v1alpha1

package
v0.0.0-...-f1775f8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 20, 2024 License: MIT Imports: 7 Imported by: 0

Documentation

Overview

Package v1alpha1 contains API Schema definitions for the irsa v1alpha1 API group +kubebuilder:object:generate=true +groupName=irsa-manager.kkb0318.github.io

Index

Constants

View Source 
const (
	ModeSelfhosted = SetupMode("selfhosted")
	ModeEks        = SetupMode("eks")
)
View Source 
const (
	// IRSAKind represents the kind attribute of an IRSA resource.
	IRSAKind = "IRSA"
)
View Source 
const (
	// IRSASetupKind represents the kind attribute of an IRSASetup resource.
	IRSASetupKind = "IRSASetup"
)
View Source 
const (
	// ReadyCondition indicates the resource is ready and fully reconciled.
	// If the Condition is False, the resource SHOULD be considered to be in the process of reconciling and not a
	// representation of actual state.
	ReadyCondition string = "Ready"
)

Variables

View Source 
var (
	// GroupVersion is group version used to register these objects
	GroupVersion = schema.GroupVersion{Group: "irsa-manager.kkb0318.github.io", Version: "v1alpha1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

func HasConditionReason 

func HasConditionReason(cond *metav1.Condition, reasons ...string) bool

HasConditionReason

func IsReadyConditionTrue 

func IsReadyConditionTrue(irsa IRSASetup) bool

func ReadyStatus 

func ReadyStatus(irsa IRSASetup) *metav1.Condition

ReadyStatus

Types

type Discovery 

type Discovery struct {
	// S3 specifies the AWS S3 bucket details where the OIDC provider's discovery information is hosted.
	S3 S3Discovery `json:"s3,omitempty"`
}

Discovery holds the configuration for IdP Discovery, which is crucial for locating the OIDC provider in a self-hosted environment.

func (*Discovery) DeepCopy 

func (in *Discovery) DeepCopy() *Discovery

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Discovery.

func (*Discovery) DeepCopyInto 

func (in *Discovery) DeepCopyInto(out *Discovery)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EksConditionReason 

type EksConditionReason string
const (
	EksNotReady    EksConditionReason = "EksOIDCNotReady"
	EksReasonReady EksConditionReason = "EksOIDCSetupReady"
)

type IRSA 

type IRSA struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IRSASpec   `json:"spec,omitempty"`
	Status IRSAStatus `json:"status,omitempty"`
}

IRSA is the Schema for the irsas API

func IRSAStatusNotReady 

func IRSAStatusNotReady(irsa IRSA, reason, message string) IRSA

func IRSAStatusReady 

func IRSAStatusReady(irsa IRSA, reason, message string) IRSA

func IRSAStatusRemoveServiceAccount 

func IRSAStatusRemoveServiceAccount(irsa IRSA, namespacedNames []types.NamespacedName) IRSA

func IRSAStatusSetServiceAccount 

func IRSAStatusSetServiceAccount(irsa IRSA, namespacedNames []types.NamespacedName) IRSA

func (*IRSA) DeepCopy 

func (in *IRSA) DeepCopy() *IRSA

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IRSA.

func (*IRSA) DeepCopyInto 

func (in *IRSA) DeepCopyInto(out *IRSA)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IRSA) DeepCopyObject 

func (in *IRSA) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*IRSA) GetIRSAStatusConditions 

func (in *IRSA) GetIRSAStatusConditions() *[]metav1.Condition

GetIRSAStatusConditions returns a pointer to the Conditions slice

func (*IRSA) GetIRSAStatusServiceAccounts 

func (in *IRSA) GetIRSAStatusServiceAccounts() *StatusServiceAccountList

GetIRSAStatusServiceAccounts returns a pointer to the ServiceAccount slice

type IRSAList 

type IRSAList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IRSA `json:"items"`
}

IRSAList contains a list of IRSA

func (*IRSAList) DeepCopy 

func (in *IRSAList) DeepCopy() *IRSAList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IRSAList.

func (*IRSAList) DeepCopyInto 

func (in *IRSAList) DeepCopyInto(out *IRSAList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IRSAList) DeepCopyObject 

func (in *IRSAList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IRSANamespacedNameWithTags 

type IRSANamespacedNameWithTags struct {
	Name      string `json:"name"`
	Namespace string `json:"namespace"`
}

IRSANamespacedNameWithTags is like a types.NamespacedName with JSON tags

func (*IRSANamespacedNameWithTags) DeepCopy 

func (in *IRSANamespacedNameWithTags) DeepCopy() *IRSANamespacedNameWithTags

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IRSANamespacedNameWithTags.

func (*IRSANamespacedNameWithTags) DeepCopyInto 

func (in *IRSANamespacedNameWithTags) DeepCopyInto(out *IRSANamespacedNameWithTags)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IRSAReason 

type IRSAReason string
const (
	IRSAReasonFailedRoleUpdate IRSAReason = "IRSAFailedRoleUpdate"
	IRSAReasonFailedK8sApply   IRSAReason = "IRSAFailedApplyingResources"
	IRSAReasonFailedK8sCleanUp IRSAReason = "IRSAFailedDeletingResources"
	IRSAReasonReady            IRSAReason = "IRSAReady"
)

type IRSAServiceAccount 

type IRSAServiceAccount struct {
	// Name represents the name of the Kubernetes service account
	Name string `json:"name,omitempty"`
	// Namespaces represents the list of namespaces where the service account is used
	Namespaces []string `json:"namespaces,omitempty"`
}

IRSAServiceAccount represents the details of the Kubernetes service account

func (*IRSAServiceAccount) DeepCopy 

func (in *IRSAServiceAccount) DeepCopy() *IRSAServiceAccount

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IRSAServiceAccount.

func (*IRSAServiceAccount) DeepCopyInto 

func (in *IRSAServiceAccount) DeepCopyInto(out *IRSAServiceAccount)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IRSAServiceAccount) NamespacedNameList 

func (sa *IRSAServiceAccount) NamespacedNameList() []types.NamespacedName

NamespacedNameList returns a slice of types.NamespacedName constructed from the Name and Namespace settings.

type IRSASetup 

type IRSASetup struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IRSASetupSpec   `json:"spec,omitempty"`
	Status IRSASetupStatus `json:"status,omitempty"`
}

IRSASetup represents a configuration for setting up IAM Roles for Service Accounts (IRSA) in a Kubernetes cluster.

func SetupStatusReady 

func SetupStatusReady(irsa IRSASetup, reason, message string) IRSASetup

func StatusNotReady 

func StatusNotReady(irsa IRSASetup, reason, message string) IRSASetup

func (*IRSASetup) DeepCopy 

func (in *IRSASetup) DeepCopy() *IRSASetup

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IRSASetup.

func (*IRSASetup) DeepCopyInto 

func (in *IRSASetup) DeepCopyInto(out *IRSASetup)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IRSASetup) DeepCopyObject 

func (in *IRSASetup) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*IRSASetup) GetStatusConditions 

func (in *IRSASetup) GetStatusConditions() *[]metav1.Condition

GetStatusConditions returns a pointer to the Status.Conditions slice

type IRSASetupList 

type IRSASetupList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IRSASetup `json:"items"`
}

IRSASetupList contains a list of IRSASetup

func (*IRSASetupList) DeepCopy 

func (in *IRSASetupList) DeepCopy() *IRSASetupList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IRSASetupList.

func (*IRSASetupList) DeepCopyInto 

func (in *IRSASetupList) DeepCopyInto(out *IRSASetupList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IRSASetupList) DeepCopyObject 

func (in *IRSASetupList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IRSASetupSpec 

type IRSASetupSpec struct {
	// Cleanup, when enabled, allows the IRSASetup to perform garbage collection
	// of resources that are no longer needed or managed.
	// +required
	Cleanup bool `json:"cleanup"`

	// Mode specifies the operation mode of the controller.
	// Possible values:
	//   - "selfhosted": For self-managed Kubernetes clusters.
	//   - "eks": For Amazon EKS environments.
	// Default: "selfhosted"
	Mode SetupMode `json:"mode,omitempty"`

	// Discovery configures the IdP Discovery process, essential for setting up IRSA by locating
	// the OIDC provider information.
	// Only applicable when Mode is "selfhosted".
	Discovery Discovery `json:"discovery,omitempty"`

	// IamOIDCProvider configures IAM OIDC IamOIDCProvider Name
	// Only applicable when Mode is "eks".
	IamOIDCProvider string `json:"iamOIDCProvider,omitempty"`
}

IRSASetupSpec defines the desired state of IRSASetup

func (*IRSASetupSpec) DeepCopy 

func (in *IRSASetupSpec) DeepCopy() *IRSASetupSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IRSASetupSpec.

func (*IRSASetupSpec) DeepCopyInto 

func (in *IRSASetupSpec) DeepCopyInto(out *IRSASetupSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IRSASetupStatus 

type IRSASetupStatus struct {
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

IRSASetupStatus defines the observed state of IRSASetup

func (*IRSASetupStatus) DeepCopy 

func (in *IRSASetupStatus) DeepCopy() *IRSASetupStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IRSASetupStatus.

func (*IRSASetupStatus) DeepCopyInto 

func (in *IRSASetupStatus) DeepCopyInto(out *IRSASetupStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IRSASpec 

type IRSASpec struct {
	// Cleanup, when enabled, allows the IRSA to perform garbage collection
	// of resources that are no longer needed or managed.
	// +required
	Cleanup bool `json:"cleanup"`

	// ServiceAccount represents the Kubernetes service account associated with the IRSA.
	// +required
	ServiceAccount IRSAServiceAccount `json:"serviceAccount,omitempty"`

	// IamRole represents the IAM role details associated with the IRSA.
	// +required
	IamRole IamRole `json:"iamRole,omitempty"`

	// IamPolicies represents the list of IAM policies to be attached to the IAM role.
	// You can set both the policy name (only AWS default policies) or the full ARN.
	// +required
	IamPolicies []string `json:"iamPolicies,omitempty"`
}

IRSASpec defines the desired state of IRSA

func (*IRSASpec) DeepCopy 

func (in *IRSASpec) DeepCopy() *IRSASpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IRSASpec.

func (*IRSASpec) DeepCopyInto 

func (in *IRSASpec) DeepCopyInto(out *IRSASpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IRSAStatus 

type IRSAStatus struct {
	Conditions []metav1.Condition `json:"conditions,omitempty"`
	// Inventory of applied service resources
	ServiceAccounts StatusServiceAccountList `json:"serviceAccounts,omitempty"`
}

IRSAStatus defines the observed state of IRSA.

func (*IRSAStatus) DeepCopy 

func (in *IRSAStatus) DeepCopy() *IRSAStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IRSAStatus.

func (*IRSAStatus) DeepCopyInto 

func (in *IRSAStatus) DeepCopyInto(out *IRSAStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IRSAStatus) ServiceNamespacedNameList 

func (s *IRSAStatus) ServiceNamespacedNameList() []types.NamespacedName

type IamRole 

type IamRole struct {
	// Name represents the name of the IAM role.
	Name string `json:"name,omitempty"`
}

IamRole represents the IAM role configuration

func (*IamRole) DeepCopy 

func (in *IamRole) DeepCopy() *IamRole

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IamRole.

func (*IamRole) DeepCopyInto 

func (in *IamRole) DeepCopyInto(out *IamRole)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type S3Discovery 

type S3Discovery struct {
	// Region denotes the AWS region where the S3 bucket is located.
	Region string `json:"region"`

	// BucketName is the name of the S3 bucket that hosts the OIDC discovery information.
	BucketName string `json:"bucketName"`
}

S3Discovery contains the specifics of the S3 bucket used for hosting OIDC provider discovery information.

func (*S3Discovery) DeepCopy 

func (in *S3Discovery) DeepCopy() *S3Discovery

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new S3Discovery.

func (*S3Discovery) DeepCopyInto 

func (in *S3Discovery) DeepCopyInto(out *S3Discovery)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SelfhostedConditionReason 

type SelfhostedConditionReason string
const (
	SelfHostedReasonFailedWebhook SelfhostedConditionReason = "SelfHostedSetupFailedWebhookCreation"
	SelfHostedReasonFailedOidc    SelfhostedConditionReason = "SelfHostedSetupFailedOidcCreation"
	SelfHostedReasonFailedIssuer  SelfhostedConditionReason = "SelfHostedSetupFailedIssuer"
	SelfHostedReasonFailedKeys    SelfhostedConditionReason = "SelfHostedSetupFailedKeysCreation"
	SelfHostedReasonReady         SelfhostedConditionReason = "SelfHostedSetupReady"
)

type SetupMode 

type SetupMode string

+kubebuilder:default=selfhosted +kubebuilder:validation:Enum=selfhosted;eks +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable"

type StatusServiceAccountList 

type StatusServiceAccountList []IRSANamespacedNameWithTags

func (*StatusServiceAccountList) Append 

func (s *StatusServiceAccountList) Append(nsNames types.NamespacedName)

Append adds a new IRSANamespacedNameWithTags to the StatusServiceAccountList. If the provided NamespacedName already exists in the list, it will be ignored.

func (StatusServiceAccountList) DeepCopy 

func (in StatusServiceAccountList) DeepCopy() StatusServiceAccountList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StatusServiceAccountList.

func (StatusServiceAccountList) DeepCopyInto 

func (in StatusServiceAccountList) DeepCopyInto(out *StatusServiceAccountList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*StatusServiceAccountList) Delete 

func (s *StatusServiceAccountList) Delete(nsNames types.NamespacedName)

Delete removes an IRSANamespacedNameWithTags from the StatusServiceAccountList that matches the provided NamespacedName. If the provided NamespacedName does not exist in the list, the method does nothing.

func (*StatusServiceAccountList) IsExist 

func (s *StatusServiceAccountList) IsExist(nsNames types.NamespacedName) bool

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.