v1alpha1

package
v0.1.23 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 4, 2024 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Overview

+k8s:deepcopy-gen=package,register +groupName=identity.unikorn-cloud.org

Index

Constants

View Source
const (
	// GroupName is the Kubernetes API group our resources belong to.
	GroupName = "identity.unikorn-cloud.org"
	// GroupVersion is the version of our custom resources.
	GroupVersion = "v1alpha1"
	// Group is group/version of our resources.
	Group = GroupName + "/" + GroupVersion
)

Variables

View Source
var (
	// SchemeGroupVersion defines the GV of our resources.
	//nolint:gochecknoglobals
	SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: GroupVersion}

	// SchemeBuilder creates a mapping between GVK and type.
	//nolint:gochecknoglobals
	SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}

	// AddToScheme adds our GVK to resource mappings to an existing scheme.
	//nolint:gochecknoglobals
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

func Resource

func Resource(resource string) schema.GroupResource

Resource maps a resource type to a group resource.

Types

type IdentityProviderType added in v0.1.3

type IdentityProviderType string

IdentityProviderType defines the type of identity provider, and in turn that defines the required configuration and API interfaces. +kubebuilder:validation:Enum=google;microsoft

const (
	GoogleIdentity IdentityProviderType = "google"
	MicrosoftEntra IdentityProviderType = "microsoft"
)

type OAuth2Client

type OAuth2Client struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              OAuth2ClientSpec   `json:"spec"`
	Status            OAuth2ClientStatus `json:"status,omitempty"`
}

OAuth2Client describes an oauth2 client. +genclient +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +kubebuilder:resource:scope=Namespaced,categories=unikorn +kubebuilder:printcolumn:name="client id",type="string",JSONPath=".spec.id" +kubebuilder:printcolumn:name="redirect uri",type="string",JSONPath=".spec.redirectUri" +kubebuilder:printcolumn:name="age",type="date",JSONPath=".metadata.creationTimestamp"

func (*OAuth2Client) DeepCopy

func (in *OAuth2Client) DeepCopy() *OAuth2Client

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth2Client.

func (*OAuth2Client) DeepCopyInto

func (in *OAuth2Client) DeepCopyInto(out *OAuth2Client)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*OAuth2Client) DeepCopyObject

func (in *OAuth2Client) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type OAuth2ClientList

type OAuth2ClientList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []OAuth2Client `json:"items"`
}

OAuth2ClientList is a typed list of frontend clients. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*OAuth2ClientList) DeepCopy

func (in *OAuth2ClientList) DeepCopy() *OAuth2ClientList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth2ClientList.

func (*OAuth2ClientList) DeepCopyInto

func (in *OAuth2ClientList) DeepCopyInto(out *OAuth2ClientList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*OAuth2ClientList) DeepCopyObject

func (in *OAuth2ClientList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type OAuth2ClientSpec

type OAuth2ClientSpec struct {
	// ID uniquely identifes the client.
	ID string `json:"id"`
	// RedirectURI is the URI to pass control back to the client.
	RedirectURI string `json:"redirectUri"`
	// LoginURI is a URI to pass control to for login dialogs.
	LoginURI *string `json:"loginUri,omitempty"`
}

OAuth2ClientSpec defines the required configuration for the client.

func (*OAuth2ClientSpec) DeepCopy

func (in *OAuth2ClientSpec) DeepCopy() *OAuth2ClientSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth2ClientSpec.

func (*OAuth2ClientSpec) DeepCopyInto

func (in *OAuth2ClientSpec) DeepCopyInto(out *OAuth2ClientSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OAuth2ClientStatus

type OAuth2ClientStatus struct {
}

OAuth2ClientStatus defines the status of the client.

func (*OAuth2ClientStatus) DeepCopy

func (in *OAuth2ClientStatus) DeepCopy() *OAuth2ClientStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth2ClientStatus.

func (*OAuth2ClientStatus) DeepCopyInto

func (in *OAuth2ClientStatus) DeepCopyInto(out *OAuth2ClientStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OAuth2Provider

type OAuth2Provider struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              OAuth2ProviderSpec   `json:"spec"`
	Status            OAuth2ProviderStatus `json:"status,omitempty"`
}

OAuth2Provider describes an oauth2 provider. +genclient +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +kubebuilder:resource:scope=Namespaced,categories=unikorn +kubebuilder:printcolumn:name="display name",type="string",JSONPath=".spec.displayName" +kubebuilder:printcolumn:name="issuer",type="string",JSONPath=".spec.issuer" +kubebuilder:printcolumn:name="client ID",type="string",JSONPath=".spec.clientID" +kubebuilder:printcolumn:name="age",type="date",JSONPath=".metadata.creationTimestamp"

func (*OAuth2Provider) DeepCopy

func (in *OAuth2Provider) DeepCopy() *OAuth2Provider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth2Provider.

func (*OAuth2Provider) DeepCopyInto

func (in *OAuth2Provider) DeepCopyInto(out *OAuth2Provider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*OAuth2Provider) DeepCopyObject

func (in *OAuth2Provider) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type OAuth2ProviderList

type OAuth2ProviderList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []OAuth2Provider `json:"items"`
}

OAuth2ProviderList is a typed list of backend servers. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*OAuth2ProviderList) DeepCopy

func (in *OAuth2ProviderList) DeepCopy() *OAuth2ProviderList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth2ProviderList.

func (*OAuth2ProviderList) DeepCopyInto

func (in *OAuth2ProviderList) DeepCopyInto(out *OAuth2ProviderList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*OAuth2ProviderList) DeepCopyObject

func (in *OAuth2ProviderList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type OAuth2ProviderSpec

type OAuth2ProviderSpec struct {
	// Type defines the interface to use with the provider, specifically
	// how to retrieve group information for fine-grained RBAC.  For certain
	// global provider types e.g. Google or Microsoft, only a single instance
	// of that type should be specified, doing otherwise will result in
	// undefined behaviour.
	Type IdentityProviderType `json:"type"`
	// DisplayName is a user readable issuer name.
	DisplayName string `json:"displayName"`
	// The issuer is typically provided by the identity provider as an
	// OIDC discovery endpoint e.g. https://accounts.google.com.
	// This will be used to verify issued JWTs have the same "iss" claim.
	Issuer string `json:"issuer"`
	// ClientID is the assigned client identifier.
	ClientID string `json:"clientID"`
	// ClientSecret is created by the IdP for token exchange.
	ClientSecret *string `json:"clientSecret,omitempty"`
}

OAuth2ProviderSpec defines the required configuration for an oauth2 provider.

func (*OAuth2ProviderSpec) DeepCopy

func (in *OAuth2ProviderSpec) DeepCopy() *OAuth2ProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth2ProviderSpec.

func (*OAuth2ProviderSpec) DeepCopyInto

func (in *OAuth2ProviderSpec) DeepCopyInto(out *OAuth2ProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OAuth2ProviderStatus

type OAuth2ProviderStatus struct {
}

OAuth2ProviderStatus defines the status of the server.

func (*OAuth2ProviderStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth2ProviderStatus.

func (*OAuth2ProviderStatus) DeepCopyInto

func (in *OAuth2ProviderStatus) DeepCopyInto(out *OAuth2ProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Organization added in v0.1.3

type Organization struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              OrganizationSpec   `json:"spec"`
	Status            OrganizationStatus `json:"status,omitempty"`
}

Organization describes an identity mapping. The main job of this type is to take an email address identity, extract the domain and use it to resolve an identity provider. It also is the place where users within that domain can be allowed based on groups/claims offered by that identity provider to limit access. +genclient +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +kubebuilder:resource:scope=Namespaced,categories=unikorn +kubebuilder:printcolumn:name="domain",type="string",JSONPath=".spec.domain" +kubebuilder:printcolumn:name="provider",type="string",JSONPath=".spec.providerName" +kubebuilder:printcolumn:name="age",type="date",JSONPath=".metadata.creationTimestamp"

func (*Organization) DeepCopy added in v0.1.3

func (in *Organization) DeepCopy() *Organization

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Organization.

func (*Organization) DeepCopyInto added in v0.1.3

func (in *Organization) DeepCopyInto(out *Organization)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Organization) DeepCopyObject added in v0.1.3

func (in *Organization) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type OrganizationGroup added in v0.1.3

type OrganizationGroup struct {
	// ID is the a unique, and immutable identifier for the group, the intent
	// being that resources will belong to a group irrespective of display name
	// changes.
	ID string `json:"id"`
	// Name is the name to display the group as in UIs and other UX
	// interfaces.  This should again be unique within the organization to
	// avoid ambiguity, but may be changed.
	Name string `json:"name"`
	// ProviderName is the name of the group as returned by the provider.
	// For example a query of https://cloudidentity.googleapis.com/v1/groups/
	// will return something like groups/01664s551ax43ok.
	ProviderGroupName *string `json:"providerGroupName,omitempty"`
	// Users are a list of user names that are members of the group.
	Users []string `json:"users,omitempty"`
	// Roles are a list of roles users of the group inherit.
	Roles []string `json:"roles,omitempty"`
}

func (*OrganizationGroup) DeepCopy added in v0.1.3

func (in *OrganizationGroup) DeepCopy() *OrganizationGroup

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationGroup.

func (*OrganizationGroup) DeepCopyInto added in v0.1.3

func (in *OrganizationGroup) DeepCopyInto(out *OrganizationGroup)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OrganizationList added in v0.1.3

type OrganizationList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Organization `json:"items"`
}

OrganizationList is a typed list of identity mappings. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*OrganizationList) DeepCopy added in v0.1.3

func (in *OrganizationList) DeepCopy() *OrganizationList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationList.

func (*OrganizationList) DeepCopyInto added in v0.1.3

func (in *OrganizationList) DeepCopyInto(out *OrganizationList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*OrganizationList) DeepCopyObject added in v0.1.3

func (in *OrganizationList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type OrganizationProviderGoogleSpec added in v0.1.3

type OrganizationProviderGoogleSpec struct {
	// CustomerID is retrieved from the "Account Settings > Profile" page on
	// https://admin.google.com for your organisation and is required to
	// lookup user groups for fine-grained RBAC.
	CustomerID string `json:"customerId"`
}

func (*OrganizationProviderGoogleSpec) DeepCopy added in v0.1.3

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationProviderGoogleSpec.

func (*OrganizationProviderGoogleSpec) DeepCopyInto added in v0.1.3

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OrganizationProviderOptions added in v0.1.3

type OrganizationProviderOptions struct {
	// If the referenced provider is set to "google" then the following
	// parameters should be specified.
	Google *OrganizationProviderGoogleSpec `json:"google,omitempty"`
}

func (*OrganizationProviderOptions) DeepCopy added in v0.1.3

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationProviderOptions.

func (*OrganizationProviderOptions) DeepCopyInto added in v0.1.3

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OrganizationSpec added in v0.1.3

type OrganizationSpec struct {
	// Domain is used by unikorn-identity to map an end-user provided
	// email address to an identity provider.
	Domain *string `json:"domain,omitempty"`
	// ProviderName is the name of an explicit oauth2/oidc provider.
	// When using a domain mapping.
	ProviderName *string `json:"providerName,omitempty"`
	// ProviderOptions is the configuration for a specific provider type.
	// When using domain mapping.
	ProviderOptions *OrganizationProviderOptions `json:"providerOptions,omitempty"`
	// Groups defines the set of groups that are allowed to be mapped
	// from the identity provider into unikorn.  If no groups are specified
	// then it is assumed all users have access to everything.
	Groups []OrganizationGroup `json:"groups,omitempty"`
}

OrganizationSpec defines the required configuration for the server.

func (*OrganizationSpec) DeepCopy added in v0.1.3

func (in *OrganizationSpec) DeepCopy() *OrganizationSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationSpec.

func (*OrganizationSpec) DeepCopyInto added in v0.1.3

func (in *OrganizationSpec) DeepCopyInto(out *OrganizationSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OrganizationStatus added in v0.1.3

type OrganizationStatus struct {
}

OrganizationStatus defines the status of the server.

func (*OrganizationStatus) DeepCopy added in v0.1.3

func (in *OrganizationStatus) DeepCopy() *OrganizationStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationStatus.

func (*OrganizationStatus) DeepCopyInto added in v0.1.3

func (in *OrganizationStatus) DeepCopyInto(out *OrganizationStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Role added in v0.1.23

type Role struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              RoleSpec   `json:"spec"`
	Status            RoleStatus `json:"status,omitempty"`
}

Role defines a role type that forms the basis of RBAC. Permissions are applied to arbitrary scopes that are used by individual components to allow or prevent API access. Roles are additive, so effective RBAC permssions should be create from the boolean union for any roles that apply to a user. Roles can optionally be scoped to an organization to allow deep customization of roles and permissions within that organization, for example the system management organization may have an onboarding role that allows basic account creation before handing off to the user. +genclient +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +kubebuilder:resource:scope=Namespaced,categories=unikorn +kubebuilder:printcolumn:name="age",type="date",JSONPath=".metadata.creationTimestamp"

func (*Role) DeepCopy added in v0.1.23

func (in *Role) DeepCopy() *Role

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Role.

func (*Role) DeepCopyInto added in v0.1.23

func (in *Role) DeepCopyInto(out *Role)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Role) DeepCopyObject added in v0.1.23

func (in *Role) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type RoleList added in v0.1.23

type RoleList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Role `json:"items"`
}

+k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*RoleList) DeepCopy added in v0.1.23

func (in *RoleList) DeepCopy() *RoleList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleList.

func (*RoleList) DeepCopyInto added in v0.1.23

func (in *RoleList) DeepCopyInto(out *RoleList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RoleList) DeepCopyObject added in v0.1.23

func (in *RoleList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type RoleScope added in v0.1.23

type RoleScope struct {
	// Name is a unique name that applies to the scope.  Individual APIs should
	// coordinate with one another to avoid clashes and privilege escallation.
	Name string `json:"name"`
	// Permissions defines a set of CRUD permissions for the scope.
	// +listType=set
	Permissions []constants.Permission `json:"permissions,omitempty"`
}

func (*RoleScope) DeepCopy added in v0.1.23

func (in *RoleScope) DeepCopy() *RoleScope

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleScope.

func (*RoleScope) DeepCopyInto added in v0.1.23

func (in *RoleScope) DeepCopyInto(out *RoleScope)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RoleSpec added in v0.1.23

type RoleSpec struct {
	// IsDefault indicates that all authenticated users are granted
	// the following scopes regardless of organizational group membership
	// and typically are required for organization discovery and RBAC functionality
	// in the first instance.
	IsDefault bool `json:"isDefault,omitempty"`
	// Scopes are a list of uniquely named scopes for the role.
	// +listType=map
	// +listMapKey=name
	Scopes []RoleScope `json:"scopes,omitempty"`
}

RoleSpec defines the role's requested state.

func (*RoleSpec) DeepCopy added in v0.1.23

func (in *RoleSpec) DeepCopy() *RoleSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleSpec.

func (*RoleSpec) DeepCopyInto added in v0.1.23

func (in *RoleSpec) DeepCopyInto(out *RoleSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RoleStatus added in v0.1.23

type RoleStatus struct {
}

RoleStatus defines any role status information.

func (*RoleStatus) DeepCopy added in v0.1.23

func (in *RoleStatus) DeepCopy() *RoleStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleStatus.

func (*RoleStatus) DeepCopyInto added in v0.1.23

func (in *RoleStatus) DeepCopyInto(out *RoleStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL