v1alpha1

package
v0.0.0-...-cd07ea3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 8, 2024 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Overview

Package v1alpha1 contains API Schema definitions for the templates v1alpha1 API group +groupName=crds.wizardofoz.co

Package v1alpha1 contains API Schema definitions for the templates v1alpha1 API group +kubebuilder:object:generate=true +groupName=crds.wizardofoz.co

Index

Constants

View Source 
const (
	// FieldSelectorMetadataName refers to the metadata.name field on an
	// object, and is used during the creation of the K8S API Client as one of
	// the fields we want to index.
	FieldSelectorMetadataName string = "metadata.name"

	// FieldSelectorStatusPhase refers to the status.phase field on an
	// object, and is used during the creation of the K8S API Client as one of
	// the fields we want to index.
	FieldSelectorStatusPhase string = "status.phase"
)
View Source 
const (
	// DefaultContainerAnnotationKey is the name of the Key in the Pod
	// Annotations that notates which container in the PodSpec is considered
	// the "default" container for kubectl. This annotation is also used to
	// determine which container is mutated by the
	// PodTemplateSpecMutationConfig struct.
	DefaultContainerAnnotationKey = "kubectl.kubernetes.io/default-container"
)

Variables

View Source 
var (
	// GroupVersion is group version used to register these objects
	GroupVersion = schema.GroupVersion{Group: "crds.wizardofoz.co", Version: "v1alpha1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

func ObjectToJSON 

func ObjectToJSON(obj any) string

ObjectToJSON is a quick helper function for pretty-printing an entire K8S object in JSON form. Used in certain debug log statements primarily.

Types

type AccessConfig 

type AccessConfig struct {
	// AllowedGroups lists out the groups (in string name form) that will be allowed to Exec into
	// the target pod.
	//
	// +kubebuilder:validation:Required
	AllowedGroups []string `json:"allowedGroups"`

	// DefaultDuration sets the default time that an access request resource will live. Must
	// be set below MaxDuration.
	//
	// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
	//
	// +kubebuilder:default:="1h"
	DefaultDuration string `json:"defaultDuration"`

	// MaxDuration sets the maximum duration that an access request resource can request to
	// stick around.
	//
	// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
	//
	// +kubebuilder:default:="24h"
	MaxDuration string `json:"maxDuration"`

	// AccessCommand is used to describe to the user how they can make use of their temporary access.
	// The AccessCommand can reference data from a Pod ObjectMeta.
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:default:="kubectl exec -ti -n {{ .Metadata.Namespace }} {{ .Metadata.Name }} -- /bin/sh"
	AccessCommand string `json:"accessCommand"`
}

AccessConfig provides a common interface for our Template structs (which implement ITemplateResource) for defining which entities are being granted access to a resource, and for how long they are granted that access.

func (*AccessConfig) DeepCopy 

func (in *AccessConfig) DeepCopy() *AccessConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessConfig.

func (*AccessConfig) DeepCopyInto 

func (in *AccessConfig) DeepCopyInto(out *AccessConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AccessConfig) GetAllowedGroups 

func (a *AccessConfig) GetAllowedGroups() []string

GetAllowedGroups returns the Spec.AllowedGroups for this particular template

func (*AccessConfig) GetDefaultDuration 

func (a *AccessConfig) GetDefaultDuration() (time.Duration, error)

GetDefaultDuration parses the Spec.defaultDuration field into a time.Duration struct.

Returns: 

time.Duration: Populated struct (or nil, if error)
error: If any error occurs in the parsing, the error is returned

func (*AccessConfig) GetMaxDuration 

func (a *AccessConfig) GetMaxDuration() (time.Duration, error)

GetMaxDuration parses the Spec.maxDuration field into a time.Duration struct.

Returns: 

time.Duration: Populated struct (or nil, if error)
error: If any error occurs in the parsing, the error is returned

type ControllerKind 

type ControllerKind string

ControllerKind is a string that represents an Apps/V1 known controller kind that this codebase supports. This is used to limit the inputs on the AccessTemplate and ExecAccessTemplate CRDs. 

const (
	// DeploymentController maps to APIVersion: apps/v1, Kind: Deployment
	DeploymentController ControllerKind = "Deployment"

	// DaemonSetController maps to APIVersion: apps/v1, Kind: DaemonSet
	DaemonSetController ControllerKind = "DaemonSet"

	// StatefulSetController maps to APIVersion: apps/v1, Kind: StatfulSet
	StatefulSetController ControllerKind = "StatefulSet"
)

type CoreStatus 

type CoreStatus struct {
	// Current status of the Access Template
	Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"`

	// Simple boolean to let us know if the resource is ready for use or not
	Ready bool `json:"ready,omitempty"`

	// AccessMessage is used to describe to the user how they can make use of their temporary access
	// request. Eg, for a PodAccessTemplate the value set here would be something like:
	//
	//   "Access Granted, connect to your pod with: kubectl exec -ti -n namespace pod-xyz -- /bin/bash"
	//
	AccessMessage string `json:"accessMessage,omitempty"`
}

CoreStatus provides a common set of .Status fields and functions. The goal is to conform to the interfaces.OzResource interface commonly across all of our core CRDs.

func (*CoreStatus) DeepCopy 

func (in *CoreStatus) DeepCopy() *CoreStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CoreStatus.

func (*CoreStatus) DeepCopyInto 

func (in *CoreStatus) DeepCopyInto(out *CoreStatus)

DeepCopyInto is typically auto-generated by controller-gen. However, it seems that controller-gen fails when we include the ozResourceCoreStatus.Conditions field. Implementing our own DeepCopyInto function resolves this, but does put the responsibility on us to keep this updated.

func (*CoreStatus) GetAccessMessage 

func (in *CoreStatus) GetAccessMessage() string

GetAccessMessage returns the Status.AccessMessage field.

func (*CoreStatus) GetConditions 

func (in *CoreStatus) GetConditions() *[]metav1.Condition

GetConditions returns a pointer to the list of Conditions in the Status.

func (*CoreStatus) IsReady 

func (in *CoreStatus) IsReady() bool

IsReady conforms to the interfaces.OzResource interface

func (*CoreStatus) SetAccessMessage 

func (in *CoreStatus) SetAccessMessage(msg string)

SetAccessMessage sets (or updates) the Status.AccessMessage field.

func (*CoreStatus) SetReady 

func (in *CoreStatus) SetReady(ready bool)

SetReady conforms to the interfaces.OzResource interface

type CrossVersionObjectReference 

type CrossVersionObjectReference struct {
	// Defines the "APIVersion" of the resource being referred to. Eg, "apps/v1".
	//
	// TODO: Figure out how to regex validate that it has a "/" in it
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:Enum=apps/v1;argoproj.io/v1alpha1
	APIVersion string `json:"apiVersion"`

	// Defines the "Kind" of resource being referred to.
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:Enum=Deployment;DaemonSet;StatefulSet;Rollout
	Kind ControllerKind `json:"kind"`

	// Defines the "metadata.Name" of the target resource.
	// +kubebuilder:validation:Required
	Name string `json:"name"`
}

CrossVersionObjectReference provides us a generic way to define a reference to an APIGroup, Kind and Name of a particular resource. Primarily used for the AccessTemplate and ExecAccessTemplate, but generic enough to be used in other resources down the road.

func (*CrossVersionObjectReference) DeepCopy 

func (in *CrossVersionObjectReference) DeepCopy() *CrossVersionObjectReference

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CrossVersionObjectReference.

func (*CrossVersionObjectReference) DeepCopyInto 

func (in *CrossVersionObjectReference) DeepCopyInto(out *CrossVersionObjectReference)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CrossVersionObjectReference) GetGroup 

func (r *CrossVersionObjectReference) GetGroup() string

GetGroup returns the APIGroup name only (eg "apps")

func (*CrossVersionObjectReference) GetGroupVersionKind 

func (r *CrossVersionObjectReference) GetGroupVersionKind() schema.GroupVersionKind

GetGroupVersionKind returns a populated schema object thta can be used by the unstructured Kubernetes API client to get the final target object from the API.

func (*CrossVersionObjectReference) GetKind 

func (r *CrossVersionObjectReference) GetKind() string

GetKind returns the resource Kind (eg "Deployment")

func (*CrossVersionObjectReference) GetName 

func (r *CrossVersionObjectReference) GetName() string

GetName returns the Name of the resource (eg "MyDeploymentThing")

func (*CrossVersionObjectReference) GetObject 

func (r *CrossVersionObjectReference) GetObject() client.Object

GetObject returns a generic unstructured resource that points to the desired API object. Because this is unstructured (for now), you can really only use this to get metadata back from the API about the resource.

TODO: Figure out if we can cast this into a desired object type in some way that would provide us access to the Spec.

func (*CrossVersionObjectReference) GetTypedObject 

func (r *CrossVersionObjectReference) GetTypedObject(obj client.Object) client.Object

GetTypedObject attempts to do a thing..

func (*CrossVersionObjectReference) GetVersion 

func (r *CrossVersionObjectReference) GetVersion() string

GetVersion returns the API "Version" only (eg "v1")

func (*CrossVersionObjectReference) String 

func (r *CrossVersionObjectReference) String() string

String implements the Stringer interface

type ExecAccessRequest 

type ExecAccessRequest struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   ExecAccessRequestSpec   `json:"spec,omitempty"`
	Status ExecAccessRequestStatus `json:"status,omitempty"`
}

ExecAccessRequest is the Schema for the execaccessrequests API

+kubebuilder:printcolumn:name="Template",type="string",JSONPath=".spec.templateName",description="Access Template" +kubebuilder:printcolumn:name="Pod",type="string",JSONPath=".status.podName",description="Target Pod Name" +kubebuilder:printcolumn:name="Ready",type="boolean",JSONPath=".status.ready",description="Is request ready?"

func GetExecAccessRequest 

func GetExecAccessRequest(
	ctx context.Context,
	cl client.Client,
	name string,
	namespace string,
) (*ExecAccessRequest, error)

GetExecAccessRequest returns back an ExecAccessRequest resource matching the request supplied to the reconciler loop, or returns back an error.

func (*ExecAccessRequest) DeepCopy 

func (in *ExecAccessRequest) DeepCopy() *ExecAccessRequest

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecAccessRequest.

func (*ExecAccessRequest) DeepCopyInto 

func (in *ExecAccessRequest) DeepCopyInto(out *ExecAccessRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ExecAccessRequest) DeepCopyObject 

func (in *ExecAccessRequest) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ExecAccessRequest) Default 

func (r *ExecAccessRequest) Default(_ admission.Request) error

Default implements webhook.Defaulter so a webhook will be registered for the type

func (*ExecAccessRequest) GetDuration 

func (r *ExecAccessRequest) GetDuration() (time.Duration, error)

GetDuration conforms to the interfaces.OzRequestResource interface

func (*ExecAccessRequest) GetPodName 

func (r *ExecAccessRequest) GetPodName() string

GetPodName conforms to the interfaces.OzRequestResource interface

func (*ExecAccessRequest) GetStatus 

func (r *ExecAccessRequest) GetStatus() ICoreStatus

GetStatus implements the ICoreResource interface

func (*ExecAccessRequest) GetTemplate 

func (r *ExecAccessRequest) GetTemplate(
	ctx context.Context,
	cl client.Client,
) (ITemplateResource, error)

GetTemplate returns a populated ExecAccessTemplate that this ExecAccessRequest is referencing.

func (*ExecAccessRequest) GetTemplateName 

func (r *ExecAccessRequest) GetTemplateName() string

GetTemplateName returns the user supplied Spec.templateName field

func (*ExecAccessRequest) GetUptime 

func (r *ExecAccessRequest) GetUptime() time.Duration

GetUptime conforms to the interfaces.OzRequestResource interface

func (*ExecAccessRequest) SetPodName 

func (r *ExecAccessRequest) SetPodName(name string) error

SetPodName conforms to the interfaces.OzRequestResource interface

func (*ExecAccessRequest) SetupWebhookWithManager 

func (r *ExecAccessRequest) SetupWebhookWithManager(mgr ctrl.Manager) error

SetupWebhookWithManager configures the webhook service in the Manager to accept MutatingWebhookConfiguration and ValidatingWebhookConfiguration calls from the Kubernetes API server.

func (*ExecAccessRequest) ValidateCreate 

func (r *ExecAccessRequest) ValidateCreate(req admission.Request) (admission.Warnings, error)

ValidateCreate implements webhook.Validator so a webhook will be registered for the type

func (*ExecAccessRequest) ValidateDelete 

func (r *ExecAccessRequest) ValidateDelete(req admission.Request) (admission.Warnings, error)

ValidateDelete implements webhook.IContextuallyValidatableObject so a webhook will be registered for the type

func (*ExecAccessRequest) ValidateUpdate 

func (r *ExecAccessRequest) ValidateUpdate(_ admission.Request, old runtime.Object) (admission.Warnings, error)

ValidateUpdate prevents immutable updates to the ExecAccessRequest.

type ExecAccessRequestList 

type ExecAccessRequestList struct {
	metav1.TypeMeta `                    json:",inline"`
	metav1.ListMeta `                    json:"metadata,omitempty"`
	Items           []ExecAccessRequest `json:"items"`
}

ExecAccessRequestList contains a list of ExecAccessRequest

func (*ExecAccessRequestList) DeepCopy 

func (in *ExecAccessRequestList) DeepCopy() *ExecAccessRequestList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecAccessRequestList.

func (*ExecAccessRequestList) DeepCopyInto 

func (in *ExecAccessRequestList) DeepCopyInto(out *ExecAccessRequestList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ExecAccessRequestList) DeepCopyObject 

func (in *ExecAccessRequestList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ExecAccessRequestSpec 

type ExecAccessRequestSpec struct {
	// Defines the name of the `ExecAcessTemplate` that should be used to grant access to the target
	// resource.
	//
	// +kubebuilder:validation:Required
	TemplateName string `json:"templateName"`

	// TargetPod is used to explicitly define the target pod that the Exec privilges should be
	// granted to. If not supplied, then a random pod is chosen.
	TargetPod string `json:"targetPod,omitempty"`

	// Duration sets the length of time from the `spec.creationTimestamp` that this object will live. After the
	// time has expired, the resouce will be automatically deleted on the next reconcilliation loop.
	//
	// If omitted, the spec.defautlDuration from the ExecAccessTemplate is used.
	//
	// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
	Duration string `json:"duration,omitempty"`
}

ExecAccessRequestSpec defines the desired state of ExecAccessRequest

func (*ExecAccessRequestSpec) DeepCopy 

func (in *ExecAccessRequestSpec) DeepCopy() *ExecAccessRequestSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecAccessRequestSpec.

func (*ExecAccessRequestSpec) DeepCopyInto 

func (in *ExecAccessRequestSpec) DeepCopyInto(out *ExecAccessRequestSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExecAccessRequestStatus 

type ExecAccessRequestStatus struct {
	CoreStatus `json:",inline"`

	// The Target Pod Name where access has been granted
	PodName string `json:"podName,omitempty"`
}

ExecAccessRequestStatus defines the observed state of ExecAccessRequest

func (*ExecAccessRequestStatus) DeepCopy 

func (in *ExecAccessRequestStatus) DeepCopy() *ExecAccessRequestStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecAccessRequestStatus.

func (*ExecAccessRequestStatus) DeepCopyInto 

func (in *ExecAccessRequestStatus) DeepCopyInto(out *ExecAccessRequestStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExecAccessTemplate 

type ExecAccessTemplate struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   ExecAccessTemplateSpec   `json:"spec,omitempty"`
	Status ExecAccessTemplateStatus `json:"status,omitempty"`
}

ExecAccessTemplate is the Schema for the execaccesstemplates API

+kubebuilder:printcolumn:name="Ready",type="boolean",JSONPath=".status.ready",description="Is template ready?"

func GetExecAccessTemplate 

func GetExecAccessTemplate(
	ctx context.Context,
	cl client.Reader,
	name string,
	namespace string,
) (*ExecAccessTemplate, error)

GetExecAccessTemplate returns back an ExecAccessTemplate resource matching the request supplied to the reconciler loop, or returns back an error.

func (*ExecAccessTemplate) DeepCopy 

func (in *ExecAccessTemplate) DeepCopy() *ExecAccessTemplate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecAccessTemplate.

func (*ExecAccessTemplate) DeepCopyInto 

func (in *ExecAccessTemplate) DeepCopyInto(out *ExecAccessTemplate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ExecAccessTemplate) DeepCopyObject 

func (in *ExecAccessTemplate) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ExecAccessTemplate) GetAccessConfig 

func (t *ExecAccessTemplate) GetAccessConfig() *AccessConfig

GetAccessConfig returns the Spec.accessConfig field for this resource in an AccessConfig object form.

func (*ExecAccessTemplate) GetStatus 

func (t *ExecAccessTemplate) GetStatus() ICoreStatus

GetStatus returns the core Status field for this resource.

Returns: 

AccessRequestStatus

func (*ExecAccessTemplate) GetTargetRef 

func (t *ExecAccessTemplate) GetTargetRef() *CrossVersionObjectReference

GetTargetRef conforms to the controllers.OzTemplateResource interface.

type ExecAccessTemplateList 

type ExecAccessTemplateList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ExecAccessTemplate `json:"items"`
}

ExecAccessTemplateList contains a list of ExecAccessTemplate

func (*ExecAccessTemplateList) DeepCopy 

func (in *ExecAccessTemplateList) DeepCopy() *ExecAccessTemplateList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecAccessTemplateList.

func (*ExecAccessTemplateList) DeepCopyInto 

func (in *ExecAccessTemplateList) DeepCopyInto(out *ExecAccessTemplateList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ExecAccessTemplateList) DeepCopyObject 

func (in *ExecAccessTemplateList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ExecAccessTemplateSpec 

type ExecAccessTemplateSpec struct {
	// AccessConfig provides a common struct for defining who has access to the resources this
	// template controls, how long they have access, etc.
	AccessConfig AccessConfig `json:"accessConfig"`

	// ControllerTargetRef provides a pattern for referencing objects from another API in a generic way.
	//
	// +kubebuilder:validation:Required
	ControllerTargetRef *CrossVersionObjectReference `json:"controllerTargetRef"`
}

ExecAccessTemplateSpec defines the desired state of ExecAccessTemplate

func (*ExecAccessTemplateSpec) DeepCopy 

func (in *ExecAccessTemplateSpec) DeepCopy() *ExecAccessTemplateSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecAccessTemplateSpec.

func (*ExecAccessTemplateSpec) DeepCopyInto 

func (in *ExecAccessTemplateSpec) DeepCopyInto(out *ExecAccessTemplateSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExecAccessTemplateStatus 

type ExecAccessTemplateStatus struct {
	CoreStatus `json:",inline"`
}

ExecAccessTemplateStatus is the core set of status fields that we expect to be in each and every one of our template (AccessTemplate, ExecAccessTemplate, etc) resources.

func (*ExecAccessTemplateStatus) DeepCopy 

func (in *ExecAccessTemplateStatus) DeepCopy() *ExecAccessTemplateStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecAccessTemplateStatus.

func (*ExecAccessTemplateStatus) DeepCopyInto 

func (in *ExecAccessTemplateStatus) DeepCopyInto(out *ExecAccessTemplateStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IConditionType 

type IConditionType interface {
	String() string
}

IConditionType provides an interface for accepting any condition string that has a String() function. This simplifies the controllers/internal/status/update_status.go code to have a single UpdateStatus() function.

+kubebuilder:object:generate=false

type ICoreResource 

type ICoreResource interface {
	// Common client.Object stuff
	metav1.Object
	runtime.Object

	// Returns a Status object that matches our ICoreStatus interface.
	GetStatus() ICoreStatus
}

The ICoreResource interface wraps a standard client.Object resource (metav1.Object + runtime.Object) with a few additional requirements for common methods that we use throughout our reconciliation process.

+kubebuilder:object:generate=false

type ICoreStatus 

type ICoreStatus interface {
	IsReady() bool
	SetReady(bool)
	GetConditions() *[]metav1.Condition
}

ICoreStatus is used to define the core common status functions that all Status structs in this API must adhere to. These common functions simplify the reconciler() functions so that they can easily get/set status on the resources in a common way.

+kubebuilder:object:generate=false

type IPodRequestResource 

type IPodRequestResource interface {
	IRequestResource

	// Sets the Status.PodName field if it is empty. If it is set, returns an error.
	SetPodName(string) error

	// Gets the Status.PodName field, or returns an empty string.
	GetPodName() string
}

IPodRequestResource is a Pod-access specific request interface that exposes a few more functions for storing references to specific Pods that the requestor is being granted access to.

+kubebuilder:object:generate=false

type IRequestResource 

type IRequestResource interface {
	ICoreResource

	// Returns a populated ITemplateResource that this IRequestResource points to
	GetTemplate(context.Context, client.Client) (ITemplateResource, error)

	// Returns the user-supplied Spec.templateName field
	GetTemplateName() string

	// Returns the Spec.duration in time.Duration() format, or nil.
	GetDuration() (time.Duration, error)

	// Returns the uptime in time.Duration() format
	GetUptime() time.Duration
}

IRequestResource represents a common "AccesRequest" resource for the Oz Controller. These requests have a common set of required methods that are used by the OzRequestReconciler.

+kubebuilder:object:generate=false

type IRequestStatus 

type IRequestStatus interface {
	ICoreStatus
	SetAccessMessage(string)
	GetAccessMessage() string
}

IRequestStatus is a more specific Status interface that enables getting and setting access instruction methods.

+kubebuilder:object:generate=false

type ITemplateResource 

type ITemplateResource interface {
	ICoreResource

	// Returns a CrossVersionObjectReference to the controller target for the template. Eg Deployment, StatefulSet, etc.
	GetTargetRef() *CrossVersionObjectReference

	// Returns the Spec.accessConfig
	GetAccessConfig() *AccessConfig
}

ITemplateResource represents a common "AccessTemplate" resource for the Oz Controller. These templates provide different types of access into resources (eg, "Exec" vs "Debug" vs "launch me a dedicated pod"). A set of common methods are required though that are used by the OzTemplateReconciler.

+kubebuilder:object:generate=false

type ITemplateStatus 

type ITemplateStatus interface {
	ICoreStatus
}

ITemplateStatus provides a more specific Status interface for Access Templates. Functionality to come in the future.

+kubebuilder:object:generate=false

type JSONPatchOperation 

type JSONPatchOperation struct {
	// +kubebuilder:validation:Enum=add;remove;replace;move;copy;test
	Operation JSONPatchOperationType `json:"op"`
	// +kubebuilder:validation:Required
	Path string `json:"path"`
	// +kubebuilder:validation:Optional
	Value intstr.IntOrString `json:"value,omitempty"`
}

JSONPatchOperation represents a JSON Patch operation defined in https://www.rfc-editor.org/rfc/rfc6902.html

func (*JSONPatchOperation) DeepCopy 

func (in *JSONPatchOperation) DeepCopy() *JSONPatchOperation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JSONPatchOperation.

func (*JSONPatchOperation) DeepCopyInto 

func (in *JSONPatchOperation) DeepCopyInto(out *JSONPatchOperation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type JSONPatchOperationType 

type JSONPatchOperationType string

JSONPatchOperationType represents a JSON Patch operation defined in https://www.rfc-editor.org/rfc/rfc6902.html. Eg, "add", "remove", etc. 

const (
	JSONPatchOperationTypeAdd     JSONPatchOperationType = "add"
	JSONPatchOperationTypeRemove  JSONPatchOperationType = "remove"
	JSONPatchOperationTypeReplace JSONPatchOperationType = "replace"
	JSONPatchOperationTypeMove    JSONPatchOperationType = "move"
	JSONPatchOperationTypeCopy    JSONPatchOperationType = "copy"
	JSONPatchOperationTypeTest    JSONPatchOperationType = "test"
)

Valid Operation Types

type PodAccessRequest 

type PodAccessRequest struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   PodAccessRequestSpec   `json:"spec,omitempty"`
	Status PodAccessRequestStatus `json:"status,omitempty"`
}

PodAccessRequest is the Schema for the accessrequests API

+kubebuilder:printcolumn:name="Template",type="string",JSONPath=".spec.templateName",description="Access Template" +kubebuilder:printcolumn:name="Pod",type="string",JSONPath=".status.podName",description="Target Pod Name" +kubebuilder:printcolumn:name="Ready",type="boolean",JSONPath=".status.ready",description="Is request ready?"

func GetPodAccessRequest 

func GetPodAccessRequest(
	ctx context.Context,
	cl client.Client,
	name string,
	namespace string,
) (*PodAccessRequest, error)

GetPodAccessRequest returns back an ExecAccessRequest resource matching the request supplied to the reconciler loop, or returns back an error.

func (*PodAccessRequest) DeepCopy 

func (in *PodAccessRequest) DeepCopy() *PodAccessRequest

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodAccessRequest.

func (*PodAccessRequest) DeepCopyInto 

func (in *PodAccessRequest) DeepCopyInto(out *PodAccessRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PodAccessRequest) DeepCopyObject 

func (in *PodAccessRequest) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*PodAccessRequest) Default 

func (r *PodAccessRequest) Default(_ admission.Request) error

Default implements webhook.Defaulter so a webhook will be registered for the type

func (*PodAccessRequest) GetDuration 

func (r *PodAccessRequest) GetDuration() (time.Duration, error)

GetDuration conform to the interfaces.OzRequestResource interface

func (*PodAccessRequest) GetPodName 

func (r *PodAccessRequest) GetPodName() string

GetPodName returns the PodName that has been assigned to the Status field within this AccessRequest.

func (*PodAccessRequest) GetStatus 

func (r *PodAccessRequest) GetStatus() ICoreStatus

GetStatus returns the core Status field for this resource.

Returns: 

AccessRequestStatus

func (*PodAccessRequest) GetTemplate 

func (r *PodAccessRequest) GetTemplate(
	ctx context.Context,
	cl client.Client,
) (ITemplateResource, error)

GetTemplate returns a populated PodAccessTemplate that this PodAccessRequest is referencing.

func (*PodAccessRequest) GetTemplateName 

func (r *PodAccessRequest) GetTemplateName() string

GetTemplateName returns the user supplied Spec.templateName field

func (*PodAccessRequest) GetUptime 

func (r *PodAccessRequest) GetUptime() time.Duration

GetUptime conform to the interfaces.OzRequestResource interface

func (*PodAccessRequest) SetPodName 

func (r *PodAccessRequest) SetPodName(name string) error

SetPodName conforms to the interfaces.OzRequestResource interface

func (*PodAccessRequest) SetupWebhookWithManager 

func (r *PodAccessRequest) SetupWebhookWithManager(mgr ctrl.Manager) error

SetupWebhookWithManager configures the webhook service in the Manager to accept MutatingWebhookConfiguration and ValidatingWebhookConfiguration calls from the Kubernetes API server.

func (*PodAccessRequest) ValidateCreate 

func (r *PodAccessRequest) ValidateCreate(req admission.Request) (admission.Warnings, error)

ValidateCreate implements webhook.IContextuallyValidatableObject so a webhook will be registered for the type

func (*PodAccessRequest) ValidateDelete 

func (r *PodAccessRequest) ValidateDelete(req admission.Request) (admission.Warnings, error)

ValidateDelete implements webhook.IContextuallyValidatableObject so a webhook will be registered for the type

func (*PodAccessRequest) ValidateUpdate 

func (r *PodAccessRequest) ValidateUpdate(req admission.Request, _ runtime.Object) (admission.Warnings, error)

ValidateUpdate implements webhook.IContextuallyValidatableObject so a webhook will be registered for the type

type PodAccessRequestList 

type PodAccessRequestList struct {
	metav1.TypeMeta `                   json:",inline"`
	metav1.ListMeta `                   json:"metadata,omitempty"`
	Items           []PodAccessRequest `json:"items"`
}

PodAccessRequestList contains a list of AccessRequest

func (*PodAccessRequestList) DeepCopy 

func (in *PodAccessRequestList) DeepCopy() *PodAccessRequestList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodAccessRequestList.

func (*PodAccessRequestList) DeepCopyInto 

func (in *PodAccessRequestList) DeepCopyInto(out *PodAccessRequestList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PodAccessRequestList) DeepCopyObject 

func (in *PodAccessRequestList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PodAccessRequestSpec 

type PodAccessRequestSpec struct {
	// Defines the name of the `ExecAcessTemplate` that should be used to grant access to the target
	// resource.
	//
	// +kubebuilder:validation:Required
	TemplateName string `json:"templateName"`

	// Duration sets the length of time from the `spec.creationTimestamp` that this object will live. After the
	// time has expired, the resouce will be automatically deleted on the next reconcilliation loop.
	//
	// If omitted, the spec.defautlDuration from the ExecAccessTemplate is used.
	//
	// Valid time units are "s", "m", "h".
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:Pattern="^[0-9]+(s|m|h)$"
	Duration string `json:"duration,omitempty"`
}

PodAccessRequestSpec defines the desired state of AccessRequest

func (*PodAccessRequestSpec) DeepCopy 

func (in *PodAccessRequestSpec) DeepCopy() *PodAccessRequestSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodAccessRequestSpec.

func (*PodAccessRequestSpec) DeepCopyInto 

func (in *PodAccessRequestSpec) DeepCopyInto(out *PodAccessRequestSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PodAccessRequestStatus 

type PodAccessRequestStatus struct {
	CoreStatus `json:",inline"`

	// The Target Pod Name where access has been granted
	PodName string `json:"podName,omitempty"`
}

PodAccessRequestStatus defines the observed state of AccessRequest

func (*PodAccessRequestStatus) DeepCopy 

func (in *PodAccessRequestStatus) DeepCopy() *PodAccessRequestStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodAccessRequestStatus.

func (*PodAccessRequestStatus) DeepCopyInto 

func (in *PodAccessRequestStatus) DeepCopyInto(out *PodAccessRequestStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PodAccessTemplate 

type PodAccessTemplate struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   PodAccessTemplateSpec   `json:"spec,omitempty"`
	Status PodAccessTemplateStatus `json:"status,omitempty"`
}

PodAccessTemplate is the Schema for the accesstemplates API

+kubebuilder:object:root=true +kubebuilder:printcolumn:name="Ready",type="boolean",JSONPath=".status.ready",description="Is template ready?"

func GetPodAccessTemplate 

func GetPodAccessTemplate(
	ctx context.Context,
	cl client.Client,
	name string,
	namespace string,
) (*PodAccessTemplate, error)

GetPodAccessTemplate returns back an AccessTemplate resource matching the request supplied to the reconciler loop, or returns back an error.

func (*PodAccessTemplate) DeepCopy 

func (in *PodAccessTemplate) DeepCopy() *PodAccessTemplate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodAccessTemplate.

func (*PodAccessTemplate) DeepCopyInto 

func (in *PodAccessTemplate) DeepCopyInto(out *PodAccessTemplate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PodAccessTemplate) DeepCopyObject 

func (in *PodAccessTemplate) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*PodAccessTemplate) GetAccessConfig 

func (t *PodAccessTemplate) GetAccessConfig() *AccessConfig

GetAccessConfig returns the Spec.accessConfig field for this resource in an AccessConfig object form.

func (*PodAccessTemplate) GetStatus 

func (t *PodAccessTemplate) GetStatus() ICoreStatus

GetStatus returns the core Status field for this resource.

Returns: 

PodAccessRequestStatus

func (*PodAccessTemplate) GetTargetRef 

func (t *PodAccessTemplate) GetTargetRef() *CrossVersionObjectReference

GetTargetRef conforms to the controllers.OzTemplateResource interface.

func (*PodAccessTemplate) Validate 

func (t *PodAccessTemplate) Validate() error

Validate the inputs

type PodAccessTemplateList 

type PodAccessTemplateList struct {
	metav1.TypeMeta `                    json:",inline"`
	metav1.ListMeta `                    json:"metadata,omitempty"`
	Items           []PodAccessTemplate `json:"items"`
}

PodAccessTemplateList contains a list of AccessTemplate

func (*PodAccessTemplateList) DeepCopy 

func (in *PodAccessTemplateList) DeepCopy() *PodAccessTemplateList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodAccessTemplateList.

func (*PodAccessTemplateList) DeepCopyInto 

func (in *PodAccessTemplateList) DeepCopyInto(out *PodAccessTemplateList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PodAccessTemplateList) DeepCopyObject 

func (in *PodAccessTemplateList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PodAccessTemplateSpec 

type PodAccessTemplateSpec struct {
	// AccessConfig provides a common struct for defining who has access to the resources this
	// template controls, how long they have access, etc.
	AccessConfig AccessConfig `json:"accessConfig"`

	// ControllerTargetRef provides a pattern for referencing objects from another API in a generic way.
	//
	// +kubebuilder:validation:Optional
	ControllerTargetRef *CrossVersionObjectReference `json:"controllerTargetRef"`

	// ControllerTargetMutationConfig contains parameters that allow for customizing the copy of a
	// controller-sourced PodSpec. This setting is only valid if controllerTargetRef is set.
	//
	// +kubebuilder:validation:Optional
	ControllerTargetMutationConfig *PodTemplateSpecMutationConfig `json:"controllerTargetMutationConfig,omitempty"`

	// PodSpec ...
	//
	// +kubebuilder:validation:Optional
	PodSpec *corev1.PodSpec `json:"podSpec,omitempty"`

	// Upper bound of the ephemeral storage that an AccessRequest can make against this template for
	// the primary container.
	//
	// +kubebuilder:validation:Optional
	MaxStorage resource.Quantity `json:"maxStorage,omitempty"`

	// Upper bound of the CPU that an AccessRequest can make against this tmemplate for the primary container.
	//
	// +kubebuilder:validation:Optional
	MaxCPU resource.Quantity `json:"maxCpu,omitempty"`

	// Upper bound of the memory that an AccessRequest can make against this template for the primary container.
	//
	// +kubebuilder:validation:Optional
	MaxMemory resource.Quantity `json:"maxMemory,omitempty"`
}

PodAccessTemplateSpec defines the desired state of AccessTemplate

func (*PodAccessTemplateSpec) DeepCopy 

func (in *PodAccessTemplateSpec) DeepCopy() *PodAccessTemplateSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodAccessTemplateSpec.

func (*PodAccessTemplateSpec) DeepCopyInto 

func (in *PodAccessTemplateSpec) DeepCopyInto(out *PodAccessTemplateSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PodAccessTemplateStatus 

type PodAccessTemplateStatus struct {
	CoreStatus `json:",inline"`
}

PodAccessTemplateStatus defines the observed state of PodAccessTemplate

func (*PodAccessTemplateStatus) DeepCopy 

func (in *PodAccessTemplateStatus) DeepCopy() *PodAccessTemplateStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodAccessTemplateStatus.

func (*PodAccessTemplateStatus) DeepCopyInto 

func (in *PodAccessTemplateStatus) DeepCopyInto(out *PodAccessTemplateStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PodTemplateSpecMutationConfig 

type PodTemplateSpecMutationConfig struct {
	// DefaultContainerName allows the operator to define which container is considered the default
	// container, and that is the container that this mutation configuration applies to. If not set,
	// then the first container defined in the spec.containers[] list is patched.
	DefaultContainerName string `json:"defaultContainerName,omitempty"`

	// Command is used to override the .Spec.containers[0].command field for the target Pod and
	// Container. This can be handy in ensuring that the default application does not start up and
	// do any work. If set, this overrides the Spec.conatiners[0].args property as well.
	Command *[]string `json:"command,omitempty"`

	// Args will override the Spec.containers[0].args property.
	Args *[]string `json:"args,omitempty"`

	// Env allows overriding specific environment variables (or adding new ones). Note, we do not
	// purge the original environmnt variables.
	Env []corev1.EnvVar `json:"env,omitempty"`

	// If supplied these resource requirements will override the default .Spec.containers[0].resource requested for the
	// the pod. Note though that we do not override all of the resource requests in the Pod because there may be many
	// containers.
	Resources corev1.ResourceRequirements `json:"resources,omitempty"`

	// If supplied, these
	// [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/)
	// are applied to the target
	// [`PodTemplateSpec`](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#podtemplatespec-v1-core).
	// These are merged into the final Annotations. If you want to _replace_
	// the annotations, make sure to set the `purgeAnnotations` flag to `true`.
	PodAnnotations *map[string]string `json:"podAnnotations,omitempty"`

	// If supplied, Oz will insert these
	// [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/)
	// into the target
	// [`PodTemplateSpec`](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#podtemplatespec-v1-core).
	// By default Oz purges all Labels from pods (to prevent the new Pod from
	// having traffic routed to it), so this is effectively a new set of labels
	// applied to the Pod.
	PodLabels *map[string]string `json:"podLabels,omitempty"`

	// By default, Oz keeps the original
	// [`PodTemplateSpec`](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#podtemplatespec-v1-core)
	// `metadata.annotations` field. If you want to purge this, set this flag
	// to `true.`
	//
	// +kubebuilder:default:=false
	PurgeAnnotations bool `json:"purgeAnnotations,omitempty"`

	// PatchSpecOperations contains a list of JSON patch operations to apply to the PodSpec.
	// [`JSONPatch`](https://www.rfc-editor.org/rfc/rfc6902.html)
	PatchSpecOperations []JSONPatchOperation `json:"patchSpecOperations,omitempty"`

	// By default, Oz wipes out the PodSpec
	// [`terminationGracePeriodSeconds`](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#podspec-v1-core)
	// setting on Pods to ensure that they can be killed as soon as the
	// AccessRequest expires. This flag overrides that behavior.
	//
	// +kubebuilder:default:=false
	KeepTerminationGracePeriod bool `json:"keepTerminationGracePeriod,omitempty"`

	// By default, Oz wipes out the PodSpec
	// [`livenessProbe`](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#podspec-v1-core)
	// configuration for the default container so that the container does not
	// get terminated if the main application is not running or passing checks.
	// This setting overrides that behavior.
	//
	// +kubebuilder:default:=false
	KeepLivenessProbe bool `json:"keepLivenessProbe,omitempty"`

	// By default, Oz wipes out the PodSpec
	// [`readinessProbe`](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#podspec-v1-core)
	// configuration for the default container so that the container does not
	// get terminated if the main application is not running or passing checks.
	// This setting overrides that behavior.
	//
	// +kubebuilder:default:=false
	KeepReadinessProbe bool `json:"keepReadinessProbe,omitempty"`

	// By default, Oz wipes out the PodSpec
	// [`startupProbe`](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#podspec-v1-core)
	// configuration for the default container so that the container does not
	// get terminated if the main application is not running or passing checks.
	// This setting overrides that behavior.
	//
	// +kubebuilder:default:=false
	KeepStartupProbe bool `json:"keepStartupProbe,omitempty"`

	// By default, Oz wipes out the PodSpec
	// [`topologySpreadConstraints`](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling)
	// configuration for the Pod because these access pods are not part of the
	// same group of pods that are passing traffic. This setting overrides that behavior.
	KeepTopologySpreadConstraints bool `json:"keepTopologySpreadConstraints,omitempty"`

	// If supplied, Oz will insert these
	// [nodeSelector](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling)
	// into the target
	// [`PodTemplateSpec`](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#podtemplatespec-v1-core).
	NodeSelector *map[string]string `json:"nodeSelector,omitempty"`
}

PodTemplateSpecMutationConfig provides a common pattern for describing mutations to an existing PodSpec that should be applied. The primary use case is in the PodAccessTemplate, where an existing controller (Deployment, DaemonSet, StatefulSet) can be used as the reference for the PodSpec that is launched for the user. However, the operator may want to make modifications to the PodSpec at launch time (eg, change the entrypoint command or arguments).

TODO: Add affinity

func (*PodTemplateSpecMutationConfig) DeepCopy 

func (in *PodTemplateSpecMutationConfig) DeepCopy() *PodTemplateSpecMutationConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodTemplateSpecMutationConfig.

func (*PodTemplateSpecMutationConfig) DeepCopyInto 

func (in *PodTemplateSpecMutationConfig) DeepCopyInto(out *PodTemplateSpecMutationConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PodTemplateSpecMutationConfig) PatchPodTemplateSpec 

func (c *PodTemplateSpecMutationConfig) PatchPodTemplateSpec(
	ctx context.Context,
	orig corev1.PodTemplateSpec,
) (corev1.PodTemplateSpec, error)

PatchPodTemplateSpec returns a mutated new PodSpec object based on the supplied spec, and the parameters in the PodSpecMutationConfig struct.

Returns: 

corev1.PodSpec: A new PodSpec object with the mutated configuration.

revive:disable:cyclomatic High complexity score but easy to understand

type RequestConditionTypes 

type RequestConditionTypes string

RequestConditionTypes defines a set of known Status.Condition[].ConditionType fields that are used throughout the AccessRequest and AccessTemplate reconcilers. 

const (
	// ConditionRequestDurationsValid is used by both AccessTemplate and
	// AccessRequest resources. It indicates whether or not the various
	// duration fields are valid.
	ConditionRequestDurationsValid RequestConditionTypes = "AccessDurationsValid"

	// ConditionTargetTemplateExists indicates that the Access Request is
	// pointing to a valid Access Template.
	ConditionTargetTemplateExists RequestConditionTypes = "TargetTemplateExists"

	// ConditionAccessStillValid is continaully updated based on whether or not
	// the Access Request has timed out.
	ConditionAccessStillValid RequestConditionTypes = "AccessStillValid"

	// ConditionAccessResourcesCreated indicates whether or not the target
	// access request resources have been properly created.
	ConditionAccessResourcesCreated RequestConditionTypes = "AccessResourcesCreated"

	// ConditionAccessResourcesReady indicates that all of the "access
	// resources" (eg, a Pod) are up and in the ready state.
	ConditionAccessResourcesReady RequestConditionTypes = "AccessResourcesReady"

	// ConditionAccessMessage is used to record
	ConditionAccessMessage RequestConditionTypes = "AccessMessage"
)

func (RequestConditionTypes) String 

func (x RequestConditionTypes) String() string

String implements the fmt.Stringer interface.

type TemplateConditionTypes 

type TemplateConditionTypes string

TemplateConditionTypes defines a set of known Status.Condition[].ConditionType fields that are used throughout the AccessTemplate reconcilers and written to the ITemplateResource resources. 

const (
	// ConditionTemplateDurationsValid is used by both AccessTemplate and
	// AccessRequest resources. It indicates whether or not the various
	// duration fields are valid.
	ConditionTemplateDurationsValid TemplateConditionTypes = "TemplateDurationsValid"

	// ConditionTargetRefExists indicates whether or not an AccessTemplate is
	// pointing to a valid Controller.
	ConditionTargetRefExists TemplateConditionTypes = "TargetRefExists"
)

func (TemplateConditionTypes) String 

func (x TemplateConditionTypes) String() string

String implements the fmt.Stringer interface.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.