v1alpha1

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 24, 2025 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Overview

+groupName=operator.kcp.io +versionName=v1alpha1 +kubebuilder:object:generate=true

Index

Constants

View Source 
const GroupName = "operator.kcp.io"

GroupName is the group name use in this package.

View Source 
const GroupVersion = "v1alpha1"

Variables

View Source 
var (
	DefaultCADuration          = metav1.Duration{Duration: time.Hour * 24 * 365 * 10}
	DefaultCARenewal           = metav1.Duration{Duration: time.Hour * 24 * 30}
	DefaultCertificateDuration = metav1.Duration{Duration: time.Hour * 24 * 365}
	DefaultCertificateRenewal  = metav1.Duration{Duration: time.Hour * 24 * 7}
)
View Source 
var (
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
	AddToScheme   = SchemeBuilder.AddToScheme

	// SchemeGroupVersion is group version used to register these objects.
	SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: GroupVersion}
)

Functions

func Resource 

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource.

Types

type AuditSpec 

type AuditSpec struct {
	Webhook *AuditWebhookSpec `json:"webhook,omitempty"`
}

func (*AuditSpec) DeepCopy 

func (in *AuditSpec) DeepCopy() *AuditSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSpec.

func (*AuditSpec) DeepCopyInto 

func (in *AuditSpec) DeepCopyInto(out *AuditSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuditWebhookMode 

type AuditWebhookMode string
const (
	AuditWebhookBatchMode          AuditWebhookMode = "batch"
	AuditWebhookBlockingMode       AuditWebhookMode = "blocking"
	AuditWebhookBlockingStrictMode AuditWebhookMode = "blocking-strict"
)

type AuditWebhookSpec 

type AuditWebhookSpec struct {
	// The size of the buffer to store events before batching and writing. Only used in batch mode.
	BatchBufferSize int `json:"batchBufferSize,omitempty"`
	// The maximum size of a batch. Only used in batch mode.
	BatchMaxSize int `json:"batchMaxSize,omitempty"`
	// The amount of time to wait before force writing the batch that hadn't reached the max size.
	// Only used in batch mode.
	BatchMaxWait *metav1.Duration `json:"batchMaxWait,omitempty"`
	// Maximum number of requests sent at the same moment if ThrottleQPS was not utilized before.
	// Only used in batch mode.
	BatchThrottleBurst int `json:"batchThrottleBurst,omitempty"`
	// Whether batching throttling is enabled. Only used in batch mode.
	BatchThrottleEnable bool `json:"batchThrottleEnable,omitempty"`
	// Maximum average number of batches per second. Only used in batch mode.
	// This value is a floating point number, stored as a string (e.g. "3.1").
	BatchThrottleQPS string `json:"batchThrottleQPS,omitempty"`

	// Name of a Kubernetes Secret that contains a kubeconfig formatted file that defines the
	// audit webhook configuration.
	ConfigSecretName string `json:"configSecretName,omitempty"`
	// The amount of time to wait before retrying the first failed request.
	InitialBackoff *metav1.Duration `json:"initialBackoff,omitempty"`
	// Strategy for sending audit events. Blocking indicates sending events should block server
	// responses. Batch causes the backend to buffer and write events asynchronously.
	Mode AuditWebhookMode `json:"mode,omitempty"`
	// Whether event and batch truncating is enabled.
	TruncateEnabled bool `json:"truncateEnabled,omitempty"`
	// Maximum size of the batch sent to the underlying backend. Actual serialized size can be
	// several hundreds of bytes greater. If a batch exceeds this limit, it is split into several
	// batches of smaller size.
	TruncateMaxBatchSize int `json:"truncateMaxBatchSize,omitempty"`
	// Maximum size of the audit event sent to the underlying backend. If the size of an event
	// is greater than this number, first request and response are removed, and if this doesn't
	// reduce the size enough, event is discarded.
	TruncateMaxEventSize int `json:"truncateMaxEventSize,omitempty"`
	// API group and version used for serializing audit events written to webhook.
	Version string `json:"version,omitempty"`
}

func (*AuditWebhookSpec) DeepCopy 

func (in *AuditWebhookSpec) DeepCopy() *AuditWebhookSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditWebhookSpec.

func (*AuditWebhookSpec) DeepCopyInto 

func (in *AuditWebhookSpec) DeepCopyInto(out *AuditWebhookSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthSpec 

type AuthSpec struct {
	// Optional: OIDC configures OpenID Connect Authentication.
	OIDC *OIDCConfiguration `json:"oidc,omitempty"`

	// Optional: DropGroups configures groups to be dropped before forwarding requests to Shards
	DropGroups []string `json:"dropGroups,omitempty"`

	// Optional: PassOnGroups configures groups to be passed on before forwarding requests to Shards
	PassOnGroups []string `json:"passOnGroups,omitempty"`
}

func (*AuthSpec) DeepCopy 

func (in *AuthSpec) DeepCopy() *AuthSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthSpec.

func (*AuthSpec) DeepCopyInto 

func (in *AuthSpec) DeepCopyInto(out *AuthSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthorizationSpec 

type AuthorizationSpec struct {
	Webhook *AuthorizationWebhookSpec `json:"webhook,omitempty"`
}

func (*AuthorizationSpec) DeepCopy 

func (in *AuthorizationSpec) DeepCopy() *AuthorizationSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthorizationSpec.

func (*AuthorizationSpec) DeepCopyInto 

func (in *AuthorizationSpec) DeepCopyInto(out *AuthorizationSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthorizationWebhookSpec 

type AuthorizationWebhookSpec struct {
	// A list of HTTP paths to skip during authorization, i.e. these are authorized without contacting the 'core' kubernetes server.
	// If specified, completely overwrites the default of [/healthz,/readyz,/livez].
	AllowPaths []string `json:"allowPaths,omitempty"`
	// The duration to cache 'authorized' responses from the webhook authorizer.
	CacheAuthorizedTTL *metav1.Duration `json:"cacheAuthorizedTTL,omitempty"`
	// The duration to cache 'unauthorized' responses from the webhook authorizer.
	CacheUnauthorizedTTL *metav1.Duration `json:"cacheUnauthorizedTTL,omitempty"`
	// Name of a Kubernetes Secret that contains a kubeconfig formatted file that defines the
	// authorization webhook configuration.
	ConfigSecretName string `json:"configSecretName,omitempty"`
	// The API version of the authorization.k8s.io SubjectAccessReview to send to and expect from the webhook.
	Version string `json:"version,omitempty"`
}

func (*AuthorizationWebhookSpec) DeepCopy 

func (in *AuthorizationWebhookSpec) DeepCopy() *AuthorizationWebhookSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthorizationWebhookSpec.

func (*AuthorizationWebhookSpec) DeepCopyInto 

func (in *AuthorizationWebhookSpec) DeepCopyInto(out *AuthorizationWebhookSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CA 

type CA string
const (
	RootCA                CA = "root"
	ServerCA              CA = "server"
	ServiceAccountCA      CA = "service-account"
	ClientCA              CA = "client"
	FrontProxyClientCA    CA = "front-proxy-client"
	RequestHeaderClientCA CA = "requestheader-client"
)

type CacheConfig 

type CacheConfig struct {
	// Embedded configures settings for starting the cache server embedded in the root shard.
	Embedded *EmbeddedCacheConfiguration `json:"embedded,omitempty"`
}

func (*CacheConfig) DeepCopy 

func (in *CacheConfig) DeepCopy() *CacheConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CacheConfig.

func (*CacheConfig) DeepCopyInto 

func (in *CacheConfig) DeepCopyInto(out *CacheConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CacheServer 

type CacheServer struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   CacheServerSpec   `json:"spec,omitempty"`
	Status CacheServerStatus `json:"status,omitempty"`
}

CacheServer is the Schema for the cacheservers API

func (*CacheServer) DeepCopy 

func (in *CacheServer) DeepCopy() *CacheServer

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CacheServer.

func (*CacheServer) DeepCopyInto 

func (in *CacheServer) DeepCopyInto(out *CacheServer)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CacheServer) DeepCopyObject 

func (in *CacheServer) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CacheServerList 

type CacheServerList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []CacheServer `json:"items"`
}

CacheServerList contains a list of CacheServer

func (*CacheServerList) DeepCopy 

func (in *CacheServerList) DeepCopy() *CacheServerList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CacheServerList.

func (*CacheServerList) DeepCopyInto 

func (in *CacheServerList) DeepCopyInto(out *CacheServerList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CacheServerList) DeepCopyObject 

func (in *CacheServerList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CacheServerSpec 

type CacheServerSpec struct {
	// Etcd configures the etcd cluster that this cache server should be using.
	Etcd EtcdConfig `json:"etcd"`

	// Optional: Image overwrites the container image used to deploy the cache server.
	Image *ImageSpec `json:"image,omitempty"`
}

CacheServerSpec defines the desired state of CacheServer.

func (*CacheServerSpec) DeepCopy 

func (in *CacheServerSpec) DeepCopy() *CacheServerSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CacheServerSpec.

func (*CacheServerSpec) DeepCopyInto 

func (in *CacheServerSpec) DeepCopyInto(out *CacheServerSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CacheServerStatus 

type CacheServerStatus struct {
}

CacheServerStatus defines the observed state of CacheServer

func (*CacheServerStatus) DeepCopy 

func (in *CacheServerStatus) DeepCopy() *CacheServerStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CacheServerStatus.

func (*CacheServerStatus) DeepCopyInto 

func (in *CacheServerStatus) DeepCopyInto(out *CacheServerStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Certificate 

type Certificate string
const (
	// ServerCertificate is a generic server certificate for serving HTTPS.
	ServerCertificate Certificate = "server"
	// ClientCertificate is a generic client certificate.
	ClientCertificate Certificate = "client"

	ServiceAccountCertificate              Certificate = "service-account"
	VirtualWorkspacesCertificate           Certificate = "virtual-workspaces"
	RequestHeaderClientCertificate         Certificate = "requestheader"
	KubeconfigCertificate                  Certificate = "kubeconfig"
	AdminKubeconfigClientCertificate       Certificate = "admin-kubeconfig"
	LogicalClusterAdminCertificate         Certificate = "logical-cluster-admin"
	ExternalLogicalClusterAdminCertificate Certificate = "external-logical-cluster-admin"
)

type CertificateMetadataTemplate 

type CertificateMetadataTemplate struct {
	// Annotations is a key value map to be copied to the target Certificate.
	// +optional
	Annotations map[string]string `json:"annotations,omitempty"`

	// Labels is a key value map to be copied to the target Certificate.
	// +optional
	Labels map[string]string `json:"labels,omitempty"`
}

func (*CertificateMetadataTemplate) DeepCopy 

func (in *CertificateMetadataTemplate) DeepCopy() *CertificateMetadataTemplate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateMetadataTemplate.

func (*CertificateMetadataTemplate) DeepCopyInto 

func (in *CertificateMetadataTemplate) DeepCopyInto(out *CertificateMetadataTemplate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertificatePrivateKeyTemplate 

type CertificatePrivateKeyTemplate struct {
	// RotationPolicy controls how private keys should be regenerated when a
	// re-issuance is being processed.
	//
	// If set to `Never`, a private key will only be generated if one does not
	// already exist in the target `spec.secretName`. If one does exist but it
	// does not have the correct algorithm or size, a warning will be raised
	// to await user intervention.
	// If set to `Always`, a private key matching the specified requirements
	// will be generated whenever a re-issuance occurs.
	// Default is `Never` for backward compatibility.
	// +optional
	RotationPolicy PrivateKeyRotationPolicy `json:"rotationPolicy,omitempty"`

	// The private key cryptography standards (PKCS) encoding for this
	// certificate's private key to be encoded in.
	//
	// If provided, allowed values are `PKCS1` and `PKCS8` standing for PKCS#1
	// and PKCS#8, respectively.
	// Defaults to `PKCS1` if not specified.
	// +optional
	Encoding PrivateKeyEncoding `json:"encoding,omitempty"`

	// Algorithm is the private key algorithm of the corresponding private key
	// for this certificate.
	//
	// If provided, allowed values are either `RSA`, `ECDSA` or `Ed25519`.
	// If `algorithm` is specified and `size` is not provided,
	// key size of 2048 will be used for `RSA` key algorithm and
	// key size of 256 will be used for `ECDSA` key algorithm.
	// key size is ignored when using the `Ed25519` key algorithm.
	// +optional
	Algorithm PrivateKeyAlgorithm `json:"algorithm,omitempty"`

	// Size is the key bit size of the corresponding private key for this certificate.
	//
	// If `algorithm` is set to `RSA`, valid values are `2048`, `4096` or `8192`,
	// and will default to `2048` if not specified.
	// If `algorithm` is set to `ECDSA`, valid values are `256`, `384` or `521`,
	// and will default to `256` if not specified.
	// If `algorithm` is set to `Ed25519`, Size is ignored.
	// No other values are allowed.
	// +optional
	Size int `json:"size,omitempty"`
}

func (*CertificatePrivateKeyTemplate) DeepCopy 

func (in *CertificatePrivateKeyTemplate) DeepCopy() *CertificatePrivateKeyTemplate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificatePrivateKeyTemplate.

func (*CertificatePrivateKeyTemplate) DeepCopyInto 

func (in *CertificatePrivateKeyTemplate) DeepCopyInto(out *CertificatePrivateKeyTemplate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertificateSecretTemplate 

type CertificateSecretTemplate struct {
	// Annotations is a key value map to be copied to the target Kubernetes Secret.
	// +optional
	Annotations map[string]string `json:"annotations,omitempty"`

	// Labels is a key value map to be copied to the target Kubernetes Secret.
	// +optional
	Labels map[string]string `json:"labels,omitempty"`
}

CertificateSecretTemplate defines the default labels and annotations to be copied to the Kubernetes Secret resource named in `CertificateSpec.secretName`.

func (*CertificateSecretTemplate) DeepCopy 

func (in *CertificateSecretTemplate) DeepCopy() *CertificateSecretTemplate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSecretTemplate.

func (*CertificateSecretTemplate) DeepCopyInto 

func (in *CertificateSecretTemplate) DeepCopyInto(out *CertificateSecretTemplate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertificateSpecTemplate 

type CertificateSpecTemplate struct {
	// Requested set of X509 certificate subject attributes.
	// More info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6
	//
	// +optional
	Subject *X509Subject `json:"subject,omitempty"`

	// Requested DNS subject alternative names. The values given here will be merged into the
	// DNS names determined automatically by the kcp-operator.
	//
	// +optional
	DNSNames []string `json:"dnsNames,omitempty"`

	// Requested IP address subject alternative names. The values given here will be merged into the
	// DNS names determined automatically by the kcp-operator.
	//
	// +optional
	IPAddresses []string `json:"ipAddresses,omitempty"`

	// Defines annotations and labels to be copied to the Certificate's Secret.
	// Labels and annotations on the Secret will be changed as they appear on the
	// SecretTemplate when added or removed. SecretTemplate annotations are added
	// in conjunction with, and cannot overwrite, the base set of annotations
	// cert-manager sets on the Certificate's Secret.
	// +optional
	SecretTemplate *CertificateSecretTemplate `json:"secretTemplate,omitempty"`

	// Requested 'duration' (i.e. lifetime) of the Certificate. Note that the
	// issuer may choose to ignore the requested duration, just like any other
	// requested attribute.
	//
	// If unset, this defaults to 90 days.
	// Minimum accepted duration is 1 hour.
	// Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration.
	// +optional
	Duration *metav1.Duration `json:"duration,omitempty"`

	// How long before the currently issued certificate's expiry cert-manager should
	// renew the certificate. For example, if a certificate is valid for 60 minutes,
	// and `renewBefore=10m`, cert-manager will begin to attempt to renew the certificate
	// 50 minutes after it was issued (i.e. when there are 10 minutes remaining until
	// the certificate is no longer valid).
	//
	// NOTE: The actual lifetime of the issued certificate is used to determine the
	// renewal time. If an issuer returns a certificate with a different lifetime than
	// the one requested, cert-manager will use the lifetime of the issued certificate.
	//
	// If unset, this defaults to 1/3 of the issued certificate's lifetime.
	// Minimum accepted value is 5 minutes.
	// Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration.
	// Cannot be set if the `renewBeforePercentage` field is set.
	// +optional
	RenewBefore *metav1.Duration `json:"renewBefore,omitempty"`

	// Private key options. These include the key algorithm and size, the used
	// encoding and the rotation policy.
	// +optional
	PrivateKey *CertificatePrivateKeyTemplate `json:"privateKey,omitempty"`
}

func (*CertificateSpecTemplate) DeepCopy 

func (in *CertificateSpecTemplate) DeepCopy() *CertificateSpecTemplate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSpecTemplate.

func (*CertificateSpecTemplate) DeepCopyInto 

func (in *CertificateSpecTemplate) DeepCopyInto(out *CertificateSpecTemplate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertificateTemplate 

type CertificateTemplate struct {
	Metadata *CertificateMetadataTemplate `json:"metadata,omitempty"`
	Spec     *CertificateSpecTemplate     `json:"spec,omitempty"`
}

func (*CertificateTemplate) DeepCopy 

func (in *CertificateTemplate) DeepCopy() *CertificateTemplate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateTemplate.

func (*CertificateTemplate) DeepCopyInto 

func (in *CertificateTemplate) DeepCopyInto(out *CertificateTemplate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertificateTemplateMap 

type CertificateTemplateMap map[string]CertificateTemplate

func (CertificateTemplateMap) CATemplate 

func (m CertificateTemplateMap) CATemplate(ca CA) CertificateTemplate

func (CertificateTemplateMap) CertificateTemplate 

func (m CertificateTemplateMap) CertificateTemplate(cert Certificate) CertificateTemplate

func (CertificateTemplateMap) DeepCopy 

func (in CertificateTemplateMap) DeepCopy() CertificateTemplateMap

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateTemplateMap.

func (CertificateTemplateMap) DeepCopyInto 

func (in CertificateTemplateMap) DeepCopyInto(out *CertificateTemplateMap)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Certificates 

type Certificates struct {
	// IssuerRef points to a pre-existing cert-manager Issuer or ClusterIssuer that shall be used
	// to acquire new certificates. This field is mutually exclusive with caSecretRef.
	IssuerRef *ObjectReference `json:"issuerRef,omitempty"`

	// CASecretRef can be used as an alternative to the IssuerRef: This field allows to configure
	// a pre-existing CA certificate that should be used as sign kcp certificates.
	// This Secret must contain both the certificate and the private key so that new sub certificates
	// can be signed and created from this CA. This field is mutually exclusive with issuerRef.
	CASecretRef *corev1.LocalObjectReference `json:"caSecretRef,omitempty"`
}

Certificates configures how certificates for kcp should be created.

func (*Certificates) DeepCopy 

func (in *Certificates) DeepCopy() *Certificates

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Certificates.

func (*Certificates) DeepCopyInto 

func (in *Certificates) DeepCopyInto(out *Certificates)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CommonShardSpec 

type CommonShardSpec struct {
	ClusterDomain string `json:"clusterDomain,omitempty"`

	// Etcd configures the etcd cluster that this shard should be using.
	Etcd EtcdConfig `json:"etcd"`

	Image *ImageSpec `json:"image,omitempty"`

	// Replicas configures how many instances of this shard run in parallel. Defaults to 2 if not set.
	Replicas *int32 `json:"replicas,omitempty"`

	// Resources overrides the default resource requests and limits.
	Resources *corev1.ResourceRequirements `json:"resources,omitempty"`

	Audit         *AuditSpec         `json:"audit,omitempty"`
	Authorization *AuthorizationSpec `json:"authorization,omitempty"`

	// CertificateTemplates allows to customize the properties on the generated
	// certificates for this root shard.
	CertificateTemplates CertificateTemplateMap `json:"certificateTemplates,omitempty"`

	// Optional: ServiceTemplate configures the Kubernetes Service created for this shard.
	ServiceTemplate *ServiceTemplate `json:"serviceTemplate,omitempty"`

	// Optional: DeploymentTemplate configures the Kubernetes Deployment created for this shard.
	DeploymentTemplate *DeploymentTemplate `json:"deploymentTemplate,omitempty"`
}

func (*CommonShardSpec) DeepCopy 

func (in *CommonShardSpec) DeepCopy() *CommonShardSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CommonShardSpec.

func (*CommonShardSpec) DeepCopyInto 

func (in *CommonShardSpec) DeepCopyInto(out *CommonShardSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ConditionReason 

type ConditionReason string
const (
	ConditionReasonDeploymentUnavailable ConditionReason = "DeploymentUnavailable"
	ConditionReasonReplicasUp            ConditionReason = "ReplicasUp"
	ConditionReasonReplicasUnavailable   ConditionReason = "ReplicasUnavailable"

	ConditionReasonRootShardRefInvalid  ConditionReason = "InvalidReference"
	ConditionReasonRootShardRefNotFound ConditionReason = "RootShardNotFound"
	ConditionReasonRootShardRefValid    ConditionReason = "Valid"
)

type ConditionType 

type ConditionType string
const (
	ConditionTypeAvailable ConditionType = "Available"
	ConditionTypeRootShard ConditionType = "RootShard"
)

type DeploymentMetadataTemplate 

type DeploymentMetadataTemplate struct {
	// Annotations is a key value map to be copied to the target Deployment.
	// +optional
	Annotations map[string]string `json:"annotations,omitempty"`

	// Labels is a key value map to be copied to the target Deployment.
	// +optional
	Labels map[string]string `json:"labels,omitempty"`
}

func (*DeploymentMetadataTemplate) DeepCopy 

func (in *DeploymentMetadataTemplate) DeepCopy() *DeploymentMetadataTemplate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentMetadataTemplate.

func (*DeploymentMetadataTemplate) DeepCopyInto 

func (in *DeploymentMetadataTemplate) DeepCopyInto(out *DeploymentMetadataTemplate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type DeploymentSpecTemplate 

type DeploymentSpecTemplate struct {
	// Template describes the pods that will be created.
	Template *PodTemplateSpec `json:"template,omitempty"`
}

func (*DeploymentSpecTemplate) DeepCopy 

func (in *DeploymentSpecTemplate) DeepCopy() *DeploymentSpecTemplate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentSpecTemplate.

func (*DeploymentSpecTemplate) DeepCopyInto 

func (in *DeploymentSpecTemplate) DeepCopyInto(out *DeploymentSpecTemplate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type DeploymentTemplate 

type DeploymentTemplate struct {
	Metadata *DeploymentMetadataTemplate `json:"metadata,omitempty"`
	Spec     *DeploymentSpecTemplate     `json:"spec,omitempty"`
}

func (*DeploymentTemplate) DeepCopy 

func (in *DeploymentTemplate) DeepCopy() *DeploymentTemplate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentTemplate.

func (*DeploymentTemplate) DeepCopyInto 

func (in *DeploymentTemplate) DeepCopyInto(out *DeploymentTemplate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EmbeddedCacheConfiguration 

type EmbeddedCacheConfiguration struct {
	// Enabled enables or disables running the cache server as embedded.
	Enabled bool `json:"enabled"`
}

func (*EmbeddedCacheConfiguration) DeepCopy 

func (in *EmbeddedCacheConfiguration) DeepCopy() *EmbeddedCacheConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EmbeddedCacheConfiguration.

func (*EmbeddedCacheConfiguration) DeepCopyInto 

func (in *EmbeddedCacheConfiguration) DeepCopyInto(out *EmbeddedCacheConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EtcdConfig 

type EtcdConfig struct {
	// Endpoints is a list of http urls at which etcd nodes are available. The expected format is "https://etcd-hostname:2379".
	Endpoints []string `json:"endpoints"`
	// ClientCert configures the client certificate used to access etcd.
	// +optional
	TLSConfig *EtcdTLSConfig `json:"tlsConfig,omitempty"`
}

func (*EtcdConfig) DeepCopy 

func (in *EtcdConfig) DeepCopy() *EtcdConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EtcdConfig.

func (*EtcdConfig) DeepCopyInto 

func (in *EtcdConfig) DeepCopyInto(out *EtcdConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EtcdTLSConfig 

type EtcdTLSConfig struct {
	// SecretRef is the reference to a v1.Secret object that contains the TLS certificate.
	SecretRef corev1.LocalObjectReference `json:"secretRef"`
}

func (*EtcdTLSConfig) DeepCopy 

func (in *EtcdTLSConfig) DeepCopy() *EtcdTLSConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EtcdTLSConfig.

func (*EtcdTLSConfig) DeepCopyInto 

func (in *EtcdTLSConfig) DeepCopyInto(out *EtcdTLSConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalConfig 

type ExternalConfig struct {
	// Hostname is the external name of the kcp instance. This should be matched by a DNS
	// record pointing to the kcp-front-proxy Service's external IP address.
	Hostname string `json:"hostname"`
	Port     uint32 `json:"port"`
}

func (*ExternalConfig) DeepCopy 

func (in *ExternalConfig) DeepCopy() *ExternalConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalConfig.

func (*ExternalConfig) DeepCopyInto 

func (in *ExternalConfig) DeepCopyInto(out *ExternalConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FrontProxy 

type FrontProxy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   FrontProxySpec   `json:"spec,omitempty"`
	Status FrontProxyStatus `json:"status,omitempty"`
}

FrontProxy is the Schema for the frontproxies API

func (*FrontProxy) DeepCopy 

func (in *FrontProxy) DeepCopy() *FrontProxy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FrontProxy.

func (*FrontProxy) DeepCopyInto 

func (in *FrontProxy) DeepCopyInto(out *FrontProxy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*FrontProxy) DeepCopyObject 

func (in *FrontProxy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type FrontProxyList 

type FrontProxyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []FrontProxy `json:"items"`
}

FrontProxyList contains a list of FrontProxy

func (*FrontProxyList) DeepCopy 

func (in *FrontProxyList) DeepCopy() *FrontProxyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FrontProxyList.

func (*FrontProxyList) DeepCopyInto 

func (in *FrontProxyList) DeepCopyInto(out *FrontProxyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*FrontProxyList) DeepCopyObject 

func (in *FrontProxyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type FrontProxyPhase 

type FrontProxyPhase string
const (
	FrontProxyPhaseProvisioning FrontProxyPhase = "Provisioning"
	FrontProxyPhaseRunning      FrontProxyPhase = "Running"
	FrontProxyPhaseDeleting     FrontProxyPhase = "Deleting"
)

type FrontProxySpec 

type FrontProxySpec struct {
	// RootShard configures the kcp root shard that this front-proxy instance should connect to.
	RootShard RootShardConfig `json:"rootShard"`
	// Optional: Replicas configures the replica count for the front-proxy Deployment.
	Replicas *int32 `json:"replicas,omitempty"`
	// Resources overrides the default resource requests and limits.
	Resources *corev1.ResourceRequirements `json:"resources,omitempty"`
	// Optional: Auth configures various aspects of Authentication and Authorization for this front-proxy instance.
	Auth *AuthSpec `json:"auth,omitempty"`
	// Optional: AdditionalPathMappings configures // TODO ?
	AdditionalPathMappings []PathMappingEntry `json:"additionalPathMappings,omitempty"`
	// Optional: Image defines the image to use. Defaults to the latest versioned image during the release of kcp-operator.
	Image *ImageSpec `json:"image,omitempty"`
	// Optional: ExternalHostname under which the FrontProxy can be reached. If empty, the RootShard's external hostname will be used only.
	ExternalHostname string `json:"externalHostname,omitempty"`

	// Optional: ServiceTemplate configures the Kubernetes Service created for this front-proxy instance.
	ServiceTemplate *ServiceTemplate `json:"serviceTemplate,omitempty"`

	// Optional: DeploymentTemplate configures the Kubernetes Deployment created for this shard.
	DeploymentTemplate *DeploymentTemplate `json:"deploymentTemplate,omitempty"`

	// CertificateTemplates allows to customize the properties on the generated
	// certificates for this root shard.
	CertificateTemplates CertificateTemplateMap `json:"certificateTemplates,omitempty"`
}

FrontProxySpec defines the desired state of FrontProxy.

func (*FrontProxySpec) DeepCopy 

func (in *FrontProxySpec) DeepCopy() *FrontProxySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FrontProxySpec.

func (*FrontProxySpec) DeepCopyInto 

func (in *FrontProxySpec) DeepCopyInto(out *FrontProxySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FrontProxyStatus 

type FrontProxyStatus struct {
	Phase FrontProxyPhase `json:"phase,omitempty"`

	// +listType=map
	// +listMapKey=type
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

FrontProxyStatus defines the observed state of FrontProxy

func (*FrontProxyStatus) DeepCopy 

func (in *FrontProxyStatus) DeepCopy() *FrontProxyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FrontProxyStatus.

func (*FrontProxyStatus) DeepCopyInto 

func (in *FrontProxyStatus) DeepCopyInto(out *FrontProxyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ImageSpec 

type ImageSpec struct {
	// Repository is the container image repository to use for KCP containers. Defaults to `ghcr.io/kcp-dev/kcp`.
	Repository string `json:"repository,omitempty"`
	// Tag is the container image tag to use for KCP containers. Defaults to the latest kcp release that the operator supports.
	Tag string `json:"tag,omitempty"`
	// Optional: ImagePullSecrets is a list of secret references that should be used as image pull secrets (e.g. when a private registry is used).
	ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"`
}

ImageSpec defines settings for using a specific image and overwriting the default images used.

func (*ImageSpec) DeepCopy 

func (in *ImageSpec) DeepCopy() *ImageSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImageSpec.

func (*ImageSpec) DeepCopyInto 

func (in *ImageSpec) DeepCopyInto(out *ImageSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Kubeconfig 

type Kubeconfig struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   KubeconfigSpec   `json:"spec,omitempty"`
	Status KubeconfigStatus `json:"status,omitempty"`
}

Kubeconfig is the Schema for the kubeconfigs API

func (*Kubeconfig) DeepCopy 

func (in *Kubeconfig) DeepCopy() *Kubeconfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Kubeconfig.

func (*Kubeconfig) DeepCopyInto 

func (in *Kubeconfig) DeepCopyInto(out *Kubeconfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Kubeconfig) DeepCopyObject 

func (in *Kubeconfig) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Kubeconfig) GetCertificateName 

func (k *Kubeconfig) GetCertificateName() string

type KubeconfigList 

type KubeconfigList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Kubeconfig `json:"items"`
}

KubeconfigList contains a list of Kubeconfig

func (*KubeconfigList) DeepCopy 

func (in *KubeconfigList) DeepCopy() *KubeconfigList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeconfigList.

func (*KubeconfigList) DeepCopyInto 

func (in *KubeconfigList) DeepCopyInto(out *KubeconfigList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KubeconfigList) DeepCopyObject 

func (in *KubeconfigList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type KubeconfigSpec 

type KubeconfigSpec struct {
	// Target configures which kcp-operator object this kubeconfig should be generated for (shard or front-proxy).
	Target KubeconfigTarget `json:"target"`

	// Username defines the username embedded in the TLS certificate generated for this kubeconfig.
	Username string `json:"username"`
	// Username defines the groups embedded in the TLS certificate generated for this kubeconfig.
	Groups []string `json:"groups,omitempty"`

	// Validity configures the lifetime of the embedded TLS certificate. The kubeconfig secret will be automatically regenerated when the certificate expires.
	Validity metav1.Duration `json:"validity"`

	// SecretRef defines the v1.Secret object that the resulting kubeconfig should be written to.
	SecretRef corev1.LocalObjectReference `json:"secretRef"`

	// CertificateTemplate allows to customize the properties on the generated
	// certificate for this kubeconfig.
	CertificateTemplate *CertificateTemplate `json:"certificateTemplate,omitempty"`
}

KubeconfigSpec defines the desired state of Kubeconfig.

func (*KubeconfigSpec) DeepCopy 

func (in *KubeconfigSpec) DeepCopy() *KubeconfigSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeconfigSpec.

func (*KubeconfigSpec) DeepCopyInto 

func (in *KubeconfigSpec) DeepCopyInto(out *KubeconfigSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubeconfigStatus 

type KubeconfigStatus struct {
}

KubeconfigStatus defines the observed state of Kubeconfig

func (*KubeconfigStatus) DeepCopy 

func (in *KubeconfigStatus) DeepCopy() *KubeconfigStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeconfigStatus.

func (*KubeconfigStatus) DeepCopyInto 

func (in *KubeconfigStatus) DeepCopyInto(out *KubeconfigStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubeconfigTarget 

type KubeconfigTarget struct {
	RootShardRef  *corev1.LocalObjectReference `json:"rootShardRef,omitempty"`
	ShardRef      *corev1.LocalObjectReference `json:"shardRef,omitempty"`
	FrontProxyRef *corev1.LocalObjectReference `json:"frontProxyRef,omitempty"`
}

func (*KubeconfigTarget) DeepCopy 

func (in *KubeconfigTarget) DeepCopy() *KubeconfigTarget

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeconfigTarget.

func (*KubeconfigTarget) DeepCopyInto 

func (in *KubeconfigTarget) DeepCopyInto(out *KubeconfigTarget)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OIDCConfiguration 

type OIDCConfiguration struct {
	Enabled bool `json:"enabled"`

	// IssuerURL is used for the OIDC issuer URL. Only https URLs will be accepted.
	IssuerURL string `json:"issuerURL"`
	// ClientID is the OIDC client ID configured on the issuer side for this KCP instance.
	ClientID string `json:"clientID"`

	// Optionally provide the client secret for the OIDC client. This is not used by KCP itself, but is used to generate
	// a OIDC kubeconfig that can be shared with users to log in via the OIDC provider.
	ClientSecret string `json:"clientSecret,omitempty"`

	// Experimental: Optionally provides a custom claim for fetching groups. The claim must be a string or an array of strings.
	GroupsClaim string `json:"groupsClaim,omitempty"`
	// Optionally uses a custom claim for fetching the username. This defaults to "sub" if unset.
	UsernameClaim string `json:"usernameClaim,omitempty"`

	// Optionally sets a custom groups prefix. This defaults to "oidc:" if unset, which means a group called "group1"
	// on the OIDC side will be recognised as "oidc:group1" in KCP.
	GroupsPrefix string `json:"groupsPrefix,omitempty"`
	// Optionally sets a custom username prefix. This defaults to "oidc:" if unset, which means a user called "user@example.com"
	// on the OIDC side will be recognised as "oidc:user@example.com" in KCP.
	UsernamePrefix string `json:"usernamePrefix,omitempty"`
}

func (*OIDCConfiguration) DeepCopy 

func (in *OIDCConfiguration) DeepCopy() *OIDCConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCConfiguration.

func (*OIDCConfiguration) DeepCopyInto 

func (in *OIDCConfiguration) DeepCopyInto(out *OIDCConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ObjectReference 

type ObjectReference struct {
	// Name of the object being referred to.
	Name string `json:"name"`
	// Kind of the object being referred to.
	// +optional
	Kind string `json:"kind,omitempty"`
	// Group of the object being referred to.
	// +optional
	Group string `json:"group,omitempty"`
}

ObjectReference is a reference to an object with a given name, kind and group.

func (*ObjectReference) DeepCopy 

func (in *ObjectReference) DeepCopy() *ObjectReference

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ObjectReference.

func (*ObjectReference) DeepCopyInto 

func (in *ObjectReference) DeepCopyInto(out *ObjectReference)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PathMappingEntry 

type PathMappingEntry struct {
	Path            string `json:"path"`
	Backend         string `json:"backend"`
	BackendServerCA string `json:"backend_server_ca"`
	ProxyClientCert string `json:"proxy_client_cert"`
	ProxyClientKey  string `json:"proxy_client_key"`
}

TODO for now the PathMappingEntry is defined inline at kcp upstream (https://github.com/kcp-dev/kcp/blob/f81a97d0fba951e6ac6f94e8e0f5339f49a9dd92/cmd/sharded-test-server/frontproxy.go#L69), so we have to copy the struct type

func (*PathMappingEntry) DeepCopy 

func (in *PathMappingEntry) DeepCopy() *PathMappingEntry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PathMappingEntry.

func (*PathMappingEntry) DeepCopyInto 

func (in *PathMappingEntry) DeepCopyInto(out *PathMappingEntry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PodMetadataTemplate 

type PodMetadataTemplate struct {
	// Annotations is a key value map to be copied to the Pod.
	// +optional
	Annotations map[string]string `json:"annotations,omitempty"`

	// Labels is a key value map to be copied to the Pod.
	// +optional
	Labels map[string]string `json:"labels,omitempty"`
}

func (*PodMetadataTemplate) DeepCopy 

func (in *PodMetadataTemplate) DeepCopy() *PodMetadataTemplate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodMetadataTemplate.

func (*PodMetadataTemplate) DeepCopyInto 

func (in *PodMetadataTemplate) DeepCopyInto(out *PodMetadataTemplate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PodSpecTemplate 

type PodSpecTemplate struct {
	// NodeSelector is a selector which must be true for the pod to fit on a node.
	// Selector which must match a node's labels for the pod to be scheduled on that node.
	// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
	// +optional
	// +mapType=atomic
	NodeSelector map[string]string `json:"nodeSelector,omitempty"`

	// If specified, the pod's scheduling constraints
	// +optional
	Affinity *corev1.Affinity `json:"affinity,omitempty"`

	// If specified, the pod's tolerations.
	// +optional
	// +listType=atomic
	Tolerations []corev1.Toleration `json:"tolerations,omitempty"`

	// HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts
	// file if specified.
	// +optional
	// +patchMergeKey=ip
	// +patchStrategy=merge
	// +listType=map
	// +listMapKey=ip
	HostAliases []corev1.HostAlias `json:"hostAliases,omitempty"`

	// ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec.
	// If specified, these secrets will be passed to individual puller implementations for them to use.
	// More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod
	// +optional
	// +patchMergeKey=name
	// +patchStrategy=merge
	// +listType=map
	// +listMapKey=name
	ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"`
}

func (*PodSpecTemplate) DeepCopy 

func (in *PodSpecTemplate) DeepCopy() *PodSpecTemplate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodSpecTemplate.

func (*PodSpecTemplate) DeepCopyInto 

func (in *PodSpecTemplate) DeepCopyInto(out *PodSpecTemplate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PodTemplateSpec 

type PodTemplateSpec struct {
	Metadata *PodMetadataTemplate `json:"metadata,omitempty"`
	Spec     *PodSpecTemplate     `json:"spec,omitempty"`
}

func (*PodTemplateSpec) DeepCopy 

func (in *PodTemplateSpec) DeepCopy() *PodTemplateSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodTemplateSpec.

func (*PodTemplateSpec) DeepCopyInto 

func (in *PodTemplateSpec) DeepCopyInto(out *PodTemplateSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PrivateKeyAlgorithm 

type PrivateKeyAlgorithm string

+kubebuilder:validation:Enum=RSA;ECDSA;Ed25519 

const (
	// RSA private key algorithm.
	RSAKeyAlgorithm PrivateKeyAlgorithm = "RSA"

	// ECDSA private key algorithm.
	ECDSAKeyAlgorithm PrivateKeyAlgorithm = "ECDSA"

	// Ed25519 private key algorithm.
	Ed25519KeyAlgorithm PrivateKeyAlgorithm = "Ed25519"
)

type PrivateKeyEncoding 

type PrivateKeyEncoding string

+kubebuilder:validation:Enum=PKCS1;PKCS8 

const (
	// PKCS1 private key encoding.
	// PKCS1 produces a PEM block that contains the private key algorithm
	// in the header and the private key in the body. A key that uses this
	// can be recognised by its `BEGIN RSA PRIVATE KEY` or `BEGIN EC PRIVATE KEY` header.
	// NOTE: This encoding is not supported for Ed25519 keys. Attempting to use
	// this encoding with an Ed25519 key will be ignored and default to PKCS8.
	PKCS1 PrivateKeyEncoding = "PKCS1"

	// PKCS8 private key encoding.
	// PKCS8 produces a PEM block with a static header and both the private
	// key algorithm and the private key in the body. A key that uses this
	// encoding can be recognised by its `BEGIN PRIVATE KEY` header.
	PKCS8 PrivateKeyEncoding = "PKCS8"
)

type PrivateKeyRotationPolicy 

type PrivateKeyRotationPolicy string

Denotes how private keys should be generated or sourced when a Certificate is being issued. +kubebuilder:validation:Enum=Never;Always 

var (
	// RotationPolicyNever means a private key will only be generated if one
	// does not already exist in the target `spec.secretName`.
	// If one does exist but it does not have the correct algorithm or size,
	// a warning will be raised to await user intervention.
	RotationPolicyNever PrivateKeyRotationPolicy = "Never"

	// RotationPolicyAlways means a private key matching the specified
	// requirements will be generated whenever a re-issuance occurs.
	RotationPolicyAlways PrivateKeyRotationPolicy = "Always"
)

type RootShard 

type RootShard struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   RootShardSpec   `json:"spec,omitempty"`
	Status RootShardStatus `json:"status,omitempty"`
}

RootShard is the Schema for the kcpinstances API

func (*RootShard) DeepCopy 

func (in *RootShard) DeepCopy() *RootShard

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RootShard.

func (*RootShard) DeepCopyInto 

func (in *RootShard) DeepCopyInto(out *RootShard)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RootShard) DeepCopyObject 

func (in *RootShard) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type RootShardConfig 

type RootShardConfig struct {
	// Reference references a local RootShard object.
	Reference *corev1.LocalObjectReference `json:"ref,omitempty"`
}

func (*RootShardConfig) DeepCopy 

func (in *RootShardConfig) DeepCopy() *RootShardConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RootShardConfig.

func (*RootShardConfig) DeepCopyInto 

func (in *RootShardConfig) DeepCopyInto(out *RootShardConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RootShardList 

type RootShardList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []RootShard `json:"items"`
}

RootShardList contains a list of RootShard

func (*RootShardList) DeepCopy 

func (in *RootShardList) DeepCopy() *RootShardList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RootShardList.

func (*RootShardList) DeepCopyInto 

func (in *RootShardList) DeepCopyInto(out *RootShardList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RootShardList) DeepCopyObject 

func (in *RootShardList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type RootShardPhase 

type RootShardPhase string
const (
	RootShardPhaseProvisioning RootShardPhase = "Provisioning"
	RootShardPhaseRunning      RootShardPhase = "Running"
	RootShardPhaseDeleting     RootShardPhase = "Deleting"
)

type RootShardSpec 

type RootShardSpec struct {
	CommonShardSpec `json:",inline"`

	External ExternalConfig `json:"external"`

	// Cache configures the cache server (with a Kubernetes-like API) used by a sharded kcp instance.
	Cache CacheConfig `json:"cache"`

	// Certificates configures how the operator should create the kcp root CA, from which it will
	// then create all other sub CAs and leaf certificates.
	Certificates Certificates `json:"certificates"`
}

RootShardSpec defines the desired state of RootShard.

func (*RootShardSpec) DeepCopy 

func (in *RootShardSpec) DeepCopy() *RootShardSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RootShardSpec.

func (*RootShardSpec) DeepCopyInto 

func (in *RootShardSpec) DeepCopyInto(out *RootShardSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RootShardStatus 

type RootShardStatus struct {
	Phase RootShardPhase `json:"phase,omitempty"`

	// +listType=map
	// +listMapKey=type
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

RootShardStatus defines the observed state of RootShard

func (*RootShardStatus) DeepCopy 

func (in *RootShardStatus) DeepCopy() *RootShardStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RootShardStatus.

func (*RootShardStatus) DeepCopyInto 

func (in *RootShardStatus) DeepCopyInto(out *RootShardStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ServiceMetadataTemplate 

type ServiceMetadataTemplate struct {
	// Annotations is a key value map to be copied to the target Kubernetes Service.
	// +optional
	Annotations map[string]string `json:"annotations,omitempty"`

	// Labels is a key value map to be copied to the target Kubernetes Service.
	// +optional
	Labels map[string]string `json:"labels,omitempty"`
}

ServiceMetadataTemplate defines the default labels and annotations to be copied to the Kubernetes Service resource.

func (*ServiceMetadataTemplate) DeepCopy 

func (in *ServiceMetadataTemplate) DeepCopy() *ServiceMetadataTemplate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceMetadataTemplate.

func (*ServiceMetadataTemplate) DeepCopyInto 

func (in *ServiceMetadataTemplate) DeepCopyInto(out *ServiceMetadataTemplate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ServiceSpecTemplate 

type ServiceSpecTemplate struct {
	Type      corev1.ServiceType `json:"type,omitempty"`
	ClusterIP string             `json:"clusterIP,omitempty"`
}

func (*ServiceSpecTemplate) DeepCopy 

func (in *ServiceSpecTemplate) DeepCopy() *ServiceSpecTemplate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceSpecTemplate.

func (*ServiceSpecTemplate) DeepCopyInto 

func (in *ServiceSpecTemplate) DeepCopyInto(out *ServiceSpecTemplate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ServiceTemplate 

type ServiceTemplate struct {
	Metadata *ServiceMetadataTemplate `json:"metadata,omitempty"`
	Spec     *ServiceSpecTemplate     `json:"spec,omitempty"`
}

func (*ServiceTemplate) DeepCopy 

func (in *ServiceTemplate) DeepCopy() *ServiceTemplate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceTemplate.

func (*ServiceTemplate) DeepCopyInto 

func (in *ServiceTemplate) DeepCopyInto(out *ServiceTemplate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Shard 

type Shard struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   ShardSpec   `json:"spec,omitempty"`
	Status ShardStatus `json:"status,omitempty"`
}

Shard is the Schema for the shards API

func (*Shard) DeepCopy 

func (in *Shard) DeepCopy() *Shard

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Shard.

func (*Shard) DeepCopyInto 

func (in *Shard) DeepCopyInto(out *Shard)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Shard) DeepCopyObject 

func (in *Shard) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ShardList 

type ShardList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Shard `json:"items"`
}

ShardList contains a list of Shard

func (*ShardList) DeepCopy 

func (in *ShardList) DeepCopy() *ShardList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ShardList.

func (*ShardList) DeepCopyInto 

func (in *ShardList) DeepCopyInto(out *ShardList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ShardList) DeepCopyObject 

func (in *ShardList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ShardPhase 

type ShardPhase string
const (
	ShardPhaseProvisioning ShardPhase = "Provisioning"
	ShardPhaseRunning      ShardPhase = "Running"
	ShardPhaseDeleting     ShardPhase = "Deleting"
)

type ShardSpec 

type ShardSpec struct {
	CommonShardSpec `json:",inline"`

	RootShard RootShardConfig `json:"rootShard"`
}

ShardSpec defines the desired state of Shard

func (*ShardSpec) DeepCopy 

func (in *ShardSpec) DeepCopy() *ShardSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ShardSpec.

func (*ShardSpec) DeepCopyInto 

func (in *ShardSpec) DeepCopyInto(out *ShardSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ShardStatus 

type ShardStatus struct {
	Phase ShardPhase `json:"phase,omitempty"`

	// +listType=map
	// +listMapKey=type
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

ShardStatus defines the observed state of Shard

func (*ShardStatus) DeepCopy 

func (in *ShardStatus) DeepCopy() *ShardStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ShardStatus.

func (*ShardStatus) DeepCopyInto 

func (in *ShardStatus) DeepCopyInto(out *ShardStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type X509Subject 

type X509Subject struct {
	// Organizations to be used on the Certificate.
	// +optional
	Organizations []string `json:"organizations,omitempty"`
	// Countries to be used on the Certificate.
	// +optional
	Countries []string `json:"countries,omitempty"`
	// Organizational Units to be used on the Certificate.
	// +optional
	OrganizationalUnits []string `json:"organizationalUnits,omitempty"`
	// Cities to be used on the Certificate.
	// +optional
	Localities []string `json:"localities,omitempty"`
	// State/Provinces to be used on the Certificate.
	// +optional
	Provinces []string `json:"provinces,omitempty"`
	// Street addresses to be used on the Certificate.
	// +optional
	StreetAddresses []string `json:"streetAddresses,omitempty"`
	// Postal codes to be used on the Certificate.
	// +optional
	PostalCodes []string `json:"postalCodes,omitempty"`
	// Serial number to be used on the Certificate.
	// +optional
	SerialNumber string `json:"serialNumber,omitempty"`
}

X509Subject Full X509 name specification

func (*X509Subject) DeepCopy 

func (in *X509Subject) DeepCopy() *X509Subject

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new X509Subject.

func (*X509Subject) DeepCopyInto 

func (in *X509Subject) DeepCopyInto(out *X509Subject)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.