func (c *ContextSpec) HasVariables() bool
HasVariables returns true if the context has variables defined
type ContextStatus ¶ added in v0.3.25
type ContextStatus struct {
corev1alpha1.CommonStatus `json:",inline"`
}
ContextStatus defines the observed state of a terraform +k8s:openapi-gen=true
func (*ContextStatus) DeepCopy ¶ added in v0.3.25
func (in *ContextStatus) DeepCopy() *ContextStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContextStatus.
func (*ContextStatus) DeepCopyInto ¶ added in v0.3.25
func (in *ContextStatus) DeepCopyInto(out *ContextStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CostStatus ¶
type CostStatus struct { // Enabled indicates if the cost integration was enabled when this configuration was last // executed. // +kubebuilder:validation:Optional Enabled bool `json:"enabled,omitempty"` // Hourly is the hourly estimated cost of the configuration // +kubebuilder:validation:Optional Hourly string `json:"hourly,omitempty"` // Monthly is the monthly estimated cost of the configuration // +kubebuilder:validation:Optional Monthly string `json:"monthly,omitempty"` }
CostStatus defines the cost status of a configuration
func (*CostStatus) DeepCopy ¶
func (in *CostStatus) DeepCopy() *CostStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CostStatus.
func (*CostStatus) DeepCopyInto ¶
func (in *CostStatus) DeepCopyInto(out *CostStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type DefaultVariables ¶
type DefaultVariables struct { // Selector is used to determine which configurations the variables should be injected into // +kubebuilder:validation:Required Selector DefaultVariablesSelector `json:"selector"` // Secrets is a collection of secrets which are used to inject variables into the configuration // +kubebuilder:validation:Optional Secrets []string `json:"secrets,omitempty"` // Variables is a collection of variables to inject into the configuration // +kubebuilder:validation:Optional // +kubebuilder:pruning:PreserveUnknownFields Variables runtime.RawExtension `json:"variables,omitempty"` }
DefaultVariables provides platform administrators the ability to inject default variables into a configuration
func (*DefaultVariables) DeepCopy ¶
func (in *DefaultVariables) DeepCopy() *DefaultVariables
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DefaultVariables.
func (*DefaultVariables) DeepCopyInto ¶
func (in *DefaultVariables) DeepCopyInto(out *DefaultVariables)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*DefaultVariables) HasSelectors ¶ added in v0.4.0
func (d *DefaultVariables) HasSelectors() bool
HasSelectors returns true if the policy has selectors
func (*DefaultVariables) HasVariables ¶ added in v0.4.0
func (d *DefaultVariables) HasVariables() bool
HasVariables returns true if the policy has variables
type DefaultVariablesSelector ¶
type DefaultVariablesSelector struct { // Namespace selectors all configurations under one or more namespaces, determined by the // labeling on the namespace. // +kubebuilder:validation:Optional Namespace *metav1.LabelSelector `json:"namespace,omitempty"` // Modules provides a collection of regexes which are used to match against the // configuration module // +kubebuilder:validation:Optional Modules []string `json:"modules,omitempty"` }
DefaultVariablesSelector is used to determine which configurations the variables should be injected into - this can take into account the namespace labels and the modules themselvesA
func (*DefaultVariablesSelector) DeepCopy ¶
func (in *DefaultVariablesSelector) DeepCopy() *DefaultVariablesSelector
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DefaultVariablesSelector.
func (*DefaultVariablesSelector) DeepCopyInto ¶
func (in *DefaultVariablesSelector) DeepCopyInto(out *DefaultVariablesSelector)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (DefaultVariablesSelector) IsLabelsMatch ¶
func (d DefaultVariablesSelector) IsLabelsMatch(object client.Object) (bool, error)
IsLabelsMatch returns if the selector matches the namespace label selector
func (DefaultVariablesSelector) IsModulesMatch ¶
func (d DefaultVariablesSelector) IsModulesMatch(config *Configuration) (bool, error)
IsModulesMatch returns true of the module matches the regex
type ExternalCheck ¶
type ExternalCheck struct { // Name provides a arbitrary name to the checks - note, this name is used as the directory // name when we source the code // +kubebuilder:validation:Required Name string `json:"name,omitempty"` // URL is the source external checks - this is usually a git repository. The notation // for this is https://github.com/hashicorp/go-getter // +kubebuilder:validation:Required URL string `json:"url,omitempty"` // SecretRef is reference to secret which contains environment variables used by the source // command to retrieve the code. This could be cloud credentials, ssh keys, git username // and password etc // +kubebuilder:validation:Optional SecretRef *v1.SecretReference `json:"secretRef,omitempty"` }
ExternalCheck defines the definition for an external check - this comprises of the source and any optional secret
func (*ExternalCheck) DeepCopy ¶
func (in *ExternalCheck) DeepCopy() *ExternalCheck
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalCheck.
func (*ExternalCheck) DeepCopyInto ¶
func (in *ExternalCheck) DeepCopyInto(out *ExternalCheck)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ExternalSource ¶ added in v0.3.7
type ExternalSource struct { // Configuration is the configuration to use within the source directory // +kubebuilder:validation:Required Configuration string `json:"configuration,omitempty"` // URL is the source external checks - this is usually a git repository. The notation // for this is https://github.com/hashicorp/go-getter // +kubebuilder:validation:Required URL string `json:"url,omitempty"` // SecretRef is reference to secret which contains environment variables used by the source // command to retrieve the code. This could be cloud credentials, ssh keys, git username // and password etc // +kubebuilder:validation:Optional SecretRef *v1.SecretReference `json:"secretRef,omitempty"` }
ExternalSource is a external source for the checkov configuration
func (*ExternalSource) DeepCopy ¶ added in v0.3.7
func (in *ExternalSource) DeepCopy() *ExternalSource
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSource.
func (*ExternalSource) DeepCopyInto ¶ added in v0.3.7
func (in *ExternalSource) DeepCopyInto(out *ExternalSource)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type JobMetadata ¶ added in v0.4.2
type JobMetadata struct { // Labels is a collection of labels which are automatically added to all jobs. // +kubebuilder:validation:Optional Labels map[string]string `json:"labels,omitempty"` // Annotations is a collection of annotations which are automatically added to all jobs. // +kubebuilder:validation:Optional Annotations map[string]string `json:"annotations,omitempty"` }
JobMetadata is a collection of labels and annotations which are automatically added to all jobs whom are created and use this provider. This can be useful to inject cloud vendor specific labels and annotations to the jobs; Azure workload identity, or AWS IAM roles for service accounts.
func (*JobMetadata) DeepCopy ¶ added in v0.4.2
func (in *JobMetadata) DeepCopy() *JobMetadata
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JobMetadata.
func (*JobMetadata) DeepCopyInto ¶ added in v0.4.2
func (in *JobMetadata) DeepCopyInto(out *JobMetadata)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ModuleConstraint ¶
type ModuleConstraint struct { // Allowed is a collection of regexes which are applied to the source of the terraform // configuration. The configuration MUST match one or more of the regexes in order to // be allowed to run. // +kubebuilder:validation:Optional Allowed []string `json:"allowed,omitempty"` // Selector is the selector on the namespace or labels on the configuration. By leaving // this field empty you are implicitly selecting all configurations. // +kubebuilder:validation:Optional Selector *Selector `json:"selector,omitempty"` }
ModuleConstraint provides a collection of constraints on modules
func (*ModuleConstraint) DeepCopy ¶
func (in *ModuleConstraint) DeepCopy() *ModuleConstraint
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ModuleConstraint.
func (*ModuleConstraint) DeepCopyInto ¶
func (in *ModuleConstraint) DeepCopyInto(out *ModuleConstraint)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Plan ¶ added in v0.4.0
type Plan struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec PlanSpec `json:"spec,omitempty"` Status PlanStatus `json:"status,omitempty"` }
Plan is the schema for the plan type +k8s:openapi-gen=true +kubebuilder:object:root=true +kubebuilder:subresource:status +kubebuilder:resource:path=plans,scope=Cluster,categories={terraform} +kubebuilder:printcolumn:name="Latest",type="string",JSONPath=".status.latest.revision" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
func (*Plan) DeepCopy ¶ added in v0.4.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Plan.
func (*Plan) DeepCopyInto ¶ added in v0.4.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Plan) DeepCopyObject ¶ added in v0.4.0
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*Plan) GetCommonStatus ¶ added in v0.4.0
func (c *Plan) GetCommonStatus() *corev1alpha1.CommonStatus
GetCommonStatus returns the common status
func (*Plan) GetNamespacedName ¶ added in v0.4.0
func (c *Plan) GetNamespacedName() types.NamespacedName
GetNamespacedName returns the namespaced resource type
func (*Plan) GetRevision ¶ added in v0.4.0
func (c *Plan) GetRevision(version string) (PlanRevision, bool)
GetRevision returns the revision with the specified version
func (*Plan) HasRevision ¶ added in v0.4.0
HasRevision returns true if the plan has the specified revision
func (*Plan) ListRevisions ¶ added in v0.4.0
ListRevisions returns a list of revisions
func (*Plan) RemoveRevision ¶ added in v0.4.0
RemoveRevision removes the specified revision from the plan
type PlanList ¶ added in v0.4.0
type PlanList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []Plan `json:"items"` }
PlanList contains a list of plans
func (*PlanList) DeepCopy ¶ added in v0.4.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PlanList.
func (*PlanList) DeepCopyInto ¶ added in v0.4.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*PlanList) DeepCopyObject ¶ added in v0.4.0
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type PlanReference ¶ added in v0.4.0
type PlanReference struct { // Name is the name of the plan this configuration is associated with // +kubebuilder:validation:Required Name string `json:"name"` // Revision is the revision of the plan this configuration is associated with // +kubebuilder:validation:Required Revision string `json:"revision"` }
PlanReference are the fields related to a configuration plan
func (*PlanReference) DeepCopy ¶ added in v0.4.0
func (in *PlanReference) DeepCopy() *PlanReference
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PlanReference.
func (*PlanReference) DeepCopyInto ¶ added in v0.4.0
func (in *PlanReference) DeepCopyInto(out *PlanReference)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*PlanReference) IsValid ¶ added in v0.4.0
func (p *PlanReference) IsValid() error
IsValid returns an error if the plan reference is not valid
type PlanRevision ¶ added in v0.4.0
type PlanRevision struct { // Name is the name of the revision containing the configuration //+kubebuilder:validation:Required Name string `json:"name"` // Revision is the version of the revision //+kubebuilder:validation:Required Revision string `json:"revision"` }
PlanRevision is a reference to a revision of a plan existing in the system
func (*PlanRevision) DeepCopy ¶ added in v0.4.0
func (in *PlanRevision) DeepCopy() *PlanRevision
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PlanRevision.
func (*PlanRevision) DeepCopyInto ¶ added in v0.4.0
func (in *PlanRevision) DeepCopyInto(out *PlanRevision)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PlanSpec ¶ added in v0.4.0
type PlanSpec struct { // Revisions is a collection of revision associated with this plan Revisions []PlanRevision `json:"revisions,omitempty"` }
PlanSpec defines the desired state for a context +k8s:openapi-gen=true
func (*PlanSpec) DeepCopy ¶ added in v0.4.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PlanSpec.
func (*PlanSpec) DeepCopyInto ¶ added in v0.4.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PlanStatus ¶ added in v0.4.0
type PlanStatus struct { corev1alpha1.CommonStatus `json:",inline"` // Latest is the latest revision from this plan // +kubebuilder:validation:Optional Latest PlanRevision `json:"latest,omitempty"` }
PlanStatus defines the observed state of a terraform +k8s:openapi-gen=true
func (*PlanStatus) DeepCopy ¶ added in v0.4.0
func (in *PlanStatus) DeepCopy() *PlanStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PlanStatus.
func (*PlanStatus) DeepCopyInto ¶ added in v0.4.0
func (in *PlanStatus) DeepCopyInto(out *PlanStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Policy ¶
type Policy struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec PolicySpec `json:"spec,omitempty"` Status PolicyStatus `json:"status,omitempty"` }
Policy is the schema for provider definitions in terraform controller +k8s:openapi-gen=true +kubebuilder:object:root=true +kubebuilder:subresource:status +kubebuilder:resource:path=policies,scope=Cluster,categories={terraform} +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
func (*Policy) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy.
func (*Policy) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Policy) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*Policy) GetCommonStatus ¶
func (p *Policy) GetCommonStatus() *corev1alpha1.CommonStatus
GetCommonStatus returns the common status
type PolicyConstraint ¶
type PolicyConstraint struct { // Checks is a list of checks which should be applied against the configuration. Note, an // empty list here implies checkov should run ALL checks. // Please see https://www.checkov.io/5.Policy%20Index/terraform.html // +kubebuilder:validation:Optional Checks []string `json:"checks,omitempty"` // External is a collection of external checks which should be included in the scan. Each // of the external sources and retrieved and sourced into /run/policy/NAME where they can // be included as part of the scan // +kubebuilder:validation:Optional External []ExternalCheck `json:"external,omitempty"` // Selector is the selector on the namespace or labels on the configuration. By leaving this // fields empty you can implicitly selecting all configurations. // +kubebuilder:validation:Optional Selector *Selector `json:"selector,omitempty"` // SkipChecks is a collection of checkov checks which you can defined as skipped. The security // scan will ignore any failures on these checks. // +kubebuilder:validation:Optional SkipChecks []string `json:"skipChecks,omitempty"` // Source indicates an external source for the checkov configurations // +kubebuilder:validation:Optional Source *ExternalSource `json:"source,omitempty"` }
PolicyConstraint defines the checkov policies the configurations must comply with
func (*PolicyConstraint) DeepCopy ¶
func (in *PolicyConstraint) DeepCopy() *PolicyConstraint
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyConstraint.
func (*PolicyConstraint) DeepCopyInto ¶
func (in *PolicyConstraint) DeepCopyInto(out *PolicyConstraint)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*PolicyConstraint) ExternalCheckNames ¶
func (p *PolicyConstraint) ExternalCheckNames() []string
ExternalCheckNames returns the name of the external check names
type PolicyList ¶
type PolicyList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []Policy `json:"items"` }
PolicyList contains a list of providers
func (*PolicyList) DeepCopy ¶
func (in *PolicyList) DeepCopy() *PolicyList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyList.
func (*PolicyList) DeepCopyInto ¶
func (in *PolicyList) DeepCopyInto(out *PolicyList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*PolicyList) DeepCopyObject ¶
func (in *PolicyList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*PolicyList) HasItem ¶ added in v0.4.0
func (c *PolicyList) HasItem(name string) bool
HasItem returns true if the list contains the item name
func (*PolicyList) Merge ¶ added in v0.4.0
func (c *PolicyList) Merge(items []Policy)
Merge is called to merge any items which don't exist in the list
type PolicySpec ¶
type PolicySpec struct { // Summary is an optional field which can be used to define a summary of what the policy is // configured to enforce. // +kubebuilder:validation:Optional Summary string `json:"summary,omitempty"` // Constraints provides a series or constraints that must be enforced on the selectored // terraform configurations. // +kubebuilder:validation:Optional Constraints *Constraints `json:"constraints,omitempty"` // Defaults provides the ability to target specific terraform module based on namespace or // resource labels and automatically inject variables into the configurations. // +kubebuilder:validation:Optional Defaults []DefaultVariables `json:"defaults,omitempty"` }
PolicySpec defines the desired state of a provider +k8s:openapi-gen=true
func (*PolicySpec) DeepCopy ¶
func (in *PolicySpec) DeepCopy() *PolicySpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicySpec.
func (*PolicySpec) DeepCopyInto ¶
func (in *PolicySpec) DeepCopyInto(out *PolicySpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PolicyStatus ¶
type PolicyStatus struct {
corev1alpha1.CommonStatus `json:",inline"`
}
PolicyStatus defines the observed state of a provider +k8s:openapi-gen=true
func (*PolicyStatus) DeepCopy ¶
func (in *PolicyStatus) DeepCopy() *PolicyStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyStatus.
func (*PolicyStatus) DeepCopyInto ¶
func (in *PolicyStatus) DeepCopyInto(out *PolicyStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PreloadConfiguration ¶ added in v0.3.25
type PreloadConfiguration struct { // Cluster is the name of the kubernetes cluster we use to pivot the data around // +kubebuilder:validation:Optional Cluster string `json:"cluster,omitempty"` // Context is the context name of the Context we should create from the preload // implementation // +kubebuilder:validation:Optional Context string `json:"context,omitempty"` // Enabled indicates if the preloader is enabled // +kubebuilder:validation:Optional Enabled *bool `json:"enabled,omitempty"` // Interval is the interval to run the preloader // +kubebuilder:validation:Optional Interval *metav1.Duration `json:"interval,omitempty"` // Region is the cloud region the cluster is location in // +kubebuilder:validation:Optional Region string `json:"region,omitempty"` }
PreloadConfiguration defines the definitions for preload options
func (*PreloadConfiguration) DeepCopy ¶ added in v0.3.25
func (in *PreloadConfiguration) DeepCopy() *PreloadConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PreloadConfiguration.
func (*PreloadConfiguration) DeepCopyInto ¶ added in v0.3.25
func (in *PreloadConfiguration) DeepCopyInto(out *PreloadConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*PreloadConfiguration) GetIntervalOrDefault ¶ added in v0.3.25
func (p *PreloadConfiguration) GetIntervalOrDefault(value time.Duration) time.Duration
GetIntervalOrDefault returns the interval or the default
type Provider ¶
type Provider struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec ProviderSpec `json:"spec,omitempty"` Status ProviderStatus `json:"status,omitempty"` }
Provider is the schema for provider definitions in terraform controller +k8s:openapi-gen=true +kubebuilder:object:root=true +kubebuilder:subresource:status +kubebuilder:resource:path=providers,scope=Cluster,categories={terraform} +kubebuilder:printcolumn:name="Source",type="string",JSONPath=".spec.source" +kubebuilder:printcolumn:name="Provider",type="string",JSONPath=".spec.provider" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
func (*Provider) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Provider.
func (*Provider) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Provider) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*Provider) GetCommonStatus ¶
func (p *Provider) GetCommonStatus() *corev1alpha1.CommonStatus
GetCommonStatus returns the common status
func (*Provider) GetConfiguration ¶
GetConfiguration returns the provider configuration is any
func (*Provider) GetNamespacedName ¶
func (p *Provider) GetNamespacedName() types.NamespacedName
GetNamespacedName returns the namespaced name type
func (*Provider) HasBackendTemplate ¶ added in v0.4.1
HasBackendTemplate returns true if the provider has a backend template
func (*Provider) HasConfiguration ¶
HasConfiguration returns true if the provider has custom configuration
func (*Provider) IsPreloadingEnabled ¶ added in v0.3.25
IsPreloadingEnabled returns true if the provider is enabled for preloading
func (*Provider) JobAnnotations ¶ added in v0.4.2
JobAnnotations returns the annotations which are automatically added to all jobs
type ProviderList ¶
type ProviderList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []Provider `json:"items"` }
ProviderList contains a list of providers
func (*ProviderList) DeepCopy ¶
func (in *ProviderList) DeepCopy() *ProviderList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderList.
func (*ProviderList) DeepCopyInto ¶
func (in *ProviderList) DeepCopyInto(out *ProviderList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ProviderList) DeepCopyObject ¶
func (in *ProviderList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*ProviderList) GetItem ¶ added in v0.4.0
func (c *ProviderList) GetItem(name string) (Provider, bool)
GetItem returns the item by name from the list
func (*ProviderList) HasItem ¶ added in v0.4.0
func (c *ProviderList) HasItem(name string) bool
HasItem returns true if the list contains the item name
func (*ProviderList) Merge ¶ added in v0.4.0
func (c *ProviderList) Merge(items []Provider)
Merge is called to merge any items which don't exist in the list
type ProviderReference ¶
type ProviderReference struct { // Name is the name of the provider which contains the credentials to use for this // configuration. // +kubebuilder:validation:Required Name string `json:"name"` // Namespace is the namespace of the provider itself. // +kubebuilder:validation:Optional // +kubebuilder:deprecatedversion:warning="namespace is a deprecated field for provider references" Namespace string `json:"namespace,omitempty"` }
ProviderReference is the reference to the provider which is used to create the configuration
func (*ProviderReference) DeepCopy ¶
func (in *ProviderReference) DeepCopy() *ProviderReference
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderReference.
func (*ProviderReference) DeepCopyInto ¶
func (in *ProviderReference) DeepCopyInto(out *ProviderReference)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ProviderReference) IsValid ¶ added in v0.4.0
func (p *ProviderReference) IsValid() error
IsValid returns an error if the provider is invalid
type ProviderSpec ¶
type ProviderSpec struct { // Configuration is optional configuration to the provider. This is terraform provider specific. // +kubebuilder:validation:Optional // +kubebuilder:pruning:PreserveUnknownFields Configuration *runtime.RawExtension `json:"configuration,omitempty"` // BackendTemplate is the reference to a backend template used for the terraform // state storage. This field can override the default backend template, which is supplied as // a command line argument to the controller binary. The contents of the secret MUST be a // single field 'backend.tf' which contains the backend template. // +kubebuilder:validation:Optional BackendTemplate *v1.SecretReference `json:"backendTemplate,omitempty"` // Job defined a custom collection of labels and annotations to be applied to all jobs // which are created and 'use' this provider. // +kubebuilder:validation:Optional Job *JobMetadata `json:"job,omitempty"` // Preload defines the configuration for the preloading of contextual data from the cloud vendor. // +kubebuilder:validation:Optional Preload *PreloadConfiguration `json:"preload,omitempty"` // ProviderType defines the cloud provider which is being used, currently supported providers are // aws, google or azurerm. // +kubebuilder:validation:Required Provider ProviderType `json:"provider"` // SecretRef is a reference to a kubernetes secret. This is required only when using the source: secret. // The secret should include the environment variables required to by the terraform provider. // +kubebuilder:validation:Optional SecretRef *v1.SecretReference `json:"secretRef,omitempty"` // Selector provider the ability to filter who can use this provider. If empty, all users // in the cluster is permitted to use the provider. Otherrise you can specify a selector // which can use namespace and resource labels // +kubebuilder:validation:Optional Selector *Selector `json:"selector,omitempty"` // ServiceAccount is the name of a service account to use when the provider source is 'injected'. The // service account should exist in the terraform controller namespace and be configure per cloud vendor // requirements for pod identity. // +kubebuilder:validation:Optional ServiceAccount *string `json:"serviceAccount,omitempty"` // Source defines the type of credentials the provider is wrapper, this could be wrapping a static secret // or using a managed identity. The currently supported values are secret and injected. // +kubebuilder:validation:Required Source SourceType `json:"source"` // Summary provides a human readable description of the provider // +kubebuilder:validation:Optional Summary string `json:"summary,omitempty"` }
ProviderSpec defines the desired state of a provider +k8s:openapi-gen=true
func (*ProviderSpec) DeepCopy ¶
func (in *ProviderSpec) DeepCopy() *ProviderSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderSpec.
func (*ProviderSpec) DeepCopyInto ¶
func (in *ProviderSpec) DeepCopyInto(out *ProviderSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ProviderStatus ¶
type ProviderStatus struct { corev1alpha1.CommonStatus `json:",inline"` // LastPreloadTime is the last time the provider was used to run a preload // job // +kubebuilder:validation:Optional LastPreloadTime *metav1.Time `json:"lastPreloadTime,omitempty"` }
ProviderStatus defines the observed state of a provider +k8s:openapi-gen=true
func (*ProviderStatus) DeepCopy ¶
func (in *ProviderStatus) DeepCopy() *ProviderStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderStatus.
func (*ProviderStatus) DeepCopyInto ¶
func (in *ProviderStatus) DeepCopyInto(out *ProviderStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ProviderType ¶
type ProviderType string
ProviderType is the type of cloud
const ( // AliCloudProviderType is the Alibaba Cloud provider type AliCloudProviderType ProviderType = "alicloud" // AzureProviderType is the Azure provider type AzureProviderType ProviderType = "azurerm" // AzureCloudStackProviderType is the Azure Cloud Stack provider type AzureCloudStackProviderType ProviderType = "azurestack" // AWSProviderType is the AWS provider type AWSProviderType ProviderType = "aws" // AzureActiveDirectoryProviderType is the Azure Active Directory provider type AzureActiveDirectoryProviderType ProviderType = "azuread" // GCPProviderType is the GCP provider type GCPProviderType ProviderType = "google" // GoogleWorkpspaceProviderType is the Google Workspace provider type GoogleWorkpspaceProviderType ProviderType = "googleworkspace" // KubernetesProviderType is the Kubernetes provider type KubernetesProviderType ProviderType = "kubernetes" // VaultProviderType is the Vault provider type VaultProviderType ProviderType = "vault" // VSphereProviderType is the VSphere provider type VSphereProviderType ProviderType = "vsphere" )
func (*ProviderType) String ¶ added in v0.3.25
func (p *ProviderType) String() string
String returns the string representation of the provider type
type ResourceStatus ¶
type ResourceStatus string
ResourceStatus is the status of the resources
const ( // ResourcesInSync is the status when the configuration is in sync ResourcesInSync ResourceStatus = "InSync" // ResourcesOutOfSync is the status when the configuration is out of sync ResourcesOutOfSync ResourceStatus = "OutOfSync" // DestroyingResources is the status when the configuration is being destroyed DestroyingResources ResourceStatus = "Deleting" // DestroyingResourcesFailed is the status when the configuration is being destroyed and failed DestroyingResourcesFailed ResourceStatus = "DeletionFailed" // UnknownResourceStatus is the status when the configuration is unknown UnknownResourceStatus ResourceStatus = "" )
type Revision ¶ added in v0.4.0
type Revision struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec RevisionSpec `json:"spec,omitempty"` Status RevisionStatus `json:"status,omitempty"` }
Revision is the schema for a revision +k8s:openapi-gen=true +kubebuilder:object:root=true +kubebuilder:resource:path=revisions,scope=Cluster,categories={terraform} +kubebuilder:subresource:status +kubebuilder:printcolumn:name="Plan",type="string",JSONPath=".spec.plan.name" +kubebuilder:printcolumn:name="Description",type="string",JSONPath=".spec.plan.description" +kubebuilder:printcolumn:name="Version",type="string",JSONPath=".spec.plan.revision" +kubebuilder:printcolumn:name="InUse",type="integer",JSONPath=".status.inUse" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
func NewRevision ¶ added in v0.4.0
NewRevision returns an empty configuration
func (*Revision) DeepCopy ¶ added in v0.4.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Revision.
func (*Revision) DeepCopyInto ¶ added in v0.4.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Revision) DeepCopyObject ¶ added in v0.4.0
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*Revision) GetCommonStatus ¶ added in v0.4.0
func (c *Revision) GetCommonStatus() *corev1alpha1.CommonStatus
GetCommonStatus returns the common status
func (*Revision) GetNamespacedName ¶ added in v0.4.0
func (c *Revision) GetNamespacedName() types.NamespacedName
GetNamespacedName returns the namespaced resource type
func (*Revision) ListOfInputs ¶ added in v0.4.0
ListOfInputs is a list of inputs for this revision
type RevisionContextDependency ¶ added in v0.4.0
type RevisionContextDependency struct { // Name is the name of the context resource we are dependent on // +kubebuilder:validation:Required Name string `json:"name"` // Cloud is the name of the cloud vendor we are dependent on, such as aws, azurerm, which // the context resource is associated with // +kubebuilder:validation:Optional Cloud string `json:"cloud,omitempty"` }
RevisionContextDependency is a dependency on a context resource
func (*RevisionContextDependency) DeepCopy ¶ added in v0.4.0
func (in *RevisionContextDependency) DeepCopy() *RevisionContextDependency
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevisionContextDependency.
func (*RevisionContextDependency) DeepCopyInto ¶ added in v0.4.0
func (in *RevisionContextDependency) DeepCopyInto(out *RevisionContextDependency)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RevisionDefinition ¶ added in v0.4.0
type RevisionDefinition struct { // Name is the name which this revision is grouped by, such as mysql, redis, etc. Multiple // revisions can be grouped by the same name, presented as a list of revisions for a single // plan name // +kubebuilder:validation:Required Name string `json:"name"` // Description is a short description of the revision and its purpose, capabilities, etc. // +kubebuilder:validation:Required Description string `json:"description"` // Categories is a list of categories which this revision is grouped by, such as database, // cache, etc. // +kubebuilder:validation:Optional Categories []string `json:"categories,omitempty"` // ChangeLog provides a human readable list of changes for this revision // +kubebuilder:validation:Optional ChangeLog string `json:"changeLog,omitempty"` // Revision is the version of the revision, such as 1.0.0, 1.0.1, etc. // +kubebuilder:validation:Required Revision string `json:"revision"` }
RevisionDefinition retains all the information related to the configuration plan such as description, version, category, etc.
func (*RevisionDefinition) DeepCopy ¶ added in v0.4.0
func (in *RevisionDefinition) DeepCopy() *RevisionDefinition
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevisionDefinition.
func (*RevisionDefinition) DeepCopyInto ¶ added in v0.4.0
func (in *RevisionDefinition) DeepCopyInto(out *RevisionDefinition)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RevisionDependency ¶ added in v0.4.0
type RevisionDependency struct { // Revision indicates this revision has a dependency on a context resource // +kubebuilder:validation:Optional Context *RevisionContextDependency `json:"context,omitempty"` // Provider indicates this revision has a dependency on a provider resource // +kubebuilder:validation:Optional Provider *RevisionProviderDependency `json:"provider,omitempty"` // Terranetes indicates this revision has a dependency on a terranetes controller // +kubebuilder:validation:Optional Terranetes *RevisionTerranetesDependency `json:"terranetes,omitempty"` }
RevisionDependency defined a dependency for this revision. Currently we support Provider, Revision or Terranetes version
func (*RevisionDependency) DeepCopy ¶ added in v0.4.0
func (in *RevisionDependency) DeepCopy() *RevisionDependency
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevisionDependency.
func (*RevisionDependency) DeepCopyInto ¶ added in v0.4.0
func (in *RevisionDependency) DeepCopyInto(out *RevisionDependency)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RevisionInput ¶ added in v0.4.0
type RevisionInput struct { // Default is the default value for this input, this is a map which must contain // the field 'value' => 'default value'. Default values can be any simple of complex // type, such as string, int, bool, etc. // +kubebuilder:validation:Optional Default *runtime.RawExtension `json:"default,omitempty"` // Description is a short description of the input and its purpose, capabilities, etc. // +kubebuilder:validation:Required Description string `json:"description"` // Key is the name of the variable when presented to the terraform module. If this field // is not specified, the name will be used as the key instead // +kubebuilder:validation:Optional Key string `json:"key,omitempty"` // Required indicates whether this input is required or not by the revision // +kubebuilder:validation:Optional Required *bool `json:"required,omitempty"` // Type is the format of the input, such as string, int, bool, etc. // +kubebuilder:validation:Optional Type *string `json:"type,omitempty"` }
RevisionInput is a user defined input for a revision, such as a database name or a cache size etc.
func (*RevisionInput) DeepCopy ¶ added in v0.4.0
func (in *RevisionInput) DeepCopy() *RevisionInput
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevisionInput.
func (*RevisionInput) DeepCopyInto ¶ added in v0.4.0
func (in *RevisionInput) DeepCopyInto(out *RevisionInput)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*RevisionInput) GetKeyName ¶ added in v0.4.0
func (c *RevisionInput) GetKeyName() string
GetKeyName returns either the key or defaults to the name
func (*RevisionInput) IsRequired ¶ added in v0.4.0
func (c *RevisionInput) IsRequired() bool
IsRequired returns true if the input is required
type RevisionList ¶ added in v0.4.0
type RevisionList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []Revision `json:"items"` }
RevisionList contains a list of revisions
func (*RevisionList) DeepCopy ¶ added in v0.4.0
func (in *RevisionList) DeepCopy() *RevisionList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevisionList.
func (*RevisionList) DeepCopyInto ¶ added in v0.4.0
func (in *RevisionList) DeepCopyInto(out *RevisionList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*RevisionList) DeepCopyObject ¶ added in v0.4.0
func (in *RevisionList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type RevisionProviderDependency ¶ added in v0.4.0
type RevisionProviderDependency struct { // Cloud is the name of the cloud vendor we are dependent on, such as aws, azurerm, The // controller we ensure we have the provider installed before we can apply the configuration // +kubebuilder:validation:Required Cloud string `json:"cloud"` }
RevisionProviderDependency is a dependency on a provider
func (*RevisionProviderDependency) DeepCopy ¶ added in v0.4.0
func (in *RevisionProviderDependency) DeepCopy() *RevisionProviderDependency
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevisionProviderDependency.
func (*RevisionProviderDependency) DeepCopyInto ¶ added in v0.4.0
func (in *RevisionProviderDependency) DeepCopyInto(out *RevisionProviderDependency)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RevisionSpec ¶ added in v0.4.0
type RevisionSpec struct { // Configuration is the configuration which this revision is providing to the // consumer. // +kubebuilder:validation:Required Configuration ConfigurationSpec `json:"configuration"` // Dependencies is a collection of dependencies which this revision depends on // such as a Provider, Terranetes version, or Revision // +kubebuilder:validation:Optional Dependencies []RevisionDependency `json:"dependencies,omitempty"` // Inputs is a collection of inputs which this revision the consumer of this // revision can or must provide. This is usually limited to contextual information // such as a name for the database, the size required, a bucket name, or policy. // +kubebuilder:validation:Optional Inputs []RevisionInput `json:"inputs,omitempty"` // Plan contains the information related to the name, version, description of // the revision. // +kubebuilder:validation:Required Plan RevisionDefinition `json:"plan"` }
RevisionSpec defines the desired state of a configuration plan revision +k8s:openapi-gen=tr
func (*RevisionSpec) DeepCopy ¶ added in v0.4.0
func (in *RevisionSpec) DeepCopy() *RevisionSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevisionSpec.
func (*RevisionSpec) DeepCopyInto ¶ added in v0.4.0
func (in *RevisionSpec) DeepCopyInto(out *RevisionSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*RevisionSpec) GetInput ¶ added in v0.4.0
func (r *RevisionSpec) GetInput(key string) (RevisionInput, bool)
GetInput returns the input for the given key
func (*RevisionSpec) GetInputDefaultValue ¶ added in v0.4.0
func (r *RevisionSpec) GetInputDefaultValue(key string) (interface{}, bool, error)
GetInputDefaultValue returns the default value for the input
type RevisionStatus ¶ added in v0.4.0
type RevisionStatus struct { corev1alpha1.CommonStatus `json:",inline"` // InUse is the number of cloud resources which are currently using this revision // +kubebuilder:validation:Optional InUse int `json:"inUse,omitempty"` }
RevisionStatus defines the observed state of a terraform +k8s:openapi-gen=true
func (*RevisionStatus) DeepCopy ¶ added in v0.4.0
func (in *RevisionStatus) DeepCopy() *RevisionStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevisionStatus.
func (*RevisionStatus) DeepCopyInto ¶ added in v0.4.0
func (in *RevisionStatus) DeepCopyInto(out *RevisionStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RevisionTerranetesDependency ¶ added in v0.4.0
type RevisionTerranetesDependency struct { // Version is used to specify the version of the terranetes resource we are dependent on. // This format is based on Semantic Versioning 2.0.0 and can use '>=', '>', '<=', and '<' // +kubebuilder:validation:Required Version string `json:"version"` }
RevisionTerranetesDependency is a dependency on a terranetes controller
func (*RevisionTerranetesDependency) DeepCopy ¶ added in v0.4.0
func (in *RevisionTerranetesDependency) DeepCopy() *RevisionTerranetesDependency
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevisionTerranetesDependency.
func (*RevisionTerranetesDependency) DeepCopyInto ¶ added in v0.4.0
func (in *RevisionTerranetesDependency) DeepCopyInto(out *RevisionTerranetesDependency)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Selector ¶
type Selector struct { // Namespace is used to filter a configuration based on the namespace labels of // where it exists // +kubebuilder:validation:Optional Namespace *metav1.LabelSelector `json:"namespace,omitempty"` // Resource provides the ability to filter a configuration based on it's labels // +kubebuilder:validation:Optional Resource *metav1.LabelSelector `json:"resource,omitempty"` }
Selector defines the definition for a selector on configuration labels of the namespace the resource resides
func (*Selector) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Selector.
func (*Selector) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ValueFromList ¶ added in v0.4.0
type ValueFromList []ValueFromSource
ValueFromList is a list of value from sources
func (ValueFromList) DeepCopy ¶ added in v0.4.0
func (in ValueFromList) DeepCopy() ValueFromList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValueFromList.
func (ValueFromList) DeepCopyInto ¶ added in v0.4.0
func (in ValueFromList) DeepCopyInto(out *ValueFromList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ValueFromList) HasContextReferences ¶ added in v0.4.0
func (v *ValueFromList) HasContextReferences() bool
HasContextReferences returns true if the configuration has context references
func (*ValueFromList) HasSecretReferences ¶ added in v0.4.0
func (v *ValueFromList) HasSecretReferences() bool
HasSecretReferences returns true if the configuration has secret references
func (*ValueFromList) IsValid ¶ added in v0.4.0
func (v *ValueFromList) IsValid() error
IsValid checks the value from source is valid, else returns an error
type ValueFromSource ¶
type ValueFromSource struct { // Context is the context is the name of the terraform context where the // value should be retrieved from Context *string `json:"context,omitempty"` // Optional indicates the secret can be optional, i.e if the secret does not exist, or the key is // not contained in the secret, we ignore the error // +kubebuilder:validation:Optional Optional bool `json:"optional,omitempty"` // Key is the key in the secret which we should used for the value // +kubebuilder:validation:Required Key string `json:"key"` // Name is the name which we use when injecting the value into the terraform code // i.e. the secret may contain data.DB_HOST but you call this database_hostname. Note, // for backwards compatiability if no name is provided, we using the key at the name Name string `json:"name,omitempty"` // Secret is the name of the secret in the configuration namespace // +kubebuilder:validation:Optional Secret *string `json:"secret,omitempty"` }
ValueFromSource defines a value which is taken from a secret
func (*ValueFromSource) DeepCopy ¶
func (in *ValueFromSource) DeepCopy() *ValueFromSource
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValueFromSource.
func (*ValueFromSource) DeepCopyInto ¶
func (in *ValueFromSource) DeepCopyInto(out *ValueFromSource)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ValueFromSource) GetName ¶ added in v0.3.23
func (v *ValueFromSource) GetName() string
GetName returns the name or the key if not set
func (*ValueFromSource) IsValid ¶ added in v0.4.0
func (v *ValueFromSource) IsValid(path string) error
IsValid checks if all the value from are valid, else returns an error
type WriteConnectionSecret ¶
type WriteConnectionSecret struct { // Name is the of the secret where you want to the terraform output to be written. The terraform outputs // will be written to the secret as a key value pair. All are uppercased can read to be consumed by the // workload. // +kubebuilder:validation:Required Name string `json:"name"` // Keys is a collection of name used to filter the terraform output. By default all keys from the // output of the terraform state are written to the connection secret. Here we can define exactly // which keys we want from that output. // +kubebuilder:validation:Optional Keys []string `json:"keys,omitempty"` }
WriteConnectionSecret defines the options around the secret produced by the terraform code
func (*WriteConnectionSecret) AddKey ¶ added in v0.3.15
func (w *WriteConnectionSecret) AddKey(key, override string)
AddKey adds a key to the list
func (*WriteConnectionSecret) DeepCopy ¶
func (in *WriteConnectionSecret) DeepCopy() *WriteConnectionSecret
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WriteConnectionSecret.
func (*WriteConnectionSecret) DeepCopyInto ¶
func (in *WriteConnectionSecret) DeepCopyInto(out *WriteConnectionSecret)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*WriteConnectionSecret) HasKeys ¶
func (w *WriteConnectionSecret) HasKeys() bool
HasKeys returns true if the keys are not empty
func (*WriteConnectionSecret) IsValid ¶ added in v0.4.0
func (w *WriteConnectionSecret) IsValid() error
IsValid checks if the write connection secret is valid
Source Files ¶
- cloudresource_conditions.go
- cloudresource_types.go
- configuration_conditions.go
- configuration_types.go
- constraint_types.go
- context_conditions.go
- context_types.go
- doc.go
- plan_conditions.go
- plan_types.go
- policy_types.go
- provider_types.go
- providers_conditions.go
- revision_conditions.go
- revision_types.go
- zz_generated.deepcopy.go
- zz_generated_register.go