Documentation
¶
Overview ¶
Package v1alpha1 contains API Schema definitions for the redhatcop v1alpha1 API group +kubebuilder:object:generate=true +groupName=redhatcop.redhat.io
Index ¶
Constants ¶
View Source
const ( OneSyncScope SyncScope = "one" SubSyncScope SyncScope = "sub" ConfigMapObjectRefKind ObjectRefKind = "ConfigMap" SecretMapObjectRefKind ObjectRefKind = "Secret" )
Variables ¶
View Source
var ( // GroupVersion is group version used to register these objects GroupVersion = schema.GroupVersion{Group: "redhatcop.redhat.io", Version: "v1alpha1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
Functions ¶
This section is empty.
Types ¶
type AzureProvider ¶
type AzureProvider struct {
// BaseGroups allows for a set of groups to be specified to start searching from instead of searching all groups in the directory
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Base Groups",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Optional
BaseGroups []string `json:"baseGroups,omitempty"`
// Ca is a reference to a Secret or ConfigMap containing a CA certificate to communicate to Azure
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Resource Containing the CA Certificate",xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
// +kubebuilder:validation:Optional
Ca *ObjectRef `json:"ca,omitempty"`
// CaSecret is a reference to a secret containing a CA certificate to communicate to Azure
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Resource Containing the CA Certificate",xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
// +kubebuilder:validation:Optional
// Deprecated: Use Ca instead.
CaSecret *ObjectRef `json:"caSecret,omitempty"`
// CredentialsSecret is a reference to a secret containing authentication details for communicating to Azure
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Secret Containing the Credentials",xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
// +kubebuilder:validation:Required
CredentialsSecret *ObjectRef `json:"credentialsSecret"`
// Filter allows for limiting the results from the groups response using the Filter feature of the Azure Graph API
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Filter",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Optional
Filter string `json:"filter,omitempty"`
// Insecure specifies whether to allow for unverified certificates to be used when communicating to Azure
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Ignore SSL Verification",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:booleanSwitch"}
// +kubebuilder:validation:Optional
Insecure bool `json:"insecure,omitempty"`
// Groups represents a filtered list of groups to synchronize
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Groups to Synchronize",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Optional
Groups []string `json:"groups,omitempty"`
// AuthorityHost is the location of the Azure Active Directory endpoint
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Azure URL",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Optional
AuthorityHost *string `json:"authorityHost,omitempty"`
// UserNameAttributes are the fields to consider on the User object containing the username
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Azure UserName Attributes",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Optional
UserNameAttributes *[]string `json:"userNameAttributes,omitempty"`
// Prune Whether to prune groups that are no longer in Azure. Default is false
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Prune",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:booleanSwitch"}
// +kubebuilder:validation:Optional
Prune bool `json:"prune"`
}
AzureProvider represents integration with Azure +k8s:openapi-gen=true
func (*AzureProvider) DeepCopy ¶
func (in *AzureProvider) DeepCopy() *AzureProvider
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureProvider.
func (*AzureProvider) DeepCopyInto ¶
func (in *AzureProvider) DeepCopyInto(out *AzureProvider)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GitHubProvider ¶
type GitHubProvider struct {
// Ca is a reference to a Secret or ConfigMap containing a CA certificate to communicate to the GitHub server
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Resource Containing the CA Certificate",xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
// +kubebuilder:validation:Optional
Ca *ObjectRef `json:"ca,omitempty"`
// CaSecret is a reference to a secret containing a CA certificate to communicate to the GitHub server
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Resource Containing the CA Certificate",xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
// +kubebuilder:validation:Optional
// Deprecated: Use Ca instead.
CaSecret *ObjectRef `json:"caSecret,omitempty"`
// CredentialsSecret is a reference to a secret containing authentication details for the GitHub server
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Secret Containing the Credentials",xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
// +kubebuilder:validation:Required
CredentialsSecret *ObjectRef `json:"credentialsSecret"`
// Insecure specifies whether to allow for unverified certificates to be used when communicating to GitHab
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Ignore SSL Verification",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:booleanSwitch"}
// +kubebuilder:validation:Optional
Insecure bool `json:"insecure,omitempty"`
// Organization represents the location to source teams to synchronize
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Organization to Synchronize",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Optional
Organization string `json:"organization,omitempty"`
// Teams represents a filtered list of teams to synchronize
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Teams to Synchronize",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Optional
Teams []string `json:"teams,omitempty"`
// Map users by SCIM Id. This will usually match your IDP id, like UPN when using AAD.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Map users by SCIM-ID",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Optional
MapByScimId bool `json:"mapByScimId,omitempty"`
// URL is the location of the GitHub server
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="GitHub URL",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Required
// +kubebuilder:default="https://api.github.com/"
URL *string `json:"url,omitempty"`
// V4URL is the location of the GitHub server graphql endpoint.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="GitHub v4URL (graphql)",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Optional
// +kubebuilder:default="https://api.github.com/graphql"
V4URL *string `json:"v4url,omitempty"`
// Prune Whether to prune groups that are no longer in GitHub. Default is false
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Prune",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:booleanSwitch"}
// +kubebuilder:validation:Optional
Prune bool `json:"prune"`
}
GitHubProvider represents integration with GitHub +k8s:openapi-gen=true
func (*GitHubProvider) DeepCopy ¶
func (in *GitHubProvider) DeepCopy() *GitHubProvider
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubProvider.
func (*GitHubProvider) DeepCopyInto ¶
func (in *GitHubProvider) DeepCopyInto(out *GitHubProvider)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GitLabProvider ¶
type GitLabProvider struct {
// Ca is a reference to a Secret or ConfigMap containing a CA certificate to communicate to the GitLab server
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Resource Containing the CA Certificate",xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
// +kubebuilder:validation:Optional
Ca *ObjectRef `json:"ca,omitempty"`
// CaSecret is a reference to a secret containing a CA certificate to communicate to the GitLab server
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Resource Containing the CA Certificate",xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
// +kubebuilder:validation:Optional
// Deprecated: Use Ca instead.
CaSecret *ObjectRef `json:"caSecret,omitempty"`
// CredentialsSecret is a reference to a secret containing authentication details for the GitLab server
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Secret Containing the Credentials",xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
// +kubebuilder:validation:Required
CredentialsSecret *ObjectRef `json:"credentialsSecret"`
// Groups represents a filtered list of groups to synchronize
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Groups to Synchronize",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Optional
Groups []string `json:"groups,omitempty"`
// Insecure specifies whether to allow for unverified certificates to be used when communicating to GitLab
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Ignore SSL Verification",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:booleanSwitch"}
// +kubebuilder:validation:Optional
Insecure bool `json:"insecure,omitempty"`
// Prune Whether to prune groups that are no longer in GitLab. Default is false
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Prune",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:booleanSwitch"}
// +kubebuilder:validation:Optional
Prune bool `json:"prune"`
// Scope represents the depth for which groups will be synchronized
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Scope to synchronize against"
// +kubebuilder:validation:Optional
// +kubebuilder:validation:Enum=one;sub
Scope SyncScope `json:"scope,omitempty"`
// URL is the location of the GitLab server
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="GitLab URL",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Optional
// +kubebuilder:default="https://gitlab.com"
URL *string `json:"url,omitempty"`
}
GitLabProvider represents integration with GitLab +k8s:openapi-gen=true
func (*GitLabProvider) DeepCopy ¶
func (in *GitLabProvider) DeepCopy() *GitLabProvider
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitLabProvider.
func (*GitLabProvider) DeepCopyInto ¶
func (in *GitLabProvider) DeepCopyInto(out *GitLabProvider)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GroupSync ¶
type GroupSync struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec GroupSyncSpec `json:"spec,omitempty"`
Status GroupSyncStatus `json:"status,omitempty"`
}
GroupSync is the Schema for the groupsyncs API +operator-sdk:csv:customresourcedefinitions:displayName="Group Sync" +kubebuilder:resource:path=groupsyncs,scope=Namespaced +k8s:openapi-gen=true
func (*GroupSync) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupSync.
func (*GroupSync) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*GroupSync) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*GroupSync) GetConditions ¶
func (*GroupSync) SetConditions ¶
type GroupSyncList ¶
type GroupSyncList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []GroupSync `json:"items"`
}
GroupSyncList contains a list of GroupSync +k8s:openapi-gen=true
func (*GroupSyncList) DeepCopy ¶
func (in *GroupSyncList) DeepCopy() *GroupSyncList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupSyncList.
func (*GroupSyncList) DeepCopyInto ¶
func (in *GroupSyncList) DeepCopyInto(out *GroupSyncList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*GroupSyncList) DeepCopyObject ¶
func (in *GroupSyncList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type GroupSyncSpec ¶
type GroupSyncSpec struct {
// List of Providers that can be mounted by containers belonging to the pod.
// +patchMergeKey=name
// +patchStrategy=merge,retainKeys
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Providers"
Providers []Provider `json:"providers,omitempty" patchStrategy:"merge,retainKeys" patchMergeKey:"name" protobuf:"bytes,1,rep,name=providers"`
// Schedule represents a cron based configuration for synchronization
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Schedule",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Optional
Schedule string `json:"schedule,omitempty"`
// ExcludeInvalidGroupNames excludes Groups with names that are not RFC 1035 compliant.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Exclude Invalid Group Names",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:booleanSwitch"}
// +kubebuilder:validation:Optional
ExcludeInvalidGroupNames bool `json:"excludeInvalidGroupNames,omitempty"`
}
GroupSyncSpec defines the desired state of GroupSync +k8s:openapi-gen=true
func (*GroupSyncSpec) DeepCopy ¶
func (in *GroupSyncSpec) DeepCopy() *GroupSyncSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupSyncSpec.
func (*GroupSyncSpec) DeepCopyInto ¶
func (in *GroupSyncSpec) DeepCopyInto(out *GroupSyncSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GroupSyncStatus ¶
type GroupSyncStatus struct {
// +patchMergeKey=type
// +patchStrategy=merge
// +listType=map
// +listMapKey=type
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=status,displayName="Conditions",xDescriptors={"urn:alm:descriptor:io.kubernetes.conditions"}
Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"`
// LastSyncSuccessTime represents the time last synchronization completed successfully
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=status,displayName="Last Sync Success Time"
LastSyncSuccessTime *metav1.Time `json:"lastSyncSuccessTime,omitempty"`
}
GroupSyncStatus defines the observed state of GroupSync +k8s:openapi-gen=true
func (*GroupSyncStatus) DeepCopy ¶
func (in *GroupSyncStatus) DeepCopy() *GroupSyncStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupSyncStatus.
func (*GroupSyncStatus) DeepCopyInto ¶
func (in *GroupSyncStatus) DeepCopyInto(out *GroupSyncStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KeycloakProvider ¶
type KeycloakProvider struct {
// Ca is a reference to a Secret or ConfigMap containing a CA certificate to communicate to the Keycloak server
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Resource Containing the CA Certificate",xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
// +kubebuilder:validation:Optional
Ca *ObjectRef `json:"ca,omitempty"`
// CaSecret is a reference to a secret containing a CA certificate to communicate to the Keycloak server
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Resource Containing the CA Certificate",xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
// +kubebuilder:validation:Optional
// Deprecated: Use Ca instead.
CaSecret *ObjectRef `json:"caSecret,omitempty"`
// CredentialsSecret is a reference to a secret containing authentication details for the Keycloak server
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Secret Containing the Credentials",xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
// +kubebuilder:validation:Required
CredentialsSecret *ObjectRef `json:"credentialsSecret"`
// Groups represents a filtered list of groups to synchronize
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Groups to Synchronize"
// +kubebuilder:validation:Optional
Groups []string `json:"groups,omitempty"`
// Insecure specifies whether to allow for unverified certificates to be used when communicating to Keycloak
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Ignore SSL Verification",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:booleanSwitch"}
// +kubebuilder:validation:Optional
Insecure bool `json:"insecure,omitempty"`
// LoginRealm is the Keycloak realm to authenticate against
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Realm to Login Against"
// +kubebuilder:validation:Optional
LoginRealm string `json:"loginRealm,omitempty"`
// Realm is the realm containing the groups to synchronize against
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Realm to Synchronize",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Required
Realm string `json:"realm"`
// Scope represents the depth for which groups will be synchronized
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Scope to synchronize against"
// +kubebuilder:validation:Optional
// +kubebuilder:validation:Enum=one;sub
Scope SyncScope `json:"scope,omitempty"`
// URL is the location of the Keycloak server
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Keycloak URL",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Required
URL string `json:"url"`
// Prune Whether to prune groups that are no longer in Keycloak. Default is false
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Prune",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:booleanSwitch"}
// +kubebuilder:validation:Optional
Prune bool `json:"prune"`
}
KeycloakProvider represents integration with Keycloak +k8s:openapi-gen=true
func (*KeycloakProvider) DeepCopy ¶
func (in *KeycloakProvider) DeepCopy() *KeycloakProvider
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeycloakProvider.
func (*KeycloakProvider) DeepCopyInto ¶
func (in *KeycloakProvider) DeepCopyInto(out *KeycloakProvider)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type LdapProvider ¶
type LdapProvider struct {
// Ca is a reference to a Secret or ConfigMap containing a CA certificate to communicate to LDAP
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Resource Containing the CA Certificate",xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
// +kubebuilder:validation:Optional
Ca *ObjectRef `json:"ca,omitempty"`
// CaSecret is a reference to a secret containing a CA certificate to communicate to LDAP
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Resource Containing the CA Certificate",xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
// +kubebuilder:validation:Optional
// Deprecated: Use Ca instead.
CaSecret *ObjectRef `json:"caSecret,omitempty"`
// CredentialsSecret is a reference to a secret containing authentication details for communicating to LDAP
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Secret Containing the Credentials",xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
// +kubebuilder:validation:Optional
CredentialsSecret *ObjectRef `json:"credentialsSecret,omitempty"`
// Insecure specifies whether to allow for unverified certificates to be used when communicating to LDAP
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Ignore SSL Verification",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:booleanSwitch"}
// +kubebuilder:validation:Optional
Insecure bool `json:"insecure,omitempty"`
/// LDAPGroupUIDToOpenShiftGroupNameMapping is an optional direct mapping of LDAP group UIDs to OpenShift group names
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="LDAP group UID's to OpenShift group name mapping"
// +kubebuilder:validation:Optional
LDAPGroupUIDToOpenShiftGroupNameMapping map[string]string `json:"groupUIDNameMapping"`
// RFC2307Config represents the configuration for a RFC2307 schema
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="RFC2307 configuration"
// +kubebuilder:validation:Optional
// +optional
RFC2307Config *legacyconfigv1.RFC2307Config `json:"rfc2307,omitempty"`
// ActiveDirectoryConfig represents the configuration for Active Directory
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Active Directory configuration"
// +kubebuilder:validation:Optional
ActiveDirectoryConfig *legacyconfigv1.ActiveDirectoryConfig `json:"activeDirectory,omitempty"`
// ActiveDirectoryConfig represents the configuration for Augmented Active Directory
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Augmented Active Directory configuration"
// +kubebuilder:validation:Optional
AugmentedActiveDirectoryConfig *legacyconfigv1.AugmentedActiveDirectoryConfig `json:"augmentedActiveDirectory,omitempty"`
// URL is the location of the LDAP Server
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="LDAP URL",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Required
URL *string `json:"url"`
// Whitelist represents a list of groups to synchronize
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Whitelisted groups to synchronize",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Optional
Whitelist *[]string `json:"whitelist,omitempty"`
// Blacklist represents a list of groups to not synchronize
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Blacklisted groups to not synchronize",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Optional
Blacklist *[]string `json:"blacklist,omitempty"`
// Prune Whether to prune groups that are no longer in LDAP. Default is false
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Prune",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:booleanSwitch"}
// +kubebuilder:validation:Optional
Prune bool `json:"prune"`
}
LdapProvider represents integration with an LDAP server +k8s:openapi-gen=true
func (*LdapProvider) DeepCopy ¶
func (in *LdapProvider) DeepCopy() *LdapProvider
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LdapProvider.
func (*LdapProvider) DeepCopyInto ¶
func (in *LdapProvider) DeepCopyInto(out *LdapProvider)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ObjectRef ¶ added in v0.0.16
type ObjectRef struct {
// Key represents the specific key to reference from the resource
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Key",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Optional
Key string `json:"key,omitempty"`
// Name represents the name of the resource
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Name",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Required
Name string `json:"name"`
// Namespace represents the namespace containing the resource
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Namespace",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Required
Namespace string `json:"namespace"`
// Kind is a string value representing the resource type
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Kind",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:select:ConfigMap","urn:alm:descriptor:com.tectonic.ui:select:Secret"}
// +kubebuilder:validation:Optional
// +kubebuilder:validation:Enum:={"ConfigMap","Secret"}
// +kubebuilder:default="Secret"
Kind ObjectRefKind `json:"kind,omitempty"`
}
ObjectRef represents a reference to an item within a Secret +k8s:openapi-gen=true
func (*ObjectRef) DeepCopy ¶ added in v0.0.16
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ObjectRef.
func (*ObjectRef) DeepCopyInto ¶ added in v0.0.16
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ObjectRefKind ¶ added in v0.0.16
type ObjectRefKind string
type OktaProvider ¶
type OktaProvider struct {
// CredentialsSecret is a reference to a secret containing authentication details for the Okta server
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Secret Containing the Credentials",xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
// +kubebuilder:validation:Required
CredentialsSecret *ObjectRef `json:"credentialsSecret"`
// Groups represents a filtered list of groups to synchronize
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Groups to Synchronize",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Optional
Groups []string `json:"groups,omitempty"`
// URL is the location of the Okta domain server
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Okta URL",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Required
URL string `json:"url"`
// AppId is the id of the application we are syncing groups for
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="App ID",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Required
AppId string `json:"appId"`
// ExtractLoginUsername is true if Okta username's are defaulted to emails and you would like the username only
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Extract Login Username",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Optional
ExtractLoginUsername bool `json:"extractLoginUsername"`
// ProfileKey the attribute from Okta you would like to use as the user identifier. Default is "login"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Profile Key",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// +kubebuilder:validation:Optional
ProfileKey string `json:"profileKey"`
// GroupLimit is the maximum number of groups that are requested from OKTA per request. Multiple requests will be made using pagination if you have more groups than this limit. Default is "1000"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Group Limit",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:number"}
// +kubebuilder:validation:Optional
GroupLimit int `json:"groupLimit"`
// Prune Whether to prune groups that are no longer in OKTA. Default is false
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Prune",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:booleanSwitch"}
// +kubebuilder:validation:Optional
Prune bool `json:"prune"`
}
OktaProvider represents integration with Okta +k8s:openapi-gen=true
func (*OktaProvider) DeepCopy ¶
func (in *OktaProvider) DeepCopy() *OktaProvider
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OktaProvider.
func (*OktaProvider) DeepCopyInto ¶
func (in *OktaProvider) DeepCopyInto(out *OktaProvider)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Provider ¶
type Provider struct {
// Name represents the name of the provider
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Name of the Provider"
// +kubebuilder:validation:Required
Name string `json:"name"`
*ProviderType `json:",inline"`
}
Provider represents the container for a single provider +k8s:openapi-gen=true
func (*Provider) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Provider.
func (*Provider) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ProviderType ¶
type ProviderType struct {
// Azure represents the Azure provider
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Azure Provider"
// +kubebuilder:validation:Optional
Azure *AzureProvider `json:"azure,omitempty"`
// GitHub represents the GitHub provider
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="GitHub Provider"
// +kubebuilder:validation:Optional
GitHub *GitHubProvider `json:"github,omitempty"`
// GitLab represents the GitLab provider
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="GitLab Provider"
// +kubebuilder:validation:Optional
GitLab *GitLabProvider `json:"gitlab,omitempty"`
// Ldap represents the LDAP provider
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="LDAP Provider"
// +kubebuilder:validation:Optional
Ldap *LdapProvider `json:"ldap,omitempty"`
// Keycloak represents the Keycloak provider
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Keycloak Provider"
// +kubebuilder:validation:Optional
Keycloak *KeycloakProvider `json:"keycloak,omitempty"`
// Okta represents the Okta provider
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Okta Provider"
// +kubebuilder:validation:Optional
Okta *OktaProvider `json:"okta,omitempty"`
}
ProviderType represents the provider to synchronize against +k8s:openapi-gen=true
func (*ProviderType) DeepCopy ¶
func (in *ProviderType) DeepCopy() *ProviderType
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderType.
func (*ProviderType) DeepCopyInto ¶
func (in *ProviderType) DeepCopyInto(out *ProviderType)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files
Click to show internal directories.
Click to hide internal directories.