v1alpha1

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 18, 2024 License: GPL-2.0 Imports: 17 Imported by: 0

Documentation

Overview

Package v1alpha1 contains API Schema definitions for the terraform v1alpha1 API group +k8s:deepcopy-gen=package,register +groupName=terraform.appvia.io

Index

Constants

View Source
const (
	// ConditionConfigurationReady indicate the status of the configuration
	ConditionConfigurationReady corev1alpha1.ConditionType = "ConfigurationReady"
	// ConditionConfigurationStatus indicate the status of the configuration
	ConditionConfigurationStatus corev1alpha1.ConditionType = "ConfigurationStatus"
)
View Source
const (
	// CloudResourceNameLabel is the label used to identify the cloud resource the
	// configuration belongs to
	CloudResourceNameLabel = "terraform.appvia.io/cloud-resource-name"
	// CloudResourcePlanNameLabel is the name of the plan the cloud resource is associated with
	CloudResourcePlanNameLabel = RevisionPlanNameLabel
	// CloudResourceRevisionLabel is the revision version of the cloud resource is
	// associated with
	CloudResourceRevisionLabel = RevisionLabel
	// CloudResourceRevisionNameLabel is the revision name of the cloud resource is
	// associated with
	CloudResourceRevisionNameLabel = RevisionNameLabel
)
View Source
const (
	// ConditionProviderReady indicate the status of the provider
	ConditionProviderReady corev1alpha1.ConditionType = "ProviderReady"
	// ConditionTerraformPlan indicates the status of the terraform plan
	ConditionTerraformPlan corev1alpha1.ConditionType = "TerraformPlan"
	// ConditionTerraformPolicy indicates the status of the terraform apply
	ConditionTerraformPolicy corev1alpha1.ConditionType = "SecurityPolicy"
	// ConditionTerraformApply indicates the status of the terraform apply
	ConditionTerraformApply corev1alpha1.ConditionType = "TerraformApply"
)
View Source
const (
	// ApplyAnnotation is the annotation used to mark a resource as a plan rather than apply
	ApplyAnnotation = "terraform.appvia.io/apply"
	// DriftAnnotation is the annotation used to mark a resource for drift detection
	DriftAnnotation = "terraform.appvia.io/drift"
	// ReconcileAnnotation is the label used control reconciliation
	ReconcileAnnotation = "terraform.appvia.io/reconcile"
	// RetryAnnotation is the annotation used to mark a resource for retry
	RetryAnnotation = "terraform.appvia.io/retry"
	// OrphanAnnotation is the label used to orphan a configuration
	OrphanAnnotation = "terraform.appvia.io/orphan"
	// VersionAnnotation is the label used to hold the version
	VersionAnnotation = "terraform.appvia.io/version"
)
View Source
const (
	// TerraformStateSecretKey is the key used by the terraform state secret
	TerraformStateSecretKey = "tfstate"

	// TerraformPlanJSONSecretKey is the key used by the terraform plan JSON secret
	TerraformPlanJSONSecretKey = "plan.json"
)
View Source
const (
	// CheckovJobTemplateConfigMapKey is the key name for the job template in the configmap
	CheckovJobTemplateConfigMapKey = "checkov.yaml"
	// TerraformBackendSecretKey is the key name for the terraform backend in the secret
	TerraformBackendSecretKey = "backend.tf"
	// TerraformVariablesConfigMapKey is the key name for the terraform variables in the configmap
	TerraformVariablesConfigMapKey = "variables.tfvars.json"
	// TerraformTFVarsConfigMapKey is the key name for any TFVars file in the configmap
	TerraformTFVarsConfigMapKey = "variables.tfvars"
	// TerraformProviderConfigMapKey is the key name for the terraform variables in the configmap
	TerraformProviderConfigMapKey = "provider.tf.json"
	// TerraformJobTemplateConfigMapKey is the key name for the job template in the configmap
	TerraformJobTemplateConfigMapKey = "job.yaml"
)
View Source
const (
	// ConfigurationGenerationLabel is the label used to identify a configuration generation
	ConfigurationGenerationLabel = "terraform.appvia.io/generation"
	// ConfigurationNameLabel is the label used to identify a configuration
	ConfigurationNameLabel = "terraform.appvia.io/configuration"
	// ConfigurationUIDLabel is the uid of the configuration
	ConfigurationUIDLabel = "terraform.appvia.io/configuration-uid"
	// ConfigurationNamespaceLabel is the label used to identify a configuration namespace
	ConfigurationNamespaceLabel = "terraform.appvia.io/namespace"
	// ConfigurationStageLabel is the label used to identify a configuration stage
	ConfigurationStageLabel = "terraform.appvia.io/stage"
	// ConfigurationPlanLabel is the label which contains the plan name for a configuration
	ConfigurationPlanLabel = RevisionPlanNameLabel
	// ConfigurationRevisionLabelName is the name of the revision being used
	ConfigurationRevisionLabelName = RevisionLabel
	// ConfigurationRevisionVersion is the version of the revision
	ConfigurationRevisionVersion = "terranetes.appvia.io/revision-version"
)
View Source
const (
	// JobPlanIDLabel is a label used on the apply Job and holds the timestamp
	// of when the plan was generated.
	JobPlanIDLabel = "terraform.appvia.io/plan-id"
	// JobTemplateHashLabel is the label used to hold a hash of the current Job
	// template, this allows re-running the plan Jobs when the template changes.
	JobTemplateHashLabel = "terraform.appvia.io/template-hash"
)
View Source
const (
	// StageTerraformApply is the stage for a terraform apply
	StageTerraformApply = "apply"
	// StageTerraformDestroy is the stage for a terraform destroy
	StageTerraformDestroy = "destroy"
	// StageTerraformPlan is the stage for a terraform plan
	StageTerraformPlan = "plan"
	// StageTerraformVerify is the stage for a verify
	StageTerraformVerify = "verify"
)
View Source
const (
	// ContextDescription is the description field name
	ContextDescription = "description"
	// ContextValue is the value field name
	ContextValue = "value"
)
View Source
const (
	// DefaultVariablesAnnotation is the annotation applied when default variables are set
	DefaultVariablesAnnotation = "terraform.appvia.io/defaults"
	// SkipDefaultsValidationCheck is the annotation indicating to skip the check
	SkipDefaultsValidationCheck = "terraform.appvia.io/skip-defaults-check"
)
View Source
const (
	// SourceSecret is the source type for a secret
	SourceSecret = "secret"
	// SourceInjected indicates the source is pod identity
	SourceInjected = "injected"
)
View Source
const (
	// RevisionPlanNameLabel is the label for the plan name
	RevisionPlanNameLabel = "terraform.appvia.io/plan"
	// RevisionLabel is the label for the plan version
	RevisionLabel = "terraform.appvia.io/revision"
	// RevisionNameLabel is the label for the revision name
	RevisionNameLabel = "terraform.appvia.io/revision-name"
)
View Source
const (
	// RevisionSkipUpdateProtectionAnnotation is the annotation to skip update protection
	RevisionSkipUpdateProtectionAnnotation = "terraform.appvia.io/revision.skip-update-protection"
	// RevisionUsageExampleAnnotation is the annotation for the example
	RevisionUsageExampleAnnotation = "terraform.appvia.io/revision.usage"
	// RevisionChangeLogAnnotation is the annotation for the change log
	RevisionChangeLogAnnotation = "terraform.appvia.io/revision.changelog"
	// RevisionSourceLinkAnnotation is the annotation for the source link
	RevisionSourceLinkAnnotation = "terraform.appvia.io/revision.sourcelink"
)
View Source
const CloudResourceKind = "CloudResource"

CloudResourceKind is the kind for a CloudResource

View Source
const (
	// ConditionProviderPreload indicate the status of the provider preloading
	ConditionProviderPreload corev1alpha1.ConditionType = "PreloadReady"
)
View Source
const ConfigurationKind = "Configuration"

ConfigurationKind is the kind for a Configuration

View Source
const ContextKind = "Context"

ContextKind is the kind for a Context

View Source
const GroupName = "terraform.appvia.io"

GroupName specifies the group name used to register the objects.

View Source
const PlanKind = "Plan"

PlanKind is the kind for a Plan

View Source
const PolicyKind = "Policy"

PolicyKind is the kind for a Policy

View Source
const ProviderKind = "Provider"

ProviderKind is the kind for a Provider

View Source
const (
	// ProviderSecretSkipChecks is the annotation to skip checks on the secret keys
	ProviderSecretSkipChecks = "providers.terraform.appvia.io/skip-checks"
)
View Source
const RevisionKind = "Revision"

RevisionKind is the kind for a revision

Variables

View Source
var (
	// DefaultProviderAnnotation indicates the default provider for all unset configurations
	DefaultProviderAnnotation = "terranetes.appvia.io/default-provider"
	// PreloadJobLabel is used to label the preload job
	PreloadJobLabel = "terranetes.appvia.io/preload-job"
	// PreloadProviderLabel is used to label the preload provider
	PreloadProviderLabel = "terranetes.appvia.io/preload-provider-name"
)
View Source
var (
	// localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes.
	SchemeBuilder runtime.SchemeBuilder

	// Depreciated: use Install instead
	AddToScheme = localSchemeBuilder.AddToScheme
	Install     = localSchemeBuilder.AddToScheme
)
View Source
var CloudResourceGVK = schema.GroupVersionKind{
	Group:   GroupVersion.Group,
	Version: GroupVersion.Version,
	Kind:    CloudResourceKind,
}

CloudResourceGVK is the GVK for a CloudResource

View Source
var ConfigurationGVK = schema.GroupVersionKind{
	Group:   GroupVersion.Group,
	Version: GroupVersion.Version,
	Kind:    ConfigurationKind,
}

ConfigurationGVK is the GVK for a Configuration

View Source
var DefaultCloudResourceConditions = append(
	[]corev1alpha1.ConditionSpec{
		{Type: ConditionConfigurationReady, Name: "Configuration Ready"},
		{Type: ConditionConfigurationStatus, Name: "Configuration Status"},
	},
	DefaultConfigurationConditions...,
)

DefaultCloudResourceConditions are the default conditions for all cloud resources

View Source
var DefaultConfigurationConditions = []corev1alpha1.ConditionSpec{
	{Type: ConditionProviderReady, Name: "Provider ready"},
	{Type: ConditionTerraformPlan, Name: "Terraform Plan"},
	{Type: ConditionTerraformPolicy, Name: "Security Policy"},
	{Type: ConditionTerraformApply, Name: "Terraform Apply"},
	{Type: corev1alpha1.ConditionReady, Name: "Ready"},
}

DefaultConfigurationConditions are the default conditions for all configurations

View Source
var DefaultInputsConditions = []corev1alpha1.ConditionSpec{
	{Type: corev1alpha1.ConditionReady, Name: "Ready"},
}

DefaultInputsConditions are the default conditions for all contexts

View Source
var DefaultPlanConditions = []corev1alpha1.ConditionSpec{
	{Type: corev1alpha1.ConditionReady, Name: "Ready"},
}

DefaultPlanConditions are the default conditions for all plans

View Source
var DefaultProviderConditions = []corev1alpha1.ConditionSpec{
	{Type: corev1alpha1.ConditionReady, Name: "Provider Ready"},
	{Type: ConditionProviderPreload, Name: "Preload Data"},
}

DefaultProviderConditions returns the default conditions for a provider

View Source
var DefaultRevisionConditions = []corev1alpha1.ConditionSpec{
	{Type: corev1alpha1.ConditionReady, Name: "Ready"},
}

DefaultRevisionConditions are the default conditions for all revisions

View Source
var GroupVersion = v1.GroupVersion{Group: GroupName, Version: "v1alpha1"}

GroupVersion specifies the group and the version used to register the objects.

View Source
var PolicyGVK = schema.GroupVersionKind{
	Group:   GroupVersion.Group,
	Version: GroupVersion.Version,
	Kind:    PolicyKind,
}

PolicyGVK is the GVK for a Policy

View Source
var ProviderGVK = schema.GroupVersionKind{
	Group:   GroupVersion.Group,
	Version: GroupVersion.Version,
	Kind:    ProviderKind,
}

ProviderGVK is the GVK for a Provider

View Source
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}

SchemeGroupVersion is group version used to register these objects Deprecated: use GroupVersion instead.

Functions

func Resource

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types

type CloudResource added in v0.4.0

type CloudResource struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   CloudResourceSpec   `json:"spec,omitempty"`
	Status CloudResourceStatus `json:"status,omitempty"`
}

CloudResource is the schema for terraform definitions in terraform controller +k8s:openapi-gen=true +kubebuilder:object:root=true +kubebuilder:subresource:status +kubebuilder:resource:path=cloudresources,scope=Namespaced,categories={terraform} +kubebuilder:printcolumn:name="Plan",type="string",JSONPath=".spec.plan.name" +kubebuilder:printcolumn:name="Revision",type="string",JSONPath=".spec.plan.revision" +kubebuilder:printcolumn:name="Secret",type="string",JSONPath=".spec.writeConnectionSecretToRef.name" +kubebuilder:printcolumn:name="Configuration",type="string",JSONPath=".status.configurationName" +kubebuilder:printcolumn:name="Estimated",type="string",JSONPath=".status.costs.monthly" +kubebuilder:printcolumn:name="Update",type="string",JSONPath=".status.updateAvailable" +kubebuilder:printcolumn:name="Synchronized",type="string",JSONPath=".status.resourceStatus" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"

func NewCloudResource added in v0.4.0

func NewCloudResource(namespace, name string) *CloudResource

NewCloudResource returns an empty configuration

func NewCloudResourceFromRevision added in v0.4.0

func NewCloudResourceFromRevision(revision *Revision) (*CloudResource, error)

NewCloudResourceFromRevision returns a new cloud resource from a revision

func (*CloudResource) DeepCopy added in v0.4.0

func (in *CloudResource) DeepCopy() *CloudResource

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudResource.

func (*CloudResource) DeepCopyInto added in v0.4.0

func (in *CloudResource) DeepCopyInto(out *CloudResource)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CloudResource) DeepCopyObject added in v0.4.0

func (in *CloudResource) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*CloudResource) GetCommonStatus added in v0.4.0

func (c *CloudResource) GetCommonStatus() *corev1alpha1.CommonStatus

GetCommonStatus returns the common status

func (*CloudResource) GetNamespacedName added in v0.4.0

func (c *CloudResource) GetNamespacedName() types.NamespacedName

GetNamespacedName returns the namespaced resource type

func (*CloudResource) GetTerraformConfigSecretName added in v0.4.0

func (c *CloudResource) GetTerraformConfigSecretName() string

GetTerraformConfigSecretName returns the name of the configuration secret

func (*CloudResource) GetTerraformCostSecretName added in v0.4.0

func (c *CloudResource) GetTerraformCostSecretName() string

GetTerraformCostSecretName returns the name which should be used for the costs report

func (*CloudResource) GetTerraformPolicySecretName added in v0.4.0

func (c *CloudResource) GetTerraformPolicySecretName() string

GetTerraformPolicySecretName returns the name of the secret holding the terraform state

func (*CloudResource) GetTerraformStateSecretName added in v0.4.0

func (c *CloudResource) GetTerraformStateSecretName() string

GetTerraformStateSecretName returns the name of the secret holding the terraform state

func (*CloudResource) HasApproval added in v0.4.0

func (c *CloudResource) HasApproval() bool

HasApproval returns true if the configuration has an approval

func (*CloudResource) HasRetryableAnnotation added in v0.4.0

func (c *CloudResource) HasRetryableAnnotation() bool

HasRetryableAnnotation returns true if the configuration has the retryable annotation

func (*CloudResource) IsRetryable added in v0.4.0

func (c *CloudResource) IsRetryable() bool

IsRetryable returns true if the configuration is in a state where it can be retried

func (*CloudResource) IsRetryableValid added in v0.4.0

func (c *CloudResource) IsRetryableValid() bool

IsRetryableValid returns true if the retryable annotation is valid

func (*CloudResource) NeedsApproval added in v0.4.0

func (c *CloudResource) NeedsApproval() bool

NeedsApproval returns true if the configuration needs approval

type CloudResourceList added in v0.4.0

type CloudResourceList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []CloudResource `json:"items"`
}

CloudResourceList contains a list of cloudresources

func (*CloudResourceList) DeepCopy added in v0.4.0

func (in *CloudResourceList) DeepCopy() *CloudResourceList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudResourceList.

func (*CloudResourceList) DeepCopyInto added in v0.4.0

func (in *CloudResourceList) DeepCopyInto(out *CloudResourceList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CloudResourceList) DeepCopyObject added in v0.4.0

func (in *CloudResourceList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CloudResourceRevisionStatus added in v0.4.0

type CloudResourceRevisionStatus struct {
	corev1alpha1.CommonStatus `json:",inline"`
	// Revision is the revision number of the configuration
	// +kubebuilder:validation:Optional
	Revision string `json:"revision,omitempty"`
}

CloudResourceRevisionStatus defines the observed state of CloudResource

func (*CloudResourceRevisionStatus) DeepCopy added in v0.4.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudResourceRevisionStatus.

func (*CloudResourceRevisionStatus) DeepCopyInto added in v0.4.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CloudResourceSpec added in v0.4.0

type CloudResourceSpec struct {
	// Auth is used to configure any options required when the source of the terraform
	// module is private or requires credentials to retrieve. This could be SSH keys or git
	// user/pass or AWS credentials for an s3 bucket.
	// +kubebuilder:validation:Optional
	Auth *v1.SecretReference `json:"auth,omitempty"`
	// EnableAutoApproval when enabled indicates the configuration does not need to be
	// manually approved. On a change to the configuration, the controller will automatically
	// approve the configuration. Note it still needs to adhere to any checks or policies.
	// +kubebuilder:validation:Optional
	EnableAutoApproval bool `json:"enableAutoApproval,omitempty"`
	// EnableDriftDetection when enabled run periodic reconciliation configurations looking
	// for any drift between the expected and current state. If any drift is detected the
	// status is changed and a kubernetes event raised.
	EnableDriftDetection bool `json:"enableDriftDetection,omitempty"`
	// Plan is the reference to the plan which this cloud resource is associated with. This
	// field is required, and needs both the name and version the plan revision to use
	// +kubebuilder:validation:Required
	Plan PlanReference `json:"plan"`
	// ProviderRef is the reference to the provider which should be used to execute this
	// configuration.
	// +kubebuilder:validation:Optional
	ProviderRef *ProviderReference `json:"providerRef,omitempty"`
	// WriteConnectionSecretToRef is the name for a secret. On execution of the terraform module
	// any module outputs are written to this secret. The outputs are automatically uppercased
	// and ready to be consumed as environment variables.
	// +kubebuilder:validation:Optional
	// WriteConnectionSecretRef is the secret where the terraform outputs will be written.
	// +kubebuilder:validation:Required
	WriteConnectionSecretToRef *WriteConnectionSecret `json:"writeConnectionSecretToRef,omitempty"`
	// Variables provides the inputs for the terraform module itself. These are passed to the
	// terraform executor and used to execute the plan, apply and destroy phases.
	// +kubebuilder:validation:Optional
	// +kubebuilder:pruning:PreserveUnknownFields
	Variables *runtime.RawExtension `json:"variables,omitempty"`
	// ValueFromSource is a collection of value from sources, where the source of the value
	// is taken from a secret
	// +kubebuilder:validation:Optional
	ValueFrom ValueFromList `json:"valueFrom,omitempty"`
	// TerraformVersion provides the ability to override the default terraform version. Before
	// changing this field its best to consult with platform administrator. As the
	// value of this field is used to change the tag of the terraform container image.
	// +kubebuilder:validation:Optional
	TerraformVersion string `json:"terraformVersion,omitempty"`
}

CloudResourceSpec defines the desired state of a terraform +k8s:openapi-gen=true

func (*CloudResourceSpec) DeepCopy added in v0.4.0

func (in *CloudResourceSpec) DeepCopy() *CloudResourceSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudResourceSpec.

func (*CloudResourceSpec) DeepCopyInto added in v0.4.0

func (in *CloudResourceSpec) DeepCopyInto(out *CloudResourceSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CloudResourceSpec) HasValueFrom added in v0.4.0

func (c *CloudResourceSpec) HasValueFrom() bool

HasValueFrom returns true if the configuration has variables

func (*CloudResourceSpec) HasVariables added in v0.4.0

func (c *CloudResourceSpec) HasVariables() bool

HasVariables returns true if the configuration has variables

type CloudResourceStatus added in v0.4.0

type CloudResourceStatus struct {
	corev1alpha1.CommonStatus `json:",inline"`
	// ConfigurationName is the of the configuration this cloudresource is managing on behalf of
	// +kubebuilder:validation:Optional
	ConfigurationName string `json:"configurationName,omitempty"`
	// Configuration is the state taken from the underlying configuration
	// +kubebuilder:validation:Optional
	ConfigurationStatus ConfigurationStatus `json:"configurationStatus,omitempty"`
	// Costs is the predicted costs of this configuration. Note this field is only populated
	// when the integration has been configured by the administrator.
	// +kubebuilder:validation:Optional
	Costs *CostStatus `json:"costs,omitempty"`
	// Resources is the number of managed cloud resources which are currently under management.
	// This field is taken from the terraform state itself.
	// +kubebuilder:validation:Optional
	Resources *int `json:"resources,omitempty"`
	// ResourceStatus indicates the status of the resources and if the resources are insync with the
	// configuration
	// +kubebuilder:validation:Optional
	ResourceStatus ResourceStatus `json:"resourceStatus,omitempty"`
	// UpdateAvailable indicates if there is a new version of the plan available
	// +kubebuilder:validation:Optional
	UpdateAvailable string `json:"updateAvailable,omitempty"`
}

CloudResourceStatus defines the observed state of a terraform +k8s:openapi-gen=true

func (*CloudResourceStatus) DeepCopy added in v0.4.0

func (in *CloudResourceStatus) DeepCopy() *CloudResourceStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudResourceStatus.

func (*CloudResourceStatus) DeepCopyInto added in v0.4.0

func (in *CloudResourceStatus) DeepCopyInto(out *CloudResourceStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Configuration

type Configuration struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   ConfigurationSpec   `json:"spec,omitempty"`
	Status ConfigurationStatus `json:"status,omitempty"`
}

Configuration is the schema for terraform definitions in terraform controller +k8s:openapi-gen=true +kubebuilder:object:root=true +kubebuilder:subresource:status +kubebuilder:printcolumn:name="Module",type="string",JSONPath=".spec.module" +kubebuilder:printcolumn:name="Plan",type="string",JSONPath=".spec.plan.name",priority=1 +kubebuilder:printcolumn:name="Secret",type="string",JSONPath=".spec.writeConnectionSecretToRef.name" +kubebuilder:printcolumn:name="Drift Detection",type="boolean",JSONPath=".spec.enableDriftDetection" +kubebuilder:printcolumn:name="Estimated",type="string",JSONPath=".status.costs.monthly" +kubebuilder:printcolumn:name="Synchronized",type="string",JSONPath=".status.resourceStatus" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"

func NewConfiguration

func NewConfiguration(namespace, name string) *Configuration

NewConfiguration returns an empty configuration

func (*Configuration) DeepCopy

func (in *Configuration) DeepCopy() *Configuration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Configuration.

func (*Configuration) DeepCopyInto

func (in *Configuration) DeepCopyInto(out *Configuration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Configuration) DeepCopyObject

func (in *Configuration) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Configuration) GetCommonStatus

func (c *Configuration) GetCommonStatus() *corev1alpha1.CommonStatus

GetCommonStatus returns the common status

func (*Configuration) GetNamespacedName

func (c *Configuration) GetNamespacedName() types.NamespacedName

GetNamespacedName returns the namespaced resource type

func (*Configuration) GetTerraformConfigSecretName

func (c *Configuration) GetTerraformConfigSecretName() string

GetTerraformConfigSecretName returns the name of the configuration secret

func (*Configuration) GetTerraformCostSecretName

func (c *Configuration) GetTerraformCostSecretName() string

GetTerraformCostSecretName returns the name which should be used for the costs report

func (*Configuration) GetTerraformPlanJSONSecretName added in v0.4.10

func (c *Configuration) GetTerraformPlanJSONSecretName() string

GetTerraformPlanJSONSecretName returns the name of the secret holding the terraform plan JSON

func (*Configuration) GetTerraformPlanOutSecretName added in v0.4.10

func (c *Configuration) GetTerraformPlanOutSecretName() string

GetTerraformPlanOutSecretName returns the name of the secret holding the terraform plan binary output

func (*Configuration) GetTerraformPolicySecretName

func (c *Configuration) GetTerraformPolicySecretName() string

GetTerraformPolicySecretName returns the name of the secret holding the terraform state

func (*Configuration) GetTerraformStateSecretName

func (c *Configuration) GetTerraformStateSecretName() string

GetTerraformStateSecretName returns the name of the secret holding the terraform state

func (*Configuration) HasApproval

func (c *Configuration) HasApproval() bool

HasApproval returns true if the configuration has an approval

func (*Configuration) HasRetryableAnnotation added in v0.3.14

func (c *Configuration) HasRetryableAnnotation() bool

HasRetryableAnnotation returns true if the configuration has the retryable annotation

func (*Configuration) IsManaged added in v0.4.0

func (c *Configuration) IsManaged() bool

IsManaged returns true if the configuration is managed

func (*Configuration) IsRetryable added in v0.3.14

func (c *Configuration) IsRetryable() bool

IsRetryable returns true if the configuration is in a state where it can be retried

func (*Configuration) IsRetryableValid added in v0.3.14

func (c *Configuration) IsRetryableValid() bool

IsRetryableValid returns true if the retryable annotation is valid

func (*Configuration) NeedsApproval

func (c *Configuration) NeedsApproval() bool

NeedsApproval returns true if the configuration needs approval

type ConfigurationList

type ConfigurationList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Configuration `json:"items"`
}

ConfigurationList contains a list of configurations

func (*ConfigurationList) DeepCopy

func (in *ConfigurationList) DeepCopy() *ConfigurationList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigurationList.

func (*ConfigurationList) DeepCopyInto

func (in *ConfigurationList) DeepCopyInto(out *ConfigurationList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ConfigurationList) DeepCopyObject

func (in *ConfigurationList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ConfigurationRevisionStatus added in v0.4.0

type ConfigurationRevisionStatus struct {
	// Revision is the revision number of the configuration
	// +kubebuilder:validation:Optional
	Revision string `json:"revision,omitempty"`
}

ConfigurationRevisionStatus defines the observed state of Configuration

func (*ConfigurationRevisionStatus) DeepCopy added in v0.4.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigurationRevisionStatus.

func (*ConfigurationRevisionStatus) DeepCopyInto added in v0.4.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ConfigurationSpec

type ConfigurationSpec struct {
	// Auth is used to configure any options required when the source of the terraform
	// module is private or requires credentials to retrieve. This could be SSH keys or git
	// user/pass or AWS credentials for an s3 bucket.
	// +kubebuilder:validation:Optional
	Auth *v1.SecretReference `json:"auth,omitempty"`
	// EnableAutoApproval when enabled indicates the configuration does not need to be
	// manually approved. On a change to the configuration, the controller will automatically
	// approve the configuration. Note it still needs to adhere to any checks or policies.
	// +kubebuilder:validation:Optional
	EnableAutoApproval bool `json:"enableAutoApproval,omitempty"`
	// EnableDriftDetection when enabled run periodic reconciliation configurations looking
	// for any drift between the expected and current state. If any drift is detected the
	// status is changed and a kubernetes event raised.
	EnableDriftDetection bool `json:"enableDriftDetection,omitempty"`
	// Module is the URL to the source of the terraform module. The format of the URL is
	// a direct implementation of terraform's module reference. Please see the following
	// repository for more details https://github.com/hashicorp/go-getter
	// +kubebuilder:validation:Required
	Module string `json:"module"`
	// Plan is an optional reference to a plan this configuration is associated with. If
	// not set and a policy exists to enforce a plan, the configuration will be rejected.
	// +kubebuilder:validation:Optional
	Plan *PlanReference `json:"plan,omitempty"`
	// ProviderRef is the reference to the provider which should be used to execute this
	// configuration.
	// +kubebuilder:validation:Optional
	ProviderRef *ProviderReference `json:"providerRef,omitempty"`
	// WriteConnectionSecretToRef is the name for a secret. On execution of the terraform module
	// any module outputs are written to this secret. The outputs are automatically uppercased
	// and ready to be consumed as environment variables.
	// +kubebuilder:validation:Optional
	// WriteConnectionSecretRef is the secret where the terraform outputs will be written.
	// +kubebuilder:validation:Required
	WriteConnectionSecretToRef *WriteConnectionSecret `json:"writeConnectionSecretToRef,omitempty"`
	// Variables provides the inputs for the terraform module itself. These are passed to the
	// terraform executor and used to execute the plan, apply and destroy phases.
	// +kubebuilder:validation:Optional
	// +kubebuilder:pruning:PreserveUnknownFields
	Variables *runtime.RawExtension `json:"variables,omitempty"`
	// ValueFromSource is a collection of value from sources, where the source of the value
	// is taken from a secret
	// +kubebuilder:validation:Optional
	ValueFrom ValueFromList `json:"valueFrom,omitempty"`
	// TFVars provides an initial set of variables to pass to the Terraform module. If both this and
	// Variables are set, values in Variables will override values with the same key in TFVars.
	// +kubebuilder:validation:Optional
	TFVars string `json:"tfVars,omitempty"`
	// TerraformVersion provides the ability to override the default terraform version. Before
	// changing this field its best to consult with platform administrator. As the
	// value of this field is used to change the tag of the terraform container image.
	// +kubebuilder:validation:Optional
	TerraformVersion string `json:"terraformVersion,omitempty"`
}

ConfigurationSpec defines the desired state of a terraform +k8s:openapi-gen=true

func (*ConfigurationSpec) DeepCopy

func (in *ConfigurationSpec) DeepCopy() *ConfigurationSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigurationSpec.

func (*ConfigurationSpec) DeepCopyInto

func (in *ConfigurationSpec) DeepCopyInto(out *ConfigurationSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ConfigurationSpec) GetVariables added in v0.4.0

func (c *ConfigurationSpec) GetVariables() (map[string]interface{}, error)

GetVariables returns the variables for the configuration

func (*ConfigurationSpec) HasValueFrom added in v0.4.0

func (c *ConfigurationSpec) HasValueFrom() bool

HasValueFrom returns true if the configuration has a value from

func (*ConfigurationSpec) HasVariables added in v0.4.0

func (c *ConfigurationSpec) HasVariables() bool

HasVariables returns true if the configuration has variables

type ConfigurationStatus

type ConfigurationStatus struct {
	corev1alpha1.CommonStatus `json:",inline"`
	// Costs is the predicted costs of this configuration. Note this field is only populated
	// when the integration has been configured by the administrator.
	// +kubebuilder:validation:Optional
	Costs *CostStatus `json:"costs,omitempty"`
	// DriftTimestamp is the timestamp of the last drift detection
	// +kubebuilder:validation:Optional
	DriftTimestamp string `json:"driftTimestamp,omitempty"`
	// Resources is the number of managed cloud resources which are currently under management.
	// This field is taken from the terraform state itself.
	// +kubebuilder:validation:Optional
	Resources *int `json:"resources,omitempty"`
	// ResourceStatus indicates the status of the resources and if the resources are insync with the
	// configuration
	ResourceStatus ResourceStatus `json:"resourceStatus,omitempty"`
	// TerraformVersion is the version of terraform which was last used to run this
	// configuration
	// +kubebuilder:validation:Optional
	TerraformVersion string `json:"terraformVersion,omitempty"`
}

ConfigurationStatus defines the observed state of a terraform +k8s:openapi-gen=true

func (*ConfigurationStatus) DeepCopy

func (in *ConfigurationStatus) DeepCopy() *ConfigurationStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigurationStatus.

func (*ConfigurationStatus) DeepCopyInto

func (in *ConfigurationStatus) DeepCopyInto(out *ConfigurationStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Constraints

type Constraints struct {
	// Modules provides the ability to control the source for all terraform modules. Allowing
	// platform teams to control where the modules can be downloaded from.
	// +kubebuilder:validation:Optional
	Modules *ModuleConstraint `json:"modules,omitempty"`
	// Checkov provides the ability to enforce a set of security standards on all configurations.
	// These can be configured to target specific resources based on namespace and resource
	// labels
	// +kubebuilder:validation:Optional
	Checkov *PolicyConstraint `json:"checkov,omitempty"`
}

Constraints defined a collection of constraints which can be applied against the terraform configurations

func (*Constraints) DeepCopy

func (in *Constraints) DeepCopy() *Constraints

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Constraints.

func (*Constraints) DeepCopyInto

func (in *Constraints) DeepCopyInto(out *Constraints)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Context added in v0.3.25

type Context struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   ContextSpec   `json:"spec,omitempty"`
	Status ContextStatus `json:"status,omitempty"`
}

Context is the schema for the context type +k8s:openapi-gen=true +kubebuilder:object:root=true +kubebuilder:subresource:status +kubebuilder:resource:path=contexts,scope=Cluster,categories={terraform} +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"

func NewContext added in v0.3.25

func NewContext(name string) *Context

NewContext creates a new Context

func (*Context) DeepCopy added in v0.3.25

func (in *Context) DeepCopy() *Context

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Context.

func (*Context) DeepCopyInto added in v0.3.25

func (in *Context) DeepCopyInto(out *Context)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Context) DeepCopyObject added in v0.3.25

func (in *Context) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Context) GetNamespacedName added in v0.3.25

func (c *Context) GetNamespacedName() types.NamespacedName

GetNamespacedName returns the namespaced resource type

type ContextList added in v0.3.25

type ContextList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Context `json:"items"`
}

ContextList contains a list of contexts

func (*ContextList) DeepCopy added in v0.3.25

func (in *ContextList) DeepCopy() *ContextList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContextList.

func (*ContextList) DeepCopyInto added in v0.3.25

func (in *ContextList) DeepCopyInto(out *ContextList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ContextList) DeepCopyObject added in v0.3.25

func (in *ContextList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ContextList) GetItem added in v0.4.0

func (c *ContextList) GetItem(name string) (Context, bool)

GetItem returns the item if the list contains the item name

func (*ContextList) HasItem added in v0.4.0

func (c *ContextList) HasItem(name string) bool

HasItem returns true if the list contains the item name

func (*ContextList) Merge added in v0.4.0

func (c *ContextList) Merge(items []Context)

Merge is called to merge any items which don't exist in the list

type ContextSpec added in v0.3.25

type ContextSpec struct {
	// Variables is a list of variables which can be used globally by Context resources.
	// The structure of the variables is a map of key/value pairs, which MUST have both
	// a description and a value.
	// +kubebuilder:validation:Required
	Variables map[string]runtime.RawExtension `json:"variables"`
}

ContextSpec defines the desired state for a context +k8s:openapi-gen=true

func (*ContextSpec) DeepCopy added in v0.3.25

func (in *ContextSpec) DeepCopy() *ContextSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContextSpec.

func (*ContextSpec) DeepCopyInto added in v0.3.25

func (in *ContextSpec) DeepCopyInto(out *ContextSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ContextSpec) GetVariable added in v0.4.0

func (c *ContextSpec) GetVariable(key string) (interface{}, bool, error)

GetVariable returns the variable value if it exists

func (*ContextSpec) GetVariableValue added in v0.3.25

func (c *ContextSpec) GetVariableValue(name string) (runtime.RawExtension, bool)

GetVariableValue returns the string value of the a variable

func (*ContextSpec) HasVariable added in v0.3.25

func (c *ContextSpec) HasVariable(name string) bool

HasVariable returns true if the context has variables defined

func (*ContextSpec) HasVariables added in v0.3.25

func (c *ContextSpec) HasVariables() bool

HasVariables returns true if the context has variables defined

type ContextStatus added in v0.3.25

type ContextStatus struct {
	corev1alpha1.CommonStatus `json:",inline"`
}

ContextStatus defines the observed state of a terraform +k8s:openapi-gen=true

func (*ContextStatus) DeepCopy added in v0.3.25

func (in *ContextStatus) DeepCopy() *ContextStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContextStatus.

func (*ContextStatus) DeepCopyInto added in v0.3.25

func (in *ContextStatus) DeepCopyInto(out *ContextStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CostStatus

type CostStatus struct {
	// Enabled indicates if the cost integration was enabled when this configuration was last
	// executed.
	// +kubebuilder:validation:Optional
	Enabled bool `json:"enabled,omitempty"`
	// Hourly is the hourly estimated cost of the configuration
	// +kubebuilder:validation:Optional
	Hourly string `json:"hourly,omitempty"`
	// Monthly is the monthly estimated cost of the configuration
	// +kubebuilder:validation:Optional
	Monthly string `json:"monthly,omitempty"`
}

CostStatus defines the cost status of a configuration

func (*CostStatus) DeepCopy

func (in *CostStatus) DeepCopy() *CostStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CostStatus.

func (*CostStatus) DeepCopyInto

func (in *CostStatus) DeepCopyInto(out *CostStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type DefaultVariables

type DefaultVariables struct {
	// Selector is used to determine which configurations the variables should be injected into
	// +kubebuilder:validation:Required
	Selector DefaultVariablesSelector `json:"selector"`
	// Secrets is a collection of secrets which are used to inject variables into the configuration
	// +kubebuilder:validation:Optional
	Secrets []string `json:"secrets,omitempty"`
	// Variables is a collection of variables to inject into the configuration
	// +kubebuilder:validation:Optional
	// +kubebuilder:pruning:PreserveUnknownFields
	Variables runtime.RawExtension `json:"variables,omitempty"`
}

DefaultVariables provides platform administrators the ability to inject default variables into a configuration

func (*DefaultVariables) DeepCopy

func (in *DefaultVariables) DeepCopy() *DefaultVariables

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DefaultVariables.

func (*DefaultVariables) DeepCopyInto

func (in *DefaultVariables) DeepCopyInto(out *DefaultVariables)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*DefaultVariables) HasSelectors added in v0.4.0

func (d *DefaultVariables) HasSelectors() bool

HasSelectors returns true if the policy has selectors

func (*DefaultVariables) HasVariables added in v0.4.0

func (d *DefaultVariables) HasVariables() bool

HasVariables returns true if the policy has variables

type DefaultVariablesSelector

type DefaultVariablesSelector struct {
	// Namespace selectors all configurations under one or more namespaces, determined by the
	// labeling on the namespace.
	// +kubebuilder:validation:Optional
	Namespace *metav1.LabelSelector `json:"namespace,omitempty"`
	// Modules provides a collection of regexes which are used to match against the
	// configuration module
	// +kubebuilder:validation:Optional
	Modules []string `json:"modules,omitempty"`
}

DefaultVariablesSelector is used to determine which configurations the variables should be injected into - this can take into account the namespace labels and the modules themselvesA

func (*DefaultVariablesSelector) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DefaultVariablesSelector.

func (*DefaultVariablesSelector) DeepCopyInto

func (in *DefaultVariablesSelector) DeepCopyInto(out *DefaultVariablesSelector)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (DefaultVariablesSelector) IsLabelsMatch

func (d DefaultVariablesSelector) IsLabelsMatch(object client.Object) (bool, error)

IsLabelsMatch returns if the selector matches the namespace label selector

func (DefaultVariablesSelector) IsModulesMatch

func (d DefaultVariablesSelector) IsModulesMatch(config *Configuration) (bool, error)

IsModulesMatch returns true of the module matches the regex

type ExternalCheck

type ExternalCheck struct {
	// Name provides a arbitrary name to the checks - note, this name is used as the directory
	// name when we source the code
	// +kubebuilder:validation:Required
	Name string `json:"name,omitempty"`
	// URL is the source external checks - this is usually a git repository. The notation
	// for this is https://github.com/hashicorp/go-getter
	// +kubebuilder:validation:Required
	URL string `json:"url,omitempty"`
	// SecretRef is reference to secret which contains environment variables used by the source
	// command to retrieve the code. This could be cloud credentials, ssh keys, git username
	// and password etc
	// +kubebuilder:validation:Optional
	SecretRef *v1.SecretReference `json:"secretRef,omitempty"`
}

ExternalCheck defines the definition for an external check - this comprises of the source and any optional secret

func (*ExternalCheck) DeepCopy

func (in *ExternalCheck) DeepCopy() *ExternalCheck

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalCheck.

func (*ExternalCheck) DeepCopyInto

func (in *ExternalCheck) DeepCopyInto(out *ExternalCheck)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalSource added in v0.3.7

type ExternalSource struct {
	// Configuration is the configuration to use within the source directory
	// +kubebuilder:validation:Required
	Configuration string `json:"configuration,omitempty"`
	// URL is the source external checks - this is usually a git repository. The notation
	// for this is https://github.com/hashicorp/go-getter
	// +kubebuilder:validation:Required
	URL string `json:"url,omitempty"`
	// SecretRef is reference to secret which contains environment variables used by the source
	// command to retrieve the code. This could be cloud credentials, ssh keys, git username
	// and password etc
	// +kubebuilder:validation:Optional
	SecretRef *v1.SecretReference `json:"secretRef,omitempty"`
}

ExternalSource is a external source for the checkov configuration

func (*ExternalSource) DeepCopy added in v0.3.7

func (in *ExternalSource) DeepCopy() *ExternalSource

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSource.

func (*ExternalSource) DeepCopyInto added in v0.3.7

func (in *ExternalSource) DeepCopyInto(out *ExternalSource)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type JobMetadata added in v0.4.2

type JobMetadata struct {
	// Labels is a collection of labels which are automatically added to all jobs.
	// +kubebuilder:validation:Optional
	Labels map[string]string `json:"labels,omitempty"`
	// Annotations is a collection of annotations which are automatically added to all jobs.
	// +kubebuilder:validation:Optional
	Annotations map[string]string `json:"annotations,omitempty"`
}

JobMetadata is a collection of labels and annotations which are automatically added to all jobs whom are created and use this provider. This can be useful to inject cloud vendor specific labels and annotations to the jobs; Azure workload identity, or AWS IAM roles for service accounts.

func (*JobMetadata) DeepCopy added in v0.4.2

func (in *JobMetadata) DeepCopy() *JobMetadata

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JobMetadata.

func (*JobMetadata) DeepCopyInto added in v0.4.2

func (in *JobMetadata) DeepCopyInto(out *JobMetadata)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ModuleConstraint

type ModuleConstraint struct {
	// Allowed is a collection of regexes which are applied to the source of the terraform
	// configuration. The configuration MUST match one or more of the regexes in order to
	// be allowed to run.
	// +kubebuilder:validation:Optional
	Allowed []string `json:"allowed,omitempty"`
	// Selector is the selector on the namespace or labels on the configuration. By leaving
	// this field empty you are implicitly selecting all configurations.
	// +kubebuilder:validation:Optional
	Selector *Selector `json:"selector,omitempty"`
}

ModuleConstraint provides a collection of constraints on modules

func (*ModuleConstraint) DeepCopy

func (in *ModuleConstraint) DeepCopy() *ModuleConstraint

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ModuleConstraint.

func (*ModuleConstraint) DeepCopyInto

func (in *ModuleConstraint) DeepCopyInto(out *ModuleConstraint)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ModuleConstraint) Matches

func (m *ModuleConstraint) Matches(module string) (bool, error)

Matches returns true if the module matches the regex

type Plan added in v0.4.0

type Plan struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   PlanSpec   `json:"spec,omitempty"`
	Status PlanStatus `json:"status,omitempty"`
}

Plan is the schema for the plan type +k8s:openapi-gen=true +kubebuilder:object:root=true +kubebuilder:subresource:status +kubebuilder:resource:path=plans,scope=Cluster,categories={terraform} +kubebuilder:printcolumn:name="Latest",type="string",JSONPath=".status.latest.revision" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"

func NewPlan added in v0.4.0

func NewPlan(name string) *Plan

NewPlan creates a new Plan

func (*Plan) DeepCopy added in v0.4.0

func (in *Plan) DeepCopy() *Plan

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Plan.

func (*Plan) DeepCopyInto added in v0.4.0

func (in *Plan) DeepCopyInto(out *Plan)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Plan) DeepCopyObject added in v0.4.0

func (in *Plan) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Plan) GetCommonStatus added in v0.4.0

func (c *Plan) GetCommonStatus() *corev1alpha1.CommonStatus

GetCommonStatus returns the common status

func (*Plan) GetNamespacedName added in v0.4.0

func (c *Plan) GetNamespacedName() types.NamespacedName

GetNamespacedName returns the namespaced resource type

func (*Plan) GetRevision added in v0.4.0

func (c *Plan) GetRevision(version string) (PlanRevision, bool)

GetRevision returns the revision with the specified version

func (*Plan) HasRevision added in v0.4.0

func (c *Plan) HasRevision(version string) bool

HasRevision returns true if the plan has the specified revision

func (*Plan) ListRevisions added in v0.4.0

func (c *Plan) ListRevisions() []string

ListRevisions returns a list of revisions

func (*Plan) RemoveRevision added in v0.4.0

func (c *Plan) RemoveRevision(version string)

RemoveRevision removes the specified revision from the plan

type PlanList added in v0.4.0

type PlanList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Plan `json:"items"`
}

PlanList contains a list of plans

func (*PlanList) DeepCopy added in v0.4.0

func (in *PlanList) DeepCopy() *PlanList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PlanList.

func (*PlanList) DeepCopyInto added in v0.4.0

func (in *PlanList) DeepCopyInto(out *PlanList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PlanList) DeepCopyObject added in v0.4.0

func (in *PlanList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*PlanList) GetItem added in v0.4.0

func (p *PlanList) GetItem(name string) (Plan, bool)

GetItem returns the item if it exists

type PlanReference added in v0.4.0

type PlanReference struct {
	// Name is the name of the plan this configuration is associated with
	// +kubebuilder:validation:Required
	Name string `json:"name"`
	// Revision is the revision of the plan this configuration is associated with
	// +kubebuilder:validation:Required
	Revision string `json:"revision"`
}

PlanReference are the fields related to a configuration plan

func (*PlanReference) DeepCopy added in v0.4.0

func (in *PlanReference) DeepCopy() *PlanReference

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PlanReference.

func (*PlanReference) DeepCopyInto added in v0.4.0

func (in *PlanReference) DeepCopyInto(out *PlanReference)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PlanReference) IsValid added in v0.4.0

func (p *PlanReference) IsValid() error

IsValid returns an error if the plan reference is not valid

type PlanRevision added in v0.4.0

type PlanRevision struct {
	// Name is the name of the revision containing the configuration
	//+kubebuilder:validation:Required
	Name string `json:"name"`
	// Revision is the version of the revision
	//+kubebuilder:validation:Required
	Revision string `json:"revision"`
}

PlanRevision is a reference to a revision of a plan existing in the system

func (*PlanRevision) DeepCopy added in v0.4.0

func (in *PlanRevision) DeepCopy() *PlanRevision

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PlanRevision.

func (*PlanRevision) DeepCopyInto added in v0.4.0

func (in *PlanRevision) DeepCopyInto(out *PlanRevision)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PlanSpec added in v0.4.0

type PlanSpec struct {
	// Revisions is a collection of revision associated with this plan
	Revisions []PlanRevision `json:"revisions,omitempty"`
}

PlanSpec defines the desired state for a context +k8s:openapi-gen=true

func (*PlanSpec) DeepCopy added in v0.4.0

func (in *PlanSpec) DeepCopy() *PlanSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PlanSpec.

func (*PlanSpec) DeepCopyInto added in v0.4.0

func (in *PlanSpec) DeepCopyInto(out *PlanSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PlanStatus added in v0.4.0

type PlanStatus struct {
	corev1alpha1.CommonStatus `json:",inline"`
	// Latest is the latest revision from this plan
	// +kubebuilder:validation:Optional
	Latest PlanRevision `json:"latest,omitempty"`
}

PlanStatus defines the observed state of a terraform +k8s:openapi-gen=true

func (*PlanStatus) DeepCopy added in v0.4.0

func (in *PlanStatus) DeepCopy() *PlanStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PlanStatus.

func (*PlanStatus) DeepCopyInto added in v0.4.0

func (in *PlanStatus) DeepCopyInto(out *PlanStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Policy

type Policy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   PolicySpec   `json:"spec,omitempty"`
	Status PolicyStatus `json:"status,omitempty"`
}

Policy is the schema for provider definitions in terraform controller +k8s:openapi-gen=true +kubebuilder:object:root=true +kubebuilder:subresource:status +kubebuilder:resource:path=policies,scope=Cluster,categories={terraform} +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"

func (*Policy) DeepCopy

func (in *Policy) DeepCopy() *Policy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy.

func (*Policy) DeepCopyInto

func (in *Policy) DeepCopyInto(out *Policy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Policy) DeepCopyObject

func (in *Policy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Policy) GetCommonStatus

func (p *Policy) GetCommonStatus() *corev1alpha1.CommonStatus

GetCommonStatus returns the common status

type PolicyConstraint

type PolicyConstraint struct {
	// Checks is a list of checks which should be applied against the configuration. Note, an
	// empty list here implies checkov should run ALL checks.
	// Please see https://www.checkov.io/5.Policy%20Index/terraform.html
	// +kubebuilder:validation:Optional
	Checks []string `json:"checks,omitempty"`
	// External is a collection of external checks which should be included in the scan. Each
	// of the external sources and retrieved and sourced into /run/policy/NAME where they can
	// be included as part of the scan
	// +kubebuilder:validation:Optional
	External []ExternalCheck `json:"external,omitempty"`
	// Selector is the selector on the namespace or labels on the configuration. By leaving this
	// fields empty you can implicitly selecting all configurations.
	// +kubebuilder:validation:Optional
	Selector *Selector `json:"selector,omitempty"`
	// SkipChecks is a collection of checkov checks which you can defined as skipped. The security
	// scan will ignore any failures on these checks.
	// +kubebuilder:validation:Optional
	SkipChecks []string `json:"skipChecks,omitempty"`
	// Source indicates an external source for the checkov configurations
	// +kubebuilder:validation:Optional
	Source *ExternalSource `json:"source,omitempty"`
}

PolicyConstraint defines the checkov policies the configurations must comply with

func (*PolicyConstraint) DeepCopy

func (in *PolicyConstraint) DeepCopy() *PolicyConstraint

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyConstraint.

func (*PolicyConstraint) DeepCopyInto

func (in *PolicyConstraint) DeepCopyInto(out *PolicyConstraint)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PolicyConstraint) ExternalCheckNames

func (p *PolicyConstraint) ExternalCheckNames() []string

ExternalCheckNames returns the name of the external check names

type PolicyList

type PolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Policy `json:"items"`
}

PolicyList contains a list of providers

func (*PolicyList) DeepCopy

func (in *PolicyList) DeepCopy() *PolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyList.

func (*PolicyList) DeepCopyInto

func (in *PolicyList) DeepCopyInto(out *PolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PolicyList) DeepCopyObject

func (in *PolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*PolicyList) HasItem added in v0.4.0

func (c *PolicyList) HasItem(name string) bool

HasItem returns true if the list contains the item name

func (*PolicyList) Merge added in v0.4.0

func (c *PolicyList) Merge(items []Policy)

Merge is called to merge any items which don't exist in the list

type PolicySpec

type PolicySpec struct {
	// Summary is an optional field which can be used to define a summary of what the policy is
	// configured to enforce.
	// +kubebuilder:validation:Optional
	Summary string `json:"summary,omitempty"`
	// Constraints provides a series or constraints that must be enforced on the selectored
	// terraform configurations.
	// +kubebuilder:validation:Optional
	Constraints *Constraints `json:"constraints,omitempty"`
	// Defaults provides the ability to target specific terraform module based on namespace or
	// resource labels and automatically inject variables into the configurations.
	// +kubebuilder:validation:Optional
	Defaults []DefaultVariables `json:"defaults,omitempty"`
}

PolicySpec defines the desired state of a provider +k8s:openapi-gen=true

func (*PolicySpec) DeepCopy

func (in *PolicySpec) DeepCopy() *PolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicySpec.

func (*PolicySpec) DeepCopyInto

func (in *PolicySpec) DeepCopyInto(out *PolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyStatus

type PolicyStatus struct {
	corev1alpha1.CommonStatus `json:",inline"`
}

PolicyStatus defines the observed state of a provider +k8s:openapi-gen=true

func (*PolicyStatus) DeepCopy

func (in *PolicyStatus) DeepCopy() *PolicyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyStatus.

func (*PolicyStatus) DeepCopyInto

func (in *PolicyStatus) DeepCopyInto(out *PolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PreloadConfiguration added in v0.3.25

type PreloadConfiguration struct {
	// Cluster is the name of the kubernetes cluster we use to pivot the data around
	// +kubebuilder:validation:Optional
	Cluster string `json:"cluster,omitempty"`
	// Context is the context name of the Context we should create from the preload
	// implementation
	// +kubebuilder:validation:Optional
	Context string `json:"context,omitempty"`
	// Enabled indicates if the preloader is enabled
	// +kubebuilder:validation:Optional
	Enabled *bool `json:"enabled,omitempty"`
	// Interval is the interval to run the preloader
	// +kubebuilder:validation:Optional
	Interval *metav1.Duration `json:"interval,omitempty"`
	// Region is the cloud region the cluster is location in
	// +kubebuilder:validation:Optional
	Region string `json:"region,omitempty"`
}

PreloadConfiguration defines the definitions for preload options

func (*PreloadConfiguration) DeepCopy added in v0.3.25

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PreloadConfiguration.

func (*PreloadConfiguration) DeepCopyInto added in v0.3.25

func (in *PreloadConfiguration) DeepCopyInto(out *PreloadConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PreloadConfiguration) GetIntervalOrDefault added in v0.3.25

func (p *PreloadConfiguration) GetIntervalOrDefault(value time.Duration) time.Duration

GetIntervalOrDefault returns the interval or the default

type Provider

type Provider struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   ProviderSpec   `json:"spec,omitempty"`
	Status ProviderStatus `json:"status,omitempty"`
}

Provider is the schema for provider definitions in terraform controller +k8s:openapi-gen=true +kubebuilder:object:root=true +kubebuilder:subresource:status +kubebuilder:resource:path=providers,scope=Cluster,categories={terraform} +kubebuilder:printcolumn:name="Source",type="string",JSONPath=".spec.source" +kubebuilder:printcolumn:name="Provider",type="string",JSONPath=".spec.provider" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"

func (*Provider) DeepCopy

func (in *Provider) DeepCopy() *Provider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Provider.

func (*Provider) DeepCopyInto

func (in *Provider) DeepCopyInto(out *Provider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Provider) DeepCopyObject

func (in *Provider) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Provider) GetCommonStatus

func (p *Provider) GetCommonStatus() *corev1alpha1.CommonStatus

GetCommonStatus returns the common status

func (*Provider) GetConfiguration

func (p *Provider) GetConfiguration() []byte

GetConfiguration returns the provider configuration is any

func (*Provider) GetNamespacedName

func (p *Provider) GetNamespacedName() types.NamespacedName

GetNamespacedName returns the namespaced name type

func (*Provider) HasBackendTemplate added in v0.4.1

func (p *Provider) HasBackendTemplate() bool

HasBackendTemplate returns true if the provider has a backend template

func (*Provider) HasConfiguration

func (p *Provider) HasConfiguration() bool

HasConfiguration returns true if the provider has custom configuration

func (*Provider) IsPreloadingEnabled added in v0.3.25

func (p *Provider) IsPreloadingEnabled() bool

IsPreloadingEnabled returns true if the provider is enabled for preloading

func (*Provider) JobAnnotations added in v0.4.2

func (p *Provider) JobAnnotations() map[string]string

JobAnnotations returns the annotations which are automatically added to all jobs

func (*Provider) JobLabels added in v0.4.2

func (p *Provider) JobLabels() map[string]string

JobLabels returns the labels which are automatically added to all jobs

type ProviderList

type ProviderList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Provider `json:"items"`
}

ProviderList contains a list of providers

func (*ProviderList) DeepCopy

func (in *ProviderList) DeepCopy() *ProviderList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderList.

func (*ProviderList) DeepCopyInto

func (in *ProviderList) DeepCopyInto(out *ProviderList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ProviderList) DeepCopyObject

func (in *ProviderList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ProviderList) GetItem added in v0.4.0

func (c *ProviderList) GetItem(name string) (Provider, bool)

GetItem returns the item by name from the list

func (*ProviderList) HasItem added in v0.4.0

func (c *ProviderList) HasItem(name string) bool

HasItem returns true if the list contains the item name

func (*ProviderList) Merge added in v0.4.0

func (c *ProviderList) Merge(items []Provider)

Merge is called to merge any items which don't exist in the list

type ProviderReference

type ProviderReference struct {
	// Name is the name of the provider which contains the credentials to use for this
	// configuration.
	// +kubebuilder:validation:Required
	Name string `json:"name"`
	// Namespace is the namespace of the provider itself.
	// +kubebuilder:validation:Optional
	// +kubebuilder:deprecatedversion:warning="namespace is a deprecated field for provider references"
	Namespace string `json:"namespace,omitempty"`
}

ProviderReference is the reference to the provider which is used to create the configuration

func (*ProviderReference) DeepCopy

func (in *ProviderReference) DeepCopy() *ProviderReference

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderReference.

func (*ProviderReference) DeepCopyInto

func (in *ProviderReference) DeepCopyInto(out *ProviderReference)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ProviderReference) IsValid added in v0.4.0

func (p *ProviderReference) IsValid() error

IsValid returns an error if the provider is invalid

type ProviderSpec

type ProviderSpec struct {
	// Configuration is optional configuration to the provider. This is terraform provider specific.
	// +kubebuilder:validation:Optional
	// +kubebuilder:pruning:PreserveUnknownFields
	Configuration *runtime.RawExtension `json:"configuration,omitempty"`
	// BackendTemplate is the reference to a backend template used for the terraform
	// state storage. This field can override the default backend template, which is supplied as
	// a command line argument to the controller binary. The contents of the secret MUST be a
	// single field 'backend.tf' which contains the backend template.
	// +kubebuilder:validation:Optional
	BackendTemplate *v1.SecretReference `json:"backendTemplate,omitempty"`
	// Job defined a custom collection of labels and annotations to be applied to all jobs
	// which are created and 'use' this provider.
	// +kubebuilder:validation:Optional
	Job *JobMetadata `json:"job,omitempty"`
	// Preload defines the configuration for the preloading of contextual data from the cloud vendor.
	// +kubebuilder:validation:Optional
	Preload *PreloadConfiguration `json:"preload,omitempty"`
	// ProviderType defines the cloud provider which is being used, currently supported providers are
	// aws, google or azurerm.
	// +kubebuilder:validation:Required
	Provider ProviderType `json:"provider"`
	// SecretRef is a reference to a kubernetes secret. This is required only when using the source: secret.
	// The secret should include the environment variables required to by the terraform provider.
	// +kubebuilder:validation:Optional
	SecretRef *v1.SecretReference `json:"secretRef,omitempty"`
	// Selector provider the ability to filter who can use this provider. If empty, all users
	// in the cluster is permitted to use the provider. Otherrise you can specify a selector
	// which can use namespace and resource labels
	// +kubebuilder:validation:Optional
	Selector *Selector `json:"selector,omitempty"`
	// ServiceAccount is the name of a service account to use when the provider source is 'injected'. The
	// service account should exist in the terraform controller namespace and be configure per cloud vendor
	// requirements for pod identity.
	// +kubebuilder:validation:Optional
	ServiceAccount *string `json:"serviceAccount,omitempty"`
	// Source defines the type of credentials the provider is wrapper, this could be wrapping a static secret
	// or using a managed identity. The currently supported values are secret and injected.
	// +kubebuilder:validation:Required
	Source SourceType `json:"source"`
	// Summary provides a human readable description of the provider
	// +kubebuilder:validation:Optional
	Summary string `json:"summary,omitempty"`
}

ProviderSpec defines the desired state of a provider +k8s:openapi-gen=true

func (*ProviderSpec) DeepCopy

func (in *ProviderSpec) DeepCopy() *ProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderSpec.

func (*ProviderSpec) DeepCopyInto

func (in *ProviderSpec) DeepCopyInto(out *ProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProviderStatus

type ProviderStatus struct {
	corev1alpha1.CommonStatus `json:",inline"`
	// LastPreloadTime is the last time the provider was used to run a preload
	// job
	// +kubebuilder:validation:Optional
	LastPreloadTime *metav1.Time `json:"lastPreloadTime,omitempty"`
}

ProviderStatus defines the observed state of a provider +k8s:openapi-gen=true

func (*ProviderStatus) DeepCopy

func (in *ProviderStatus) DeepCopy() *ProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderStatus.

func (*ProviderStatus) DeepCopyInto

func (in *ProviderStatus) DeepCopyInto(out *ProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProviderType

type ProviderType string

ProviderType is the type of cloud

const (
	// AliCloudProviderType is the Alibaba Cloud provider type
	AliCloudProviderType ProviderType = "alicloud"
	// AzureProviderType is the Azure provider type
	AzureProviderType ProviderType = "azurerm"
	// AzureCloudStackProviderType is the Azure Cloud Stack provider type
	AzureCloudStackProviderType ProviderType = "azurestack"
	// AWSProviderType is the AWS provider type
	AWSProviderType ProviderType = "aws"
	// AzureActiveDirectoryProviderType is the Azure Active Directory provider type
	AzureActiveDirectoryProviderType ProviderType = "azuread"
	// GCPProviderType is the GCP provider type
	GCPProviderType ProviderType = "google"
	// GoogleWorkpspaceProviderType is the Google Workspace provider type
	GoogleWorkpspaceProviderType ProviderType = "googleworkspace"
	// KubernetesProviderType is the Kubernetes provider type
	KubernetesProviderType ProviderType = "kubernetes"
	// VaultProviderType is the Vault provider type
	VaultProviderType ProviderType = "vault"
	// VSphereProviderType is the VSphere provider type
	VSphereProviderType ProviderType = "vsphere"
)

func (*ProviderType) String added in v0.3.25

func (p *ProviderType) String() string

String returns the string representation of the provider type

type ResourceStatus

type ResourceStatus string

ResourceStatus is the status of the resources

const (
	// ResourcesInSync is the status when the configuration is in sync
	ResourcesInSync ResourceStatus = "InSync"
	// ResourcesOutOfSync is the status when the configuration is out of sync
	ResourcesOutOfSync ResourceStatus = "OutOfSync"
	// DestroyingResources is the status when the configuration is being destroyed
	DestroyingResources ResourceStatus = "Deleting"
	// DestroyingResourcesFailed is the status when the configuration is being destroyed and failed
	DestroyingResourcesFailed ResourceStatus = "DeletionFailed"
	// UnknownResourceStatus is the status when the configuration is unknown
	UnknownResourceStatus ResourceStatus = ""
)

type Revision added in v0.4.0

type Revision struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   RevisionSpec   `json:"spec,omitempty"`
	Status RevisionStatus `json:"status,omitempty"`
}

Revision is the schema for a revision +k8s:openapi-gen=true +kubebuilder:object:root=true +kubebuilder:resource:path=revisions,scope=Cluster,categories={terraform} +kubebuilder:subresource:status +kubebuilder:printcolumn:name="Plan",type="string",JSONPath=".spec.plan.name" +kubebuilder:printcolumn:name="Description",type="string",JSONPath=".spec.plan.description" +kubebuilder:printcolumn:name="Version",type="string",JSONPath=".spec.plan.revision" +kubebuilder:printcolumn:name="InUse",type="integer",JSONPath=".status.inUse" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"

func NewRevision added in v0.4.0

func NewRevision(name string) *Revision

NewRevision returns an empty configuration

func (*Revision) DeepCopy added in v0.4.0

func (in *Revision) DeepCopy() *Revision

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Revision.

func (*Revision) DeepCopyInto added in v0.4.0

func (in *Revision) DeepCopyInto(out *Revision)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Revision) DeepCopyObject added in v0.4.0

func (in *Revision) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Revision) GetCommonStatus added in v0.4.0

func (c *Revision) GetCommonStatus() *corev1alpha1.CommonStatus

GetCommonStatus returns the common status

func (*Revision) GetNamespacedName added in v0.4.0

func (c *Revision) GetNamespacedName() types.NamespacedName

GetNamespacedName returns the namespaced resource type

func (*Revision) ListOfInputs added in v0.4.0

func (c *Revision) ListOfInputs() []string

ListOfInputs is a list of inputs for this revision

type RevisionContextDependency added in v0.4.0

type RevisionContextDependency struct {
	// Name is the name of the context resource we are dependent on
	// +kubebuilder:validation:Required
	Name string `json:"name"`
	// Cloud is the name of the cloud vendor we are dependent on, such as aws, azurerm, which
	// the context resource is associated with
	// +kubebuilder:validation:Optional
	Cloud string `json:"cloud,omitempty"`
}

RevisionContextDependency is a dependency on a context resource

func (*RevisionContextDependency) DeepCopy added in v0.4.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevisionContextDependency.

func (*RevisionContextDependency) DeepCopyInto added in v0.4.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RevisionDefinition added in v0.4.0

type RevisionDefinition struct {
	// Name is the name which this revision is grouped by, such as mysql, redis, etc. Multiple
	// revisions can be grouped by the same name, presented as a list of revisions for a single
	// plan name
	// +kubebuilder:validation:Required
	Name string `json:"name"`
	// Description is a short description of the revision and its purpose, capabilities, etc.
	// +kubebuilder:validation:Required
	Description string `json:"description"`
	// Categories is a list of categories which this revision is grouped by, such as database,
	// cache, etc.
	// +kubebuilder:validation:Optional
	Categories []string `json:"categories,omitempty"`
	// ChangeLog provides a human readable list of changes for this revision
	// +kubebuilder:validation:Optional
	ChangeLog string `json:"changeLog,omitempty"`
	// Revision is the version of the revision, such as 1.0.0, 1.0.1, etc.
	// +kubebuilder:validation:Required
	Revision string `json:"revision"`
}

RevisionDefinition retains all the information related to the configuration plan such as description, version, category, etc.

func (*RevisionDefinition) DeepCopy added in v0.4.0

func (in *RevisionDefinition) DeepCopy() *RevisionDefinition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevisionDefinition.

func (*RevisionDefinition) DeepCopyInto added in v0.4.0

func (in *RevisionDefinition) DeepCopyInto(out *RevisionDefinition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RevisionDependency added in v0.4.0

type RevisionDependency struct {
	// Revision indicates this revision has a dependency on a context resource
	// +kubebuilder:validation:Optional
	Context *RevisionContextDependency `json:"context,omitempty"`
	// Provider indicates this revision has a dependency on a provider resource
	// +kubebuilder:validation:Optional
	Provider *RevisionProviderDependency `json:"provider,omitempty"`
	// Terranetes indicates this revision has a dependency on a terranetes controller
	// +kubebuilder:validation:Optional
	Terranetes *RevisionTerranetesDependency `json:"terranetes,omitempty"`
}

RevisionDependency defined a dependency for this revision. Currently we support Provider, Revision or Terranetes version

func (*RevisionDependency) DeepCopy added in v0.4.0

func (in *RevisionDependency) DeepCopy() *RevisionDependency

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevisionDependency.

func (*RevisionDependency) DeepCopyInto added in v0.4.0

func (in *RevisionDependency) DeepCopyInto(out *RevisionDependency)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RevisionInput added in v0.4.0

type RevisionInput struct {
	// Default is the default value for this input, this is a map which must contain
	// the field 'value' => 'default value'. Default values can be any simple of complex
	// type, such as string, int, bool, etc.
	// +kubebuilder:validation:Optional
	Default *runtime.RawExtension `json:"default,omitempty"`
	// Description is a short description of the input and its purpose, capabilities, etc.
	// +kubebuilder:validation:Required
	Description string `json:"description"`
	// Key is the name of the variable when presented to the terraform module. If this field
	// is not specified, the name will be used as the key instead
	// +kubebuilder:validation:Optional
	Key string `json:"key,omitempty"`
	// Required indicates whether this input is required or not by the revision
	// +kubebuilder:validation:Optional
	Required *bool `json:"required,omitempty"`
	// Type is the format of the input, such as string, int, bool, etc.
	// +kubebuilder:validation:Optional
	Type *string `json:"type,omitempty"`
}

RevisionInput is a user defined input for a revision, such as a database name or a cache size etc.

func (*RevisionInput) DeepCopy added in v0.4.0

func (in *RevisionInput) DeepCopy() *RevisionInput

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevisionInput.

func (*RevisionInput) DeepCopyInto added in v0.4.0

func (in *RevisionInput) DeepCopyInto(out *RevisionInput)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RevisionInput) GetKeyName added in v0.4.0

func (c *RevisionInput) GetKeyName() string

GetKeyName returns either the key or defaults to the name

func (*RevisionInput) IsRequired added in v0.4.0

func (c *RevisionInput) IsRequired() bool

IsRequired returns true if the input is required

type RevisionList added in v0.4.0

type RevisionList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Revision `json:"items"`
}

RevisionList contains a list of revisions

func (*RevisionList) DeepCopy added in v0.4.0

func (in *RevisionList) DeepCopy() *RevisionList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevisionList.

func (*RevisionList) DeepCopyInto added in v0.4.0

func (in *RevisionList) DeepCopyInto(out *RevisionList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RevisionList) DeepCopyObject added in v0.4.0

func (in *RevisionList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type RevisionProviderDependency added in v0.4.0

type RevisionProviderDependency struct {
	// Cloud is the name of the cloud vendor we are dependent on, such as aws, azurerm, The
	// controller we ensure we have the provider installed before we can apply the configuration
	// +kubebuilder:validation:Required
	Cloud string `json:"cloud"`
}

RevisionProviderDependency is a dependency on a provider

func (*RevisionProviderDependency) DeepCopy added in v0.4.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevisionProviderDependency.

func (*RevisionProviderDependency) DeepCopyInto added in v0.4.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RevisionSpec added in v0.4.0

type RevisionSpec struct {
	// Configuration is the configuration which this revision is providing to the
	// consumer.
	// +kubebuilder:validation:Required
	Configuration ConfigurationSpec `json:"configuration"`
	// Dependencies is a collection of dependencies which this revision depends on
	// such as a Provider, Terranetes version, or Revision
	// +kubebuilder:validation:Optional
	Dependencies []RevisionDependency `json:"dependencies,omitempty"`
	// Inputs is a collection of inputs which this revision the consumer of this
	// revision can or must provide. This is usually limited to contextual information
	// such as a name for the database, the size required, a bucket name, or policy.
	// +kubebuilder:validation:Optional
	Inputs []RevisionInput `json:"inputs,omitempty"`
	// Plan contains the information related to the name, version, description of
	// the revision.
	// +kubebuilder:validation:Required
	Plan RevisionDefinition `json:"plan"`
}

RevisionSpec defines the desired state of a configuration plan revision +k8s:openapi-gen=tr

func (*RevisionSpec) DeepCopy added in v0.4.0

func (in *RevisionSpec) DeepCopy() *RevisionSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevisionSpec.

func (*RevisionSpec) DeepCopyInto added in v0.4.0

func (in *RevisionSpec) DeepCopyInto(out *RevisionSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RevisionSpec) GetInput added in v0.4.0

func (r *RevisionSpec) GetInput(key string) (RevisionInput, bool)

GetInput returns the input for the given key

func (*RevisionSpec) GetInputDefaultValue added in v0.4.0

func (r *RevisionSpec) GetInputDefaultValue(key string) (interface{}, bool, error)

GetInputDefaultValue returns the default value for the input

type RevisionStatus added in v0.4.0

type RevisionStatus struct {
	corev1alpha1.CommonStatus `json:",inline"`
	// InUse is the number of cloud resources which are currently using this revision
	// +kubebuilder:validation:Optional
	InUse int `json:"inUse,omitempty"`
}

RevisionStatus defines the observed state of a terraform +k8s:openapi-gen=true

func (*RevisionStatus) DeepCopy added in v0.4.0

func (in *RevisionStatus) DeepCopy() *RevisionStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevisionStatus.

func (*RevisionStatus) DeepCopyInto added in v0.4.0

func (in *RevisionStatus) DeepCopyInto(out *RevisionStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RevisionTerranetesDependency added in v0.4.0

type RevisionTerranetesDependency struct {
	// Version is used to specify the version of the terranetes resource we are dependent on.
	// This format is based on Semantic Versioning 2.0.0 and can use '>=', '>', '<=', and '<'
	// +kubebuilder:validation:Required
	Version string `json:"version"`
}

RevisionTerranetesDependency is a dependency on a terranetes controller

func (*RevisionTerranetesDependency) DeepCopy added in v0.4.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevisionTerranetesDependency.

func (*RevisionTerranetesDependency) DeepCopyInto added in v0.4.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Selector

type Selector struct {
	// Namespace is used to filter a configuration based on the namespace labels of
	// where it exists
	// +kubebuilder:validation:Optional
	Namespace *metav1.LabelSelector `json:"namespace,omitempty"`
	// Resource provides the ability to filter a configuration based on it's labels
	// +kubebuilder:validation:Optional
	Resource *metav1.LabelSelector `json:"resource,omitempty"`
}

Selector defines the definition for a selector on configuration labels of the namespace the resource resides

func (*Selector) DeepCopy

func (in *Selector) DeepCopy() *Selector

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Selector.

func (*Selector) DeepCopyInto

func (in *Selector) DeepCopyInto(out *Selector)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SourceType

type SourceType string

SourceType is the type of source

type ValueFromList added in v0.4.0

type ValueFromList []ValueFromSource

ValueFromList is a list of value from sources

func (ValueFromList) DeepCopy added in v0.4.0

func (in ValueFromList) DeepCopy() ValueFromList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValueFromList.

func (ValueFromList) DeepCopyInto added in v0.4.0

func (in ValueFromList) DeepCopyInto(out *ValueFromList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ValueFromList) HasContextReferences added in v0.4.0

func (v *ValueFromList) HasContextReferences() bool

HasContextReferences returns true if the configuration has context references

func (*ValueFromList) HasSecretReferences added in v0.4.0

func (v *ValueFromList) HasSecretReferences() bool

HasSecretReferences returns true if the configuration has secret references

func (*ValueFromList) IsValid added in v0.4.0

func (v *ValueFromList) IsValid() error

IsValid checks the value from source is valid, else returns an error

type ValueFromSource

type ValueFromSource struct {
	// Context is the context is the name of the terraform context where the
	// value should be retrieved from
	Context *string `json:"context,omitempty"`
	// Optional indicates the secret can be optional, i.e if the secret does not exist, or the key is
	// not contained in the secret, we ignore the error
	// +kubebuilder:validation:Optional
	Optional bool `json:"optional,omitempty"`
	// Key is the key in the secret which we should used for the value
	// +kubebuilder:validation:Required
	Key string `json:"key"`
	// Name is the name which we use when injecting the value into the terraform code
	// i.e. the secret may contain data.DB_HOST but you call this database_hostname. Note,
	// for backwards compatiability if no name is provided, we using the key at the name
	Name string `json:"name,omitempty"`
	// Secret is the name of the secret in the configuration namespace
	// +kubebuilder:validation:Optional
	Secret *string `json:"secret,omitempty"`
}

ValueFromSource defines a value which is taken from a secret

func (*ValueFromSource) DeepCopy

func (in *ValueFromSource) DeepCopy() *ValueFromSource

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValueFromSource.

func (*ValueFromSource) DeepCopyInto

func (in *ValueFromSource) DeepCopyInto(out *ValueFromSource)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ValueFromSource) GetName added in v0.3.23

func (v *ValueFromSource) GetName() string

GetName returns the name or the key if not set

func (*ValueFromSource) IsValid added in v0.4.0

func (v *ValueFromSource) IsValid(path string) error

IsValid checks if all the value from are valid, else returns an error

type WriteConnectionSecret

type WriteConnectionSecret struct {
	// Name is the of the secret where you want to the terraform output to be written. The terraform outputs
	// will be written to the secret as a key value pair. All are uppercased can read to be consumed by the
	// workload.
	// +kubebuilder:validation:Required
	Name string `json:"name"`
	// Keys is a collection of name used to filter the terraform output. By default all keys from the
	// output of the terraform state are written to the connection secret. Here we can define exactly
	// which keys we want from that output.
	// +kubebuilder:validation:Optional
	Keys []string `json:"keys,omitempty"`
}

WriteConnectionSecret defines the options around the secret produced by the terraform code

func (*WriteConnectionSecret) AddKey added in v0.3.15

func (w *WriteConnectionSecret) AddKey(key, override string)

AddKey adds a key to the list

func (*WriteConnectionSecret) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WriteConnectionSecret.

func (*WriteConnectionSecret) DeepCopyInto

func (in *WriteConnectionSecret) DeepCopyInto(out *WriteConnectionSecret)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*WriteConnectionSecret) HasKeys

func (w *WriteConnectionSecret) HasKeys() bool

HasKeys returns true if the keys are not empty

func (*WriteConnectionSecret) IsValid added in v0.4.0

func (w *WriteConnectionSecret) IsValid() error

IsValid checks if the write connection secret is valid

func (*WriteConnectionSecret) KeysMap

func (w *WriteConnectionSecret) KeysMap() (map[string]string, error)

KeysMap returns the map of keys to name

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL