v1beta1

package
v0.8.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 20, 2023 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Overview

Package v1beta1 contains API Schema definitions for the styra v1beta1 API group.

Index

Constants

This section is empty.

Variables

View Source 
var (
	// GroupVersion is group version used to register these objects
	GroupVersion = schema.GroupVersion{Group: "styra.bankdata.dk", Version: "v1beta1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

This section is empty.

Types

type AllowedMapping 

type AllowedMapping struct {
	// Expected is the value we expect to be set in the Path in order to consider
	// the decision allowed.
	Expected *Expected `json:"expected,omitempty"`

	// Negated negates the expectation.
	//+kubebuilder:validation:Optional
	Negated bool `json:"negated,omitempty"`

	// Path is the path to the value which we check our expectation against.
	Path string `json:"path"`
}

AllowedMapping specifies how to determine if a decision is allowed or not.

func (*AllowedMapping) DeepCopy 

func (in *AllowedMapping) DeepCopy() *AllowedMapping

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllowedMapping.

func (*AllowedMapping) DeepCopyInto 

func (in *AllowedMapping) DeepCopyInto(out *AllowedMapping)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ColumnMapping 

type ColumnMapping struct {
	// Key is the name of the column as shown in the decision log.
	Key string `json:"key"`

	// Path is where in the decision result the value for the column is found.
	Path string `json:"path"`
}

ColumnMapping specifies how a value in the decision result should be mapped to a column in the Styra decision log.

func (*ColumnMapping) DeepCopy 

func (in *ColumnMapping) DeepCopy() *ColumnMapping

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ColumnMapping.

func (*ColumnMapping) DeepCopyInto 

func (in *ColumnMapping) DeepCopyInto(out *ColumnMapping)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Condition 

type Condition struct {
	// Type is the ConditionType of the Condition.
	Type ConditionType `json:"type"`

	// Status is the status of the Condition.
	Status metav1.ConditionStatus `json:"status"`

	// LastProbeTime is a timestamp for the last time the condition was checked.
	LastProbeTime metav1.Time `json:"lastProbeTime,omitempty"`

	// LastTransitionTime is a timestamp for the last time that the condition
	// changed state.
	LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"`
}

Condition represents a System condition.

func (*Condition) DeepCopy 

func (in *Condition) DeepCopy() *Condition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition.

func (*Condition) DeepCopyInto 

func (in *Condition) DeepCopyInto(out *Condition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ConditionType 

type ConditionType string

ConditionType is a System Condition type. 

const (
	// ConditionTypeCreatedInStyra is a ConditionType used when the system has
	// been created in Styra.
	ConditionTypeCreatedInStyra ConditionType = "CreatedInStyra"

	// ConditionTypeGitCredentialsUpdated is a ConditionType used when git
	// credentials are updated in Styra.
	ConditionTypeGitCredentialsUpdated ConditionType = "GitCredentialsUpdated"

	// ConditionTypeSubjectsUpdated is a ConditionType used when the subjects of
	// the System are updated in Styra.
	ConditionTypeSubjectsUpdated ConditionType = "SubjectsUpdated"

	// ConditionTypeDatasourcesUpdated is a ConditionType used when
	// the datasources of the System are updated in Styra.
	ConditionTypeDatasourcesUpdated ConditionType = "DatasourcesUpdated"

	// ConditionTypeOPAConfigMapUpdated is a ConditionType used when
	// the ConfigMap for the OPA are updated in the cluster.
	ConditionTypeOPAConfigMapUpdated ConditionType = "OPAConfigMapUpdated"

	// ConditionTypeOPATokenUpdated is a ConditionType used when
	// the secret with the Styra token has been updated in the cluster.
	ConditionTypeOPATokenUpdated ConditionType = "OPATokenUpdated"

	// ConditionTypeSLPConfigMapUpdated is a COnditionType used when
	// the ConfigMap for the SLP are updated in the cluster.
	ConditionTypeSLPConfigMapUpdated ConditionType = "SLPConfigMapUpdated"

	// ConditionTypeSystemConfigUpdated is a ConditionType used when
	// the configuration of the System are updated in Styra.
	ConditionTypeSystemConfigUpdated ConditionType = "SystemConfigUpdated"
)

type Datasource 

type Datasource struct {
	// Path is the path within the system where the datasource should reside.
	Path string `json:"path"`
}

Datasource represents a Styra datasource to be mounted in the system.

func (*Datasource) DeepCopy 

func (in *Datasource) DeepCopy() *Datasource

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Datasource.

func (*Datasource) DeepCopyInto 

func (in *Datasource) DeepCopyInto(out *Datasource)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type DecisionMapping 

type DecisionMapping struct {
	// Name is the name of the decision mapping.
	//+kubebuilder:validation:Optional
	Name string `json:"name"`

	// Columns holds a list of ColumnMapping for the decision mapping.
	Columns []ColumnMapping `json:"columns,omitempty"`

	//+kubebuilder:validation:Optional
	Reason ReasonMapping `json:"reason,omitempty"`

	Allowed *AllowedMapping `json:"allowed,omitempty"`
}

DecisionMapping specifies how a system decision mapping should be configured. This allows configuration of when a decision is considered allowed or not. It also provides the ability to show additional columns in Styra.

func (*DecisionMapping) DeepCopy 

func (in *DecisionMapping) DeepCopy() *DecisionMapping

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DecisionMapping.

func (*DecisionMapping) DeepCopyInto 

func (in *DecisionMapping) DeepCopyInto(out *DecisionMapping)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type DiscoveryOverrides added in v0.6.0 

type DiscoveryOverrides struct {
	Status             *OPAConfigStatus             `json:"status"`
	DistributedTracing *OPAConfigDistributedTracing `json:"distributed_tracing,omitempty"`
}

DiscoveryOverrides specifies system specific overrides for the configuration served from the Styra OPA Discovery API

func (*DiscoveryOverrides) DeepCopy added in v0.6.0 

func (in *DiscoveryOverrides) DeepCopy() *DiscoveryOverrides

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DiscoveryOverrides.

func (*DiscoveryOverrides) DeepCopyInto added in v0.6.0 

func (in *DiscoveryOverrides) DeepCopyInto(out *DiscoveryOverrides)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Expected 

type Expected struct {
	// String holds a pointer to a string if the Expected value represents a
	// string.
	//+kubebuilder:validation:Optional
	String *string `json:"string,omitempty"`

	// Boolean holds a pointer to a bool if the Expected value represents a
	// bool.
	//+kubebuilder:validation:Optional
	Boolean *bool `json:"boolean,omitempty"`

	// Integer holds a pointer to an int if the Expected value represents an int.
	//+kubebuilder:validation:Optional
	Integer *int `json:"integer,omitempty"`
}

Expected represents an expected value. When using this type only one of the fields should be set.

func (*Expected) DeepCopy 

func (in *Expected) DeepCopy() *Expected

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Expected.

func (*Expected) DeepCopyInto 

func (in *Expected) DeepCopyInto(out *Expected)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (Expected) Value 

func (e Expected) Value() interface{}

Value returns the value of an Expected type. It is either a string, boolean, or an integer.

type GitRepo 

type GitRepo struct {
	// CredentialsSecretName is a reference to an existing secret which holds git
	// credentials. This secret should have the keys `name` and `secret`. The
	// `name` key should contain the http basic auth username and the `secret`
	// key should contain the http basic auth password.
	CredentialsSecretName string `json:"credentialsSecretName,omitempty"`

	// Path is the path in the git repo where the policies are located.
	Path string `json:"path,omitempty"`

	// Reference is used to point to a tag or branch. This will be ignored if
	// `Commit` is specified.
	Reference string `json:"reference,omitempty"`

	// Commit is used to point to a specific commit SHA. This takes precedence
	// over `Reference` if both are specified.
	Commit string `json:"commit,omitempty"`

	// URL is the URL of the git repo.
	URL string `json:"url"`
}

GitRepo specifies the configuration for how to pull policy from git.

func (*GitRepo) DeepCopy 

func (in *GitRepo) DeepCopy() *GitRepo

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitRepo.

func (*GitRepo) DeepCopyInto 

func (in *GitRepo) DeepCopyInto(out *GitRepo)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LocalPlane 

type LocalPlane struct {
	// Name is the hostname of the SLP service.
	Name string `json:"name"`
}

LocalPlane specifies how the Styra Local Plane should be configured. This is used to generate Secret and ConfigMap for the SLP to consume.

func (*LocalPlane) DeepCopy 

func (in *LocalPlane) DeepCopy() *LocalPlane

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalPlane.

func (*LocalPlane) DeepCopyInto 

func (in *LocalPlane) DeepCopyInto(out *LocalPlane)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OPAConfigDistributedTracing added in v0.6.0 

type OPAConfigDistributedTracing struct {
	Type             string `json:"type,omitempty"`
	Address          string `json:"address,omitempty"`
	ServiceName      string `json:"service_name,omitempty"`
	SamplePercentage int    `json:"sample_percentage,omitempty"`
	//+kubebuilder:validation:Enum=off;tls;mtls
	Encryption        string `json:"encryption,omitempty"`
	AllowInsecureTLS  bool   `json:"allow_insecure_tls,omitempty"`
	TLSCACertFile     string `json:"tls_ca_cert_file,omitempty"`
	TLSCertFile       string `json:"tls_cert_file,omitempty"`
	TLSPrivateKeyFile string `json:"tls_private_key_file,omitempty"`
}

OPAConfigDistributedTracing configures the `distributed_tracing` key in the OPA configuration.

func (*OPAConfigDistributedTracing) DeepCopy added in v0.6.0 

func (in *OPAConfigDistributedTracing) DeepCopy() *OPAConfigDistributedTracing

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OPAConfigDistributedTracing.

func (*OPAConfigDistributedTracing) DeepCopyInto added in v0.6.0 

func (in *OPAConfigDistributedTracing) DeepCopyInto(out *OPAConfigDistributedTracing)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OPAConfigStatus added in v0.6.0 

type OPAConfigStatus struct {
	Prometheus bool `json:"prometheus"`
}

OPAConfigStatus configures the `status` key in the OPA configuration

func (*OPAConfigStatus) DeepCopy added in v0.6.0 

func (in *OPAConfigStatus) DeepCopy() *OPAConfigStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OPAConfigStatus.

func (*OPAConfigStatus) DeepCopyInto added in v0.6.0 

func (in *OPAConfigStatus) DeepCopyInto(out *OPAConfigStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ReasonMapping 

type ReasonMapping struct {
	// Path is the path to where the reason is found in the decision result.
	Path string `json:"path,omitempty"`
}

ReasonMapping specifies where the reason of the decision can be found.

func (*ReasonMapping) DeepCopy 

func (in *ReasonMapping) DeepCopy() *ReasonMapping

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReasonMapping.

func (*ReasonMapping) DeepCopyInto 

func (in *ReasonMapping) DeepCopyInto(out *ReasonMapping)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SourceControl 

type SourceControl struct {
	Origin GitRepo `json:"origin"`
}

SourceControl holds SourceControl configuration.

func (*SourceControl) DeepCopy 

func (in *SourceControl) DeepCopy() *SourceControl

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SourceControl.

func (*SourceControl) DeepCopyInto 

func (in *SourceControl) DeepCopyInto(out *SourceControl)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Subject 

type Subject struct {
	// Kind is the SubjectKind of the subject.
	//+kubebuilder:validation:Enum=user;group
	Kind SubjectKind `json:"kind,omitempty"`

	// Name is the name of the subject. The meaning of this field depends on the
	// SubjectKind.
	Name string `json:"name"`
}

Subject represents a subject which has been granted access to the system. The subject is assigned the roles set in the controller configuration file.

func (*Subject) DeepCopy 

func (in *Subject) DeepCopy() *Subject

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Subject.

func (*Subject) DeepCopyInto 

func (in *Subject) DeepCopyInto(out *Subject)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (Subject) IsUser 

func (subject Subject) IsUser() bool

IsUser returns whether or not the kind of the subject is a user.

type SubjectKind 

type SubjectKind string

SubjectKind represents a kind of a subject. 

const (
	// SubjectKindUser is the subject kind user.
	SubjectKindUser SubjectKind = "user"

	// SubjectKindGroup is the subject kind group.
	SubjectKindGroup SubjectKind = "group"
)

type System 

type System struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Spec is the specification of the System resource.
	Spec SystemSpec `json:"spec,omitempty"`

	// Status is the status of the System resource.
	Status SystemStatus `json:"status,omitempty"`
}

System is the Schema for the Systems API.

func (*System) DeepCopy 

func (in *System) DeepCopy() *System

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new System.

func (*System) DeepCopyInto 

func (in *System) DeepCopyInto(out *System)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*System) DeepCopyObject 

func (in *System) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*System) Default 

func (s *System) Default()

Default implements webhook.Defaulter so that a webhook can be registered for the type.

func (*System) DisplayName 

func (s *System) DisplayName(prefix, suffix string) string

DisplayName returns the System's name with a prefix and suffix.

func (*System) GitSecretID 

func (s *System) GitSecretID() string

GitSecretID returns the Styra internal ID of the Git Secret used by the System.

func (*System) SetCondition 

func (s *System) SetCondition(conditionType ConditionType, status metav1.ConditionStatus)

SetCondition updates the matching condition under the System's status field.

func (*System) SetupWebhookWithManager 

func (s *System) SetupWebhookWithManager(mgr ctrl.Manager) error

SetupWebhookWithManager registers the System webhooks with the Manager.

func (*System) ValidateCreate 

func (s *System) ValidateCreate() (admission.Warnings, error)

ValidateCreate implements webhook.Validator so that a webhook can be registered for the type.

func (*System) ValidateDelete 

func (s *System) ValidateDelete() (admission.Warnings, error)

ValidateDelete implements webhook.Validator so that a webhook will be registered for the type.

func (*System) ValidateUpdate 

func (s *System) ValidateUpdate(_ runtime.Object) (admission.Warnings, error)

ValidateUpdate implements webhook.Validator so that a webhook will be registered for the type.

type SystemList 

type SystemList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []System `json:"items"`
}

SystemList represents a list of System resources.

func (*SystemList) DeepCopy 

func (in *SystemList) DeepCopy() *SystemList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SystemList.

func (*SystemList) DeepCopyInto 

func (in *SystemList) DeepCopyInto(out *SystemList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*SystemList) DeepCopyObject 

func (in *SystemList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type SystemPhase 

type SystemPhase string

SystemPhase is a status phase of the System. 

const (
	// SystemPhasePending is a SystemPhase used when the System has not yet been
	// reconciled.
	SystemPhasePending SystemPhase = "Pending"

	// SystemPhaseFailed is a SystemPhase used when the System failed to
	// reconcile.
	SystemPhaseFailed SystemPhase = "Failed"

	// SystemPhaseCreated is a SystemPhase used when the System is fully
	// reconciled.
	SystemPhaseCreated SystemPhase = "Created"
)

type SystemSpec 

type SystemSpec struct {
	// DeletionProtection disables deletion of the system in Styra, when the
	// System resource is deleted.
	DeletionProtection *bool `json:"deletionProtection,omitempty"`

	// Subjects is the list of subjects which should have access to the system.
	Subjects []Subject `json:"subjects,omitempty"`

	// DecisionMappings holds the list of decision mappings for the system.
	DecisionMappings []DecisionMapping `json:"decisionMappings,omitempty"`

	// Datasources represents a list of Styra datasources to be mounted in the
	// system.
	Datasources []Datasource `json:"datasources,omitempty"`

	// DiscoveryOverrides is an opa config which will take precedence over the
	// configuration supplied by Styra discovery API. Configuration set here
	// will be merged with the configuration supplied by the discovery API.
	DiscoveryOverrides *DiscoveryOverrides `json:"discoveryOverrides,omitempty"`

	SourceControl *SourceControl `json:"sourceControl,omitempty"`
	LocalPlane    *LocalPlane    `json:"localPlane,omitempty"`
}

SystemSpec is the specification of the System resource.

func (*SystemSpec) DeepCopy 

func (in *SystemSpec) DeepCopy() *SystemSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SystemSpec.

func (*SystemSpec) DeepCopyInto 

func (in *SystemSpec) DeepCopyInto(out *SystemSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SystemStatus 

type SystemStatus struct {
	// ID is the system ID in Styra.
	ID string `json:"id,omitempty"`

	// Ready is true when the system is created and in sync.
	Ready bool `json:"ready"`

	// Phase is the current state of syncing the system.
	//+kubebuilder:default=Pending
	//+kubebuilder:validation:Enum=Pending;Failed;Created
	Phase SystemPhase `json:"phase,omitempty"`

	// Failure message holds a message when Phase is Failed.
	FailureMessage string `json:"failureMessage,omitempty"`

	// Conditions holds a list of Condition which describes the state of the
	// System.
	Conditions []Condition `json:"conditions,omitempty"`
}

SystemStatus defines the observed state of System.

func (*SystemStatus) DeepCopy 

func (in *SystemStatus) DeepCopy() *SystemStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SystemStatus.

func (*SystemStatus) DeepCopyInto 

func (in *SystemStatus) DeepCopyInto(out *SystemStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.