Documentation ¶
Overview ¶
Package settings is the internal version of the API. +groupName=settings.gardener.cloud
Index ¶
- Constants
- Variables
- func Kind(kind string) schema.GroupKind
- func Resource(resource string) schema.GroupResource
- type ClusterOpenIDConnectPresetdeprecated
- func (in *ClusterOpenIDConnectPreset) DeepCopy() *ClusterOpenIDConnectPreset
- func (in *ClusterOpenIDConnectPreset) DeepCopyInto(out *ClusterOpenIDConnectPreset)
- func (in *ClusterOpenIDConnectPreset) DeepCopyObject() runtime.Object
- func (o *ClusterOpenIDConnectPreset) GetPresetSpec() *OpenIDConnectPresetSpec
- func (o *ClusterOpenIDConnectPreset) SetPresetSpec(s *OpenIDConnectPresetSpec)
- type ClusterOpenIDConnectPresetList
- type ClusterOpenIDConnectPresetSpec
- type KubeAPIServerOpenIDConnect
- type OpenIDConnectClientAuthentication
- type OpenIDConnectPresetdeprecated
- func (in *OpenIDConnectPreset) DeepCopy() *OpenIDConnectPreset
- func (in *OpenIDConnectPreset) DeepCopyInto(out *OpenIDConnectPreset)
- func (in *OpenIDConnectPreset) DeepCopyObject() runtime.Object
- func (o *OpenIDConnectPreset) GetPresetSpec() *OpenIDConnectPresetSpec
- func (o *OpenIDConnectPreset) SetPresetSpec(s *OpenIDConnectPresetSpec)
- type OpenIDConnectPresetList
- type OpenIDConnectPresetSpec
- type Preset
Constants ¶
const GroupName = "settings.gardener.cloud"
GroupName is the name of the settings API group.
Variables ¶
var ( // SchemeBuilder is a new Scheme Builder which registers our API. SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) // AddToScheme is a reference to the Scheme Builder's AddToScheme function. AddToScheme = SchemeBuilder.AddToScheme )
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}
SchemeGroupVersion is group version used to register these objects.
Functions ¶
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource takes an unqualified resource and returns back a Group qualified GroupResource.
Types ¶
type ClusterOpenIDConnectPreset
deprecated
type ClusterOpenIDConnectPreset struct { metav1.TypeMeta // Standard object metadata. metav1.ObjectMeta // Spec is the specification of this OpenIDConnect preset. Spec ClusterOpenIDConnectPresetSpec }
ClusterOpenIDConnectPreset is a OpenID Connect configuration that is applied to a Shoot objects cluster-wide.
Deprecated: This resource is deprecated and will be removed after support for Kubernetes 1.31 is dropped. Please configure and use structured authentication instead of oidc flags. For more information check https://github.com/gardener/gardener/issues/9858 TODO(AleksandarSavchev): Remove this resource after support for Kubernetes 1.31 is dropped.
func (*ClusterOpenIDConnectPreset) DeepCopy ¶
func (in *ClusterOpenIDConnectPreset) DeepCopy() *ClusterOpenIDConnectPreset
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterOpenIDConnectPreset.
func (*ClusterOpenIDConnectPreset) DeepCopyInto ¶
func (in *ClusterOpenIDConnectPreset) DeepCopyInto(out *ClusterOpenIDConnectPreset)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterOpenIDConnectPreset) DeepCopyObject ¶
func (in *ClusterOpenIDConnectPreset) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*ClusterOpenIDConnectPreset) GetPresetSpec ¶
func (o *ClusterOpenIDConnectPreset) GetPresetSpec() *OpenIDConnectPresetSpec
GetPresetSpec returns a pointer to the OpenIDConnect specification.
func (*ClusterOpenIDConnectPreset) SetPresetSpec ¶
func (o *ClusterOpenIDConnectPreset) SetPresetSpec(s *OpenIDConnectPresetSpec)
SetPresetSpec sets the OpenIDConnect specification.
type ClusterOpenIDConnectPresetList ¶
type ClusterOpenIDConnectPresetList struct { metav1.TypeMeta // Standard list object metadata. metav1.ListMeta // Items is the list of ClusterOpenIDConnectPresets. Items []ClusterOpenIDConnectPreset }
ClusterOpenIDConnectPresetList is a collection of ClusterOpenIDConnectPresets.
func (*ClusterOpenIDConnectPresetList) DeepCopy ¶
func (in *ClusterOpenIDConnectPresetList) DeepCopy() *ClusterOpenIDConnectPresetList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterOpenIDConnectPresetList.
func (*ClusterOpenIDConnectPresetList) DeepCopyInto ¶
func (in *ClusterOpenIDConnectPresetList) DeepCopyInto(out *ClusterOpenIDConnectPresetList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterOpenIDConnectPresetList) DeepCopyObject ¶
func (in *ClusterOpenIDConnectPresetList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ClusterOpenIDConnectPresetSpec ¶
type ClusterOpenIDConnectPresetSpec struct { OpenIDConnectPresetSpec // Project decides whether to apply the configuration if the // Shoot is in a specific Project matching the label selector. // Use the selector only if the OIDC Preset is opt-in, because end // users may skip the admission by setting the labels. // Defaults to the empty LabelSelector, which matches everything. ProjectSelector *metav1.LabelSelector }
ClusterOpenIDConnectPresetSpec contains the OpenIDConnect specification and project selector matching Shoots in Projects.
func (*ClusterOpenIDConnectPresetSpec) DeepCopy ¶
func (in *ClusterOpenIDConnectPresetSpec) DeepCopy() *ClusterOpenIDConnectPresetSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterOpenIDConnectPresetSpec.
func (*ClusterOpenIDConnectPresetSpec) DeepCopyInto ¶
func (in *ClusterOpenIDConnectPresetSpec) DeepCopyInto(out *ClusterOpenIDConnectPresetSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KubeAPIServerOpenIDConnect ¶
type KubeAPIServerOpenIDConnect struct { // If set, the OpenID server's certificate will be verified by one of the authorities in the oidc-ca-file, otherwise the host's root CA set will be used. CABundle *string // The client ID for the OpenID Connect client. // Required. ClientID string // If provided, the name of a custom OpenID Connect claim for specifying user groups. The claim value is expected to be a string or array of strings. This flag is experimental, please see the authentication documentation for further details. GroupsClaim *string // If provided, all groups will be prefixed with this value to prevent conflicts with other authentication strategies. GroupsPrefix *string // The URL of the OpenID issuer, only HTTPS scheme will be accepted. If set, it will be used to verify the OIDC JSON Web Token (JWT). // Required. IssuerURL string // key=value pairs that describes a required claim in the ID Token. If set, the claim is verified to be present in the ID Token with a matching value. RequiredClaims map[string]string // List of allowed JOSE asymmetric signing algorithms. JWTs with a 'alg' header value not in this list will be rejected. Values are defined by RFC 7518 https://tools.ietf.org/html/rfc7518#section-3.1 SigningAlgs []string // The OpenID claim to use as the user name. Note that claims other than the default ('sub') is not guaranteed to be unique and immutable. This flag is experimental, please see the authentication documentation for further details. (default "sub") UsernameClaim *string // If provided, all usernames will be prefixed with this value. If not provided, username claims other than 'email' are prefixed by the issuer URL to avoid clashes. To skip any prefixing, provide the value '-'. UsernamePrefix *string }
KubeAPIServerOpenIDConnect contains configuration settings for the OIDC provider. Note: Descriptions were taken from the Kubernetes documentation.
func (*KubeAPIServerOpenIDConnect) DeepCopy ¶
func (in *KubeAPIServerOpenIDConnect) DeepCopy() *KubeAPIServerOpenIDConnect
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeAPIServerOpenIDConnect.
func (*KubeAPIServerOpenIDConnect) DeepCopyInto ¶
func (in *KubeAPIServerOpenIDConnect) DeepCopyInto(out *KubeAPIServerOpenIDConnect)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type OpenIDConnectClientAuthentication ¶
type OpenIDConnectClientAuthentication struct { // The client Secret for the OpenID Connect client. Secret *string // Extra configuration added to kubeconfig's auth-provider. // Must not be any of idp-issuer-url, client-id, client-secret, idp-certificate-authority, idp-certificate-authority-data, id-token or refresh-token ExtraConfig map[string]string }
OpenIDConnectClientAuthentication contains configuration for OIDC clients.
func (*OpenIDConnectClientAuthentication) DeepCopy ¶
func (in *OpenIDConnectClientAuthentication) DeepCopy() *OpenIDConnectClientAuthentication
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenIDConnectClientAuthentication.
func (*OpenIDConnectClientAuthentication) DeepCopyInto ¶
func (in *OpenIDConnectClientAuthentication) DeepCopyInto(out *OpenIDConnectClientAuthentication)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type OpenIDConnectPreset
deprecated
type OpenIDConnectPreset struct { metav1.TypeMeta // Standard object metadata. metav1.ObjectMeta Spec OpenIDConnectPresetSpec }
OpenIDConnectPreset is a OpenID Connect configuration that is applied to a Shoot in a namespace.
Deprecated: This resource is deprecated and will be removed after support for Kubernetes 1.31 is dropped. Please configure and use structured authentication instead of oidc flags. For more information check https://github.com/gardener/gardener/issues/9858 TODO(AleksandarSavchev): Remove this resource after support for Kubernetes 1.31 is dropped.
func (*OpenIDConnectPreset) DeepCopy ¶
func (in *OpenIDConnectPreset) DeepCopy() *OpenIDConnectPreset
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenIDConnectPreset.
func (*OpenIDConnectPreset) DeepCopyInto ¶
func (in *OpenIDConnectPreset) DeepCopyInto(out *OpenIDConnectPreset)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*OpenIDConnectPreset) DeepCopyObject ¶
func (in *OpenIDConnectPreset) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*OpenIDConnectPreset) GetPresetSpec ¶
func (o *OpenIDConnectPreset) GetPresetSpec() *OpenIDConnectPresetSpec
GetPresetSpec returns a pointer to the OpenIDConnect specification.
func (*OpenIDConnectPreset) SetPresetSpec ¶
func (o *OpenIDConnectPreset) SetPresetSpec(s *OpenIDConnectPresetSpec)
SetPresetSpec sets the OpenIDConnect specification.
type OpenIDConnectPresetList ¶
type OpenIDConnectPresetList struct { metav1.TypeMeta // Standard list object metadata. metav1.ListMeta // Items is the list of OpenIDConnectPresets. Items []OpenIDConnectPreset }
OpenIDConnectPresetList is a collection of OpenIDConnectPresets.
func (*OpenIDConnectPresetList) DeepCopy ¶
func (in *OpenIDConnectPresetList) DeepCopy() *OpenIDConnectPresetList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenIDConnectPresetList.
func (*OpenIDConnectPresetList) DeepCopyInto ¶
func (in *OpenIDConnectPresetList) DeepCopyInto(out *OpenIDConnectPresetList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*OpenIDConnectPresetList) DeepCopyObject ¶
func (in *OpenIDConnectPresetList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type OpenIDConnectPresetSpec ¶
type OpenIDConnectPresetSpec struct { // Server contains the kube-apiserver's OpenID Connect configuration. // This configuration is not overwriting any existing OpenID Connect // configuration already set on the Shoot object. Server KubeAPIServerOpenIDConnect // Client contains the configuration used for client OIDC authentication // of Shoot clusters. // This configuration is not overwriting any existing OpenID Connect // client authentication already set on the Shoot object. // // Deprecated: The OpenID Connect configuration this field specifies is not used and will be forbidden starting from Kubernetes 1.31. // It's use was planned for genereting OIDC kubeconfig https://github.com/gardener/gardener/issues/1433 // TODO(AleksandarSavchev): Drop this field after support for Kubernetes 1.30 is dropped. Client *OpenIDConnectClientAuthentication // ShootSelector decides whether to apply the configuration if the // Shoot has matching labels. // Use the selector only if the OIDC Preset is opt-in, because end // users may skip the admission by setting the labels. // Default to the empty LabelSelector, which matches everything. ShootSelector *metav1.LabelSelector // Weight associated with matching the corresponding preset, // in the range 1-100. // Required. Weight int32 }
OpenIDConnectPresetSpec contains the Shoot selector for which a specific OpenID Connect configuration is applied.
func (*OpenIDConnectPresetSpec) DeepCopy ¶
func (in *OpenIDConnectPresetSpec) DeepCopy() *OpenIDConnectPresetSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenIDConnectPresetSpec.
func (*OpenIDConnectPresetSpec) DeepCopyInto ¶
func (in *OpenIDConnectPresetSpec) DeepCopyInto(out *OpenIDConnectPresetSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Preset ¶
type Preset interface { metav1.ObjectMetaAccessor GetPresetSpec() *OpenIDConnectPresetSpec SetPresetSpec(s *OpenIDConnectPresetSpec) }
Preset offers access to the specification of a OpenID preset object. Mainly used for tests.
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package v1alpha1 is a version of the API.
|
Package v1alpha1 is a version of the API. |