v1

package
v0.0.0-...-555da3f Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 25, 2024 License: Apache-2.0 Imports: 8 Imported by: 65

Documentation

Overview

Package v1 contains API Schema definitions for the cloudcredential v1 API group +k8s:openapi-gen=true +k8s:deepcopy-gen=package,register +k8s:conversion-gen=github.com/openshift/cloud-credential-operator/pkg/apis/cloudcredential +k8s:defaulter-gen=TypeMeta +groupName=cloudcredential.openshift.io

Package v1 contains API Schema definitions for the cloudcredential v1 API group +k8s:openapi-gen=true +k8s:deepcopy-gen=package,register +k8s:conversion-gen=github.com/openshift/cloud-credential-operator/pkg/apis/cloudcredential +k8s:defaulter-gen=TypeMeta +groupName=cloudcredential.openshift.io

Index

Constants

View Source 
const (
	// FinalizerDeprovision is used on CredentialsRequests to ensure we delete the
	// credentials in AWS before allowing the CredentialsRequest to be deleted in etcd.
	FinalizerDeprovision string = "cloudcredential.openshift.io/deprovision"

	// LabelCredentialsRequest is to mark Secrets created as a target of CredentialsRequests.
	LabelCredentialsRequest      string = "cloudcredential.openshift.io/credentials-request"
	LabelCredentialsRequestValue string = "true"

	// AnnotationCredentialsRequest is used on Secrets created as a target of CredentialsRequests.
	// The annotation value will map back to the namespace/name of the CredentialsRequest that created
	// or adopted the secret.
	AnnotationCredentialsRequest string = "cloudcredential.openshift.io/credentials-request"

	// AnnotationAWSPolicyLastApplied is added to target Secrets indicating the last AWS policy
	// we successfully applied. It is used to compare if changes are necessary, without requiring
	// AWS credentials to view the actual state.
	AnnotationAWSPolicyLastApplied string = "cloudcredential.openshift.io/aws-policy-last-applied"

	// CloudCredOperatorNamespace is the namespace where the credentials operator runs.
	CloudCredOperatorNamespace = "openshift-cloud-credential-operator"
)

Variables

View Source 
var (
	GroupName     = "cloudcredential.openshift.io"
	GroupVersion  = schema.GroupVersion{Group: GroupName, Version: "v1"}
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
	// Install is a function which adds this version to a scheme
	Install = SchemeBuilder.AddToScheme

	// SchemeGroupVersion generated code relies on this name
	// DEPRECATED
	SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"}
	// AddToScheme exists solely to keep the old generators creating valid code
	// DEPRECATED
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source 
var (
	// FailureConditionTypes is a list of all conditions where the overall controller status would not
	// be healthy.
	FailureConditionTypes = []CredentialsRequestConditionType{
		InsufficientCloudCredentials,
		MissingTargetNamespace,
		CredentialsProvisionFailure,
		CredentialsDeprovisionFailure,
	}
)

Functions

func Resource 

func Resource(resource string) schema.GroupResource

Resource generated code relies on this being here, but it logically belongs to the group DEPRECATED

Types

type AWSProviderSpec 

type AWSProviderSpec struct {
	metav1.TypeMeta `json:",inline"`
	// StatementEntries contains a list of policy statements that should be associated with this credentials access key.
	StatementEntries []StatementEntry `json:"statementEntries"`
	// stsIAMRoleARN is the Amazon Resource Name (ARN) of an IAM Role which was created manually for the associated
	// CredentialsRequest.
	// The presence of an stsIAMRoleARN within the AWSProviderSpec initiates creation of a secret containing IAM
	// Role details necessary for assuming the IAM Role via Amazon's Secure Token Service.
	// +optional
	STSIAMRoleARN string `json:"stsIAMRoleARN,omitempty"`
}

AWSProviderSpec contains the required information to create a user policy in AWS. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AWSProviderSpec) DeepCopy 

func (in *AWSProviderSpec) DeepCopy() *AWSProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSProviderSpec.

func (*AWSProviderSpec) DeepCopyInto 

func (in *AWSProviderSpec) DeepCopyInto(out *AWSProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AWSProviderSpec) DeepCopyObject 

func (in *AWSProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AWSProviderStatus 

type AWSProviderStatus struct {
	metav1.TypeMeta `json:",inline"`
	// User is the name of the User created in AWS for these credentials.
	User string `json:"user"`
	// Policy is the name of the policy attached to the user in AWS.
	Policy string `json:"policy"`
}

AWSProviderStatus containes the status of the credentials request in AWS. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AWSProviderStatus) DeepCopy 

func (in *AWSProviderStatus) DeepCopy() *AWSProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSProviderStatus.

func (*AWSProviderStatus) DeepCopyInto 

func (in *AWSProviderStatus) DeepCopyInto(out *AWSProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AWSProviderStatus) DeepCopyObject 

func (in *AWSProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AccessPolicy 

type AccessPolicy struct {
	// Attributes identify the resources to which this policy applies
	Attributes []ResourceAttribute `json:"attributes"`

	// Roles are the IAM roles assigned to this policy
	Roles []string `json:"roles"`
}

AccessPolicy is a definition of an IAM access policy

func (*AccessPolicy) DeepCopy 

func (in *AccessPolicy) DeepCopy() *AccessPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessPolicy.

func (*AccessPolicy) DeepCopyInto 

func (in *AccessPolicy) DeepCopyInto(out *AccessPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AlibabaCloudProviderSpec 

type AlibabaCloudProviderSpec struct {
	metav1.TypeMeta `json:",inline"`
	// StatementEntries contains a list of policy statements that should be associated with this credentials access key.
	StatementEntries []AlibabaStatementEntry `json:"statementEntries"`
}

AlibabaCloudProviderSpec contains the required information to create a user policy in AlibabaCloud. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AlibabaCloudProviderSpec) DeepCopy 

func (in *AlibabaCloudProviderSpec) DeepCopy() *AlibabaCloudProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AlibabaCloudProviderSpec.

func (*AlibabaCloudProviderSpec) DeepCopyInto 

func (in *AlibabaCloudProviderSpec) DeepCopyInto(out *AlibabaCloudProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AlibabaCloudProviderSpec) DeepCopyObject 

func (in *AlibabaCloudProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AlibabaCloudProviderStatus 

type AlibabaCloudProviderStatus struct {
	metav1.TypeMeta `json:",inline"`
}

AlibabaCloudProviderStatus containes the status of the credentials request in AlibabaCloud. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AlibabaCloudProviderStatus) DeepCopy 

func (in *AlibabaCloudProviderStatus) DeepCopy() *AlibabaCloudProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AlibabaCloudProviderStatus.

func (*AlibabaCloudProviderStatus) DeepCopyInto 

func (in *AlibabaCloudProviderStatus) DeepCopyInto(out *AlibabaCloudProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AlibabaCloudProviderStatus) DeepCopyObject 

func (in *AlibabaCloudProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AlibabaStatementEntry 

type AlibabaStatementEntry struct {
	// Effect indicates if this policy statement is to Allow or Deny.
	Effect string `json:"effect"`
	// Action describes the particular AlibabaCloud service actions that should be allowed or denied.
	Action []string `json:"action"`
	// Resource specifies the object(s) this statement should apply to. (or "*" for all)
	Resource string `json:"resource"`
}

StatementEntry models an AlibabaCloud policy statement entry.

func (*AlibabaStatementEntry) DeepCopy 

func (in *AlibabaStatementEntry) DeepCopy() *AlibabaStatementEntry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AlibabaStatementEntry.

func (*AlibabaStatementEntry) DeepCopyInto 

func (in *AlibabaStatementEntry) DeepCopyInto(out *AlibabaStatementEntry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzureProviderSpec 

type AzureProviderSpec struct {
	metav1.TypeMeta `json:",inline"`

	// RoleBindings contains a list of roles that should be associated with the minted credential.
	RoleBindings []RoleBinding `json:"roleBindings"`

	// Permissions is the list of Azure permissions required to create a more fine-grained custom role to
	// satisfy the CredentialsRequest.
	// The Permissions field may be provided in addition to RoleBindings. When both fields are specified,
	// the user-assigned managed identity will have union of permissions defined from both Permissions
	// and RoleBindings.
	// +optional
	Permissions []string `json:"permissions,omitempty"`

	// DataPermissions is the list of Azure data permissions required to create a more fine-grained custom
	// role to satisfy the CredentialsRequest.
	// The DataPermissions field may be provided in addition to RoleBindings. When both fields are specified,
	// the user-assigned managed identity will have union of permissions defined from both DataPermissions
	// and RoleBindings.
	// +optional
	DataPermissions []string `json:"dataPermissions,omitempty"`

	// The following fields are only required for Azure Workload Identity.
	// AzureClientID is the ID of the specific application you created in Azure
	// +optional
	AzureClientID string `json:"azureClientID,omitempty"`

	// AzureRegion is the geographic region of the Azure service.
	// +optional
	AzureRegion string `json:"azureRegion,omitempty"`

	// Each Azure subscription has an ID associated with it, as does the tenant to which a subscription belongs.
	// AzureSubscriptionID is the ID of the subscription.
	// +optional
	AzureSubscriptionID string `json:"azureSubscriptionID,omitempty"`

	// AzureTenantID is the ID of the tenant to which the subscription belongs.
	// +optional
	AzureTenantID string `json:"azureTenantID,omitempty"`
}

AzureProviderSpec contains the required information to create RBAC role bindings for Azure. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AzureProviderSpec) DeepCopy 

func (in *AzureProviderSpec) DeepCopy() *AzureProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureProviderSpec.

func (*AzureProviderSpec) DeepCopyInto 

func (in *AzureProviderSpec) DeepCopyInto(out *AzureProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzureProviderSpec) DeepCopyObject 

func (in *AzureProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AzureProviderStatus 

type AzureProviderStatus struct {
	metav1.TypeMeta `json:",inline"`

	// ServicePrincipalName is the name of the service principal created in Azure for these credentials.
	ServicePrincipalName string `json:"name"`

	// AppID is the application id of the service principal created in Azure for these credentials.
	AppID string `json:"appID"`

	// SecretLastResourceVersion is the resource version of the secret resource
	// that was last synced. Used to determine if the object has changed and
	// requires a sync.
	SecretLastResourceVersion string `json:"secretLastResourceVersion"`
}

AzureProviderStatus contains the status of the credentials request in Azure. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AzureProviderStatus) DeepCopy 

func (in *AzureProviderStatus) DeepCopy() *AzureProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureProviderStatus.

func (*AzureProviderStatus) DeepCopyInto 

func (in *AzureProviderStatus) DeepCopyInto(out *AzureProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzureProviderStatus) DeepCopyObject 

func (in *AzureProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CredentialsRequest 

type CredentialsRequest struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// +kubebuilder:validation:Required
	// +required
	Spec   CredentialsRequestSpec   `json:"spec"`
	Status CredentialsRequestStatus `json:"status,omitempty"`
}

CredentialsRequest is the Schema for the credentialsrequests API +k8s:openapi-gen=true +kubebuilder:subresource:status

func (*CredentialsRequest) DeepCopy 

func (in *CredentialsRequest) DeepCopy() *CredentialsRequest

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialsRequest.

func (*CredentialsRequest) DeepCopyInto 

func (in *CredentialsRequest) DeepCopyInto(out *CredentialsRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CredentialsRequest) DeepCopyObject 

func (in *CredentialsRequest) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CredentialsRequestCondition 

type CredentialsRequestCondition struct {
	// Type is the specific type of the condition
	// +kubebuilder:validation:Required
	// +required
	Type CredentialsRequestConditionType `json:"type"`
	// Status is the status of the condition
	// +kubebuilder:validation:Required
	// +required
	Status corev1.ConditionStatus `json:"status"`
	// LastProbeTime is the last time we probed the condition
	LastProbeTime metav1.Time `json:"lastProbeTime,omitempty"`
	// LastTransitionTime is the last time the condition transitioned from one status to another.
	LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"`
	// Reason is a unique, one-word, CamelCase reason for the condition's last transition
	Reason string `json:"reason,omitempty"`
	// Message is a human-readable message indicating details about the last transition
	Message string `json:"message,omitempty"`
}

CredentialsRequestCondition contains details for any of the conditions on a CredentialsRequest object

func (*CredentialsRequestCondition) DeepCopy 

func (in *CredentialsRequestCondition) DeepCopy() *CredentialsRequestCondition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialsRequestCondition.

func (*CredentialsRequestCondition) DeepCopyInto 

func (in *CredentialsRequestCondition) DeepCopyInto(out *CredentialsRequestCondition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CredentialsRequestConditionType 

type CredentialsRequestConditionType string

CredentialsRequestConditionType are the valid condition types for a CredentialsRequest 

const (
	// InsufficientCloudCredentials is true when the cloud credentials are deemed to be insufficient
	// to either mint custom creds to satisfy the CredentialsRequest or insufficient to
	// be able to be passed along as-is to satisfy the CredentialsRequest
	InsufficientCloudCredentials CredentialsRequestConditionType = "InsufficientCloudCreds"
	// MissingTargetNamespace is true when the namespace specified to hold the resulting
	// credentials is not present
	MissingTargetNamespace CredentialsRequestConditionType = "MissingTargetNamespace"
	// CredentialsProvisionFailure is true whenver there has been an issue while trying
	// to provision the credentials (either passthrough or minting). Error message will
	// be stored directly in the condition message.
	CredentialsProvisionFailure CredentialsRequestConditionType = "CredentialsProvisionFailure"
	// CredentialsDeprovisionFailure is true whenever there is an error when trying
	// to clean up any previously-created cloud resources
	CredentialsDeprovisionFailure CredentialsRequestConditionType = "CredentialsDeprovisionFailure"
	// Ignored is true when the CredentialsRequest's ProviderSpec is for
	// a different infrastructure platform than what the cluster has been
	// deployed to. This is normal as the release image contains CredentialsRequests for all
	// possible clouds/infrastructure, and cloud-credential-operator will only act on the
	// CredentialsRequests where the cloud/infra matches.
	Ignored CredentialsRequestConditionType = "Ignored"
	// StaleCredentials is true when CredentialsRequest is no longer required and has to be cleaned ip
	StaleCredentials CredentialsRequestConditionType = "StaleCredentials"
	// OrphanedCloudResource is true when CCO was unable to delete a previously created
	// App Registration / Service Principal while pivoting from Mint mode to Passthrough
	OrphanedCloudResource CredentialsRequestConditionType = "OrphanedCloudResource"
)

These are valid conditions for a CredentialsRequest

type CredentialsRequestList 

type CredentialsRequestList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []CredentialsRequest `json:"items"`
}

CredentialsRequestList contains a list of CredentialsRequest

func (*CredentialsRequestList) DeepCopy 

func (in *CredentialsRequestList) DeepCopy() *CredentialsRequestList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialsRequestList.

func (*CredentialsRequestList) DeepCopyInto 

func (in *CredentialsRequestList) DeepCopyInto(out *CredentialsRequestList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CredentialsRequestList) DeepCopyObject 

func (in *CredentialsRequestList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CredentialsRequestSpec 

type CredentialsRequestSpec struct {
	// SecretRef points to the secret where the credentials should be stored once generated.
	// +kubebuilder:validation:Required
	// +required
	SecretRef corev1.ObjectReference `json:"secretRef"`

	// ProviderSpec contains the cloud provider specific credentials specification.
	// +kubebuilder:pruning:PreserveUnknownFields
	ProviderSpec *runtime.RawExtension `json:"providerSpec,omitempty"`

	// ServiceAccountNames contains a list of ServiceAccounts that will use permissions associated with this
	// CredentialsRequest. This is not used by CCO, but the information is needed for being able to properly
	// set up access control in the cloud provider when the ServiceAccounts are used as part of the cloud
	// credentials flow.
	// +optional
	ServiceAccountNames []string `json:"serviceAccountNames,omitempty"`

	// cloudTokenPath is the path where the Kubernetes ServiceAccount token (JSON Web Token) is mounted
	// on the deployment for the workload requesting a credentials secret.
	// The presence of this field in combination with fields such as spec.providerSpec.stsIAMRoleARN
	// indicate that CCO should broker creation of a credentials secret containing fields necessary for
	// token based authentication methods such as with the AWS Secure Token Service (STS).
	//
	// cloudTokenPath may also be used to specify the azure_federated_token_file path used
	// in Azure configuration secrets generated by ccoctl.
	// Defaults to "/var/run/secrets/openshift/serviceaccount/token".
	// +optional
	CloudTokenPath string `json:"cloudTokenPath,omitempty"`
}

CredentialsRequestSpec defines the desired state of CredentialsRequest

func (*CredentialsRequestSpec) DeepCopy 

func (in *CredentialsRequestSpec) DeepCopy() *CredentialsRequestSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialsRequestSpec.

func (*CredentialsRequestSpec) DeepCopyInto 

func (in *CredentialsRequestSpec) DeepCopyInto(out *CredentialsRequestSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CredentialsRequestStatus 

type CredentialsRequestStatus struct {
	// Provisioned is true once the credentials have been initially provisioned.
	// +kubebuilder:validation:Required
	// +required
	Provisioned bool `json:"provisioned"`

	// LastSyncTimestamp is the time that the credentials were last synced.
	LastSyncTimestamp *metav1.Time `json:"lastSyncTimestamp,omitempty"`

	// LastSyncGeneration is the generation of the credentials request resource
	// that was last synced. Used to determine if the object has changed and
	// requires a sync.
	// +kubebuilder:validation:Required
	// +required
	LastSyncGeneration int64 `json:"lastSyncGeneration"`

	// LastSyncCloudCredsSecretResourceVersion is the resource version of the
	// cloud credentials secret resource when the credentials request resource
	// was last synced. Used to determine if the cloud credentials have
	// been updated since the last sync.
	// +optional
	LastSyncCloudCredsSecretResourceVersion string `json:"lastSyncCloudCredsSecretResourceVersion,omitempty"`

	// ProviderStatus contains cloud provider specific status.
	// +kubebuilder:pruning:PreserveUnknownFields
	ProviderStatus *runtime.RawExtension `json:"providerStatus,omitempty"`

	// Conditions includes detailed status for the CredentialsRequest
	// +optional
	Conditions []CredentialsRequestCondition `json:"conditions,omitempty"`
}

CredentialsRequestStatus defines the observed state of CredentialsRequest

func (*CredentialsRequestStatus) DeepCopy 

func (in *CredentialsRequestStatus) DeepCopy() *CredentialsRequestStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialsRequestStatus.

func (*CredentialsRequestStatus) DeepCopyInto 

func (in *CredentialsRequestStatus) DeepCopyInto(out *CredentialsRequestStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GCPProviderSpec 

type GCPProviderSpec struct {
	metav1.TypeMeta `json:",inline"`
	// PredefinedRoles is the list of GCP pre-defined roles
	// that the CredentialsRequest requires.
	PredefinedRoles []string `json:"predefinedRoles"`
	// Permissions is the list of GCP permissions required to create a more fine-grained custom role to
	// satisfy the CredentialsRequest.
	// The Permissions field may be provided in addition to PredefinedRoles. When both fields are specified,
	// the service account will have union of permissions defined from both Permissions and PredefinedRoles.
	// +optional
	Permissions []string `json:"permissions,omitempty"`
	// SkipServiceCheck can be set to true to skip the check whether the requested roles or permissions
	// have the necessary services enabled
	// +optional
	SkipServiceCheck bool `json:"skipServiceCheck,omitempty"`
}

GCPProviderSpec contains the required information to create a service account with policy bindings in GCP. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*GCPProviderSpec) DeepCopy 

func (in *GCPProviderSpec) DeepCopy() *GCPProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GCPProviderSpec.

func (*GCPProviderSpec) DeepCopyInto 

func (in *GCPProviderSpec) DeepCopyInto(out *GCPProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*GCPProviderSpec) DeepCopyObject 

func (in *GCPProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type GCPProviderStatus 

type GCPProviderStatus struct {
	metav1.TypeMeta `json:",inline"`
	// ServiceAccountID is the ID of the service account created in GCP for the requested credentials.
	ServiceAccountID string `json:"serviceAccountID"`
	// RoleID is the ID of the custom role created in GCP for the requested permissions apart from
	// permissions granted by the pre-defined roles.
	// RoleID is set by the Cloud Credential Operator controllers and should not be set manually.
	// +optional
	RoleID string `json:"roleID,omitempty"`
}

GCPProviderStatus contains the status of the GCP credentials request. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*GCPProviderStatus) DeepCopy 

func (in *GCPProviderStatus) DeepCopy() *GCPProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GCPProviderStatus.

func (*GCPProviderStatus) DeepCopyInto 

func (in *GCPProviderStatus) DeepCopyInto(out *GCPProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*GCPProviderStatus) DeepCopyObject 

func (in *GCPProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMPolicyCondition 

type IAMPolicyCondition map[string]IAMPolicyConditionKeyValue

IAMPolicyCondition - map of condition types, with associated key - value mapping +k8s:deepcopy-gen=false

func (*IAMPolicyCondition) DeepCopy 

func (in *IAMPolicyCondition) DeepCopy() *IAMPolicyCondition

DeepCopy is a deepcopy function, copying the receiver, creating a new IAMPolicyCondition.

func (*IAMPolicyCondition) DeepCopyInto 

func (in *IAMPolicyCondition) DeepCopyInto(out *IAMPolicyCondition)

DeepCopyInto is a deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMPolicyConditionKeyValue 

type IAMPolicyConditionKeyValue map[string]interface{}

IAMPolicyConditionKeyValue - mapping of values for the chosen type +k8s:deepcopy-gen=false

type IBMCloudPowerVSProviderSpec 

type IBMCloudPowerVSProviderSpec struct {
	metav1.TypeMeta `json:",inline"`

	// Policies are a list of access policies to create for the generated credentials
	Policies []AccessPolicy `json:"policies"`
}

IBMCloudPowerVSProviderSpec is the specification of the credentials request in IBM Cloud Power VS. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*IBMCloudPowerVSProviderSpec) DeepCopy 

func (in *IBMCloudPowerVSProviderSpec) DeepCopy() *IBMCloudPowerVSProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IBMCloudPowerVSProviderSpec.

func (*IBMCloudPowerVSProviderSpec) DeepCopyInto 

func (in *IBMCloudPowerVSProviderSpec) DeepCopyInto(out *IBMCloudPowerVSProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IBMCloudPowerVSProviderSpec) DeepCopyObject 

func (in *IBMCloudPowerVSProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IBMCloudPowerVSProviderStatus 

type IBMCloudPowerVSProviderStatus struct {
	metav1.TypeMeta `json:",inline"`
}

IBMCloudPowerVSProviderStatus contains the status of the IBM Cloud Power VS credentials request. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*IBMCloudPowerVSProviderStatus) DeepCopy 

func (in *IBMCloudPowerVSProviderStatus) DeepCopy() *IBMCloudPowerVSProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IBMCloudPowerVSProviderStatus.

func (*IBMCloudPowerVSProviderStatus) DeepCopyInto 

func (in *IBMCloudPowerVSProviderStatus) DeepCopyInto(out *IBMCloudPowerVSProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IBMCloudPowerVSProviderStatus) DeepCopyObject 

func (in *IBMCloudPowerVSProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IBMCloudProviderSpec 

type IBMCloudProviderSpec struct {
	metav1.TypeMeta `json:",inline"`

	// Policies are a list of access policies to create for the generated credentials
	Policies []AccessPolicy `json:"policies"`
}

IBMCloudProviderSpec is the specification of the credentials request in IBM Cloud. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*IBMCloudProviderSpec) DeepCopy 

func (in *IBMCloudProviderSpec) DeepCopy() *IBMCloudProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IBMCloudProviderSpec.

func (*IBMCloudProviderSpec) DeepCopyInto 

func (in *IBMCloudProviderSpec) DeepCopyInto(out *IBMCloudProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IBMCloudProviderSpec) DeepCopyObject 

func (in *IBMCloudProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IBMCloudProviderStatus 

type IBMCloudProviderStatus struct {
	metav1.TypeMeta `json:",inline"`
}

IBMCloudProviderStatus contains the status of the IBM Cloud credentials request. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*IBMCloudProviderStatus) DeepCopy 

func (in *IBMCloudProviderStatus) DeepCopy() *IBMCloudProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IBMCloudProviderStatus.

func (*IBMCloudProviderStatus) DeepCopyInto 

func (in *IBMCloudProviderStatus) DeepCopyInto(out *IBMCloudProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IBMCloudProviderStatus) DeepCopyObject 

func (in *IBMCloudProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type KubevirtProviderSpec 

type KubevirtProviderSpec struct {
	metav1.TypeMeta `json:",inline"`
}

KubevirtProviderSpec the specification of the credentials request in Kubevirt. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*KubevirtProviderSpec) DeepCopy 

func (in *KubevirtProviderSpec) DeepCopy() *KubevirtProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubevirtProviderSpec.

func (*KubevirtProviderSpec) DeepCopyInto 

func (in *KubevirtProviderSpec) DeepCopyInto(out *KubevirtProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KubevirtProviderSpec) DeepCopyObject 

func (in *KubevirtProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type KubevirtProviderStatus 

type KubevirtProviderStatus struct {
	metav1.TypeMeta `json:",inline"`
}

KubevirtProviderSpec contains the status of the credentials request in Kubevirt. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*KubevirtProviderStatus) DeepCopy 

func (in *KubevirtProviderStatus) DeepCopy() *KubevirtProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubevirtProviderStatus.

func (*KubevirtProviderStatus) DeepCopyInto 

func (in *KubevirtProviderStatus) DeepCopyInto(out *KubevirtProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KubevirtProviderStatus) DeepCopyObject 

func (in *KubevirtProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type NutanixProviderSpec 

type NutanixProviderSpec struct {
	metav1.TypeMeta `json:",inline"`
}

NutanixProviderSpec the specification of the credentials request in Nutanix. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*NutanixProviderSpec) DeepCopy 

func (in *NutanixProviderSpec) DeepCopy() *NutanixProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NutanixProviderSpec.

func (*NutanixProviderSpec) DeepCopyInto 

func (in *NutanixProviderSpec) DeepCopyInto(out *NutanixProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*NutanixProviderSpec) DeepCopyObject 

func (in *NutanixProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type NutanixProviderStatus 

type NutanixProviderStatus struct {
	metav1.TypeMeta `json:",inline"`
}

NutanixProviderStatus contains the status of the credentials request in Nutanix. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*NutanixProviderStatus) DeepCopy 

func (in *NutanixProviderStatus) DeepCopy() *NutanixProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NutanixProviderStatus.

func (*NutanixProviderStatus) DeepCopyInto 

func (in *NutanixProviderStatus) DeepCopyInto(out *NutanixProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*NutanixProviderStatus) DeepCopyObject 

func (in *NutanixProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type OpenStackProviderSpec 

type OpenStackProviderSpec struct {
	metav1.TypeMeta `json:",inline"`
}

OpenStackProviderSpec the specification of the credentials request in OpenStack. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*OpenStackProviderSpec) DeepCopy 

func (in *OpenStackProviderSpec) DeepCopy() *OpenStackProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenStackProviderSpec.

func (*OpenStackProviderSpec) DeepCopyInto 

func (in *OpenStackProviderSpec) DeepCopyInto(out *OpenStackProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*OpenStackProviderSpec) DeepCopyObject 

func (in *OpenStackProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type OpenStackProviderStatus 

type OpenStackProviderStatus struct {
	metav1.TypeMeta `json:",inline"`
}

OpenStackProviderStatus contains the status of the credentials request in OpenStack. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*OpenStackProviderStatus) DeepCopy 

func (in *OpenStackProviderStatus) DeepCopy() *OpenStackProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenStackProviderStatus.

func (*OpenStackProviderStatus) DeepCopyInto 

func (in *OpenStackProviderStatus) DeepCopyInto(out *OpenStackProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*OpenStackProviderStatus) DeepCopyObject 

func (in *OpenStackProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type OvirtProviderSpec 

type OvirtProviderSpec struct {
	metav1.TypeMeta `json:",inline"`
}

OvirtProviderSpec the specification of the credentials request in Ovirt. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*OvirtProviderSpec) DeepCopy 

func (in *OvirtProviderSpec) DeepCopy() *OvirtProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OvirtProviderSpec.

func (*OvirtProviderSpec) DeepCopyInto 

func (in *OvirtProviderSpec) DeepCopyInto(out *OvirtProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*OvirtProviderSpec) DeepCopyObject 

func (in *OvirtProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type OvirtProviderStatus 

type OvirtProviderStatus struct {
	metav1.TypeMeta `json:",inline"`
}

OvirtProviderStatus contains the status of the credentials request in Ovirt. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*OvirtProviderStatus) DeepCopy 

func (in *OvirtProviderStatus) DeepCopy() *OvirtProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OvirtProviderStatus.

func (*OvirtProviderStatus) DeepCopyInto 

func (in *OvirtProviderStatus) DeepCopyInto(out *OvirtProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*OvirtProviderStatus) DeepCopyObject 

func (in *OvirtProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ProviderCodec 

type ProviderCodec struct {
	// contains filtered or unexported fields
}

ProviderCodec is a runtime codec for providers. +k8s:deepcopy-gen=false 

var Codec *ProviderCodec = nil

func (*ProviderCodec) DecodeProviderSpec 

func (codec *ProviderCodec) DecodeProviderSpec(providerConfig *runtime.RawExtension, out runtime.Object) error

DecodeProviderSpec deserializes an object from the provider config.

func (*ProviderCodec) DecodeProviderStatus 

func (codec *ProviderCodec) DecodeProviderStatus(providerStatus *runtime.RawExtension, out runtime.Object) error

DecodeProviderStatus deserializes the provider status.

func (*ProviderCodec) EncodeProviderSpec 

func (codec *ProviderCodec) EncodeProviderSpec(in runtime.Object) (*runtime.RawExtension, error)

EncodeProvider serializes an object to the provider spec.

func (*ProviderCodec) EncodeProviderStatus 

func (codec *ProviderCodec) EncodeProviderStatus(in runtime.Object) (*runtime.RawExtension, error)

EncodeProviderStatus serializes the provider status.

type ResourceAttribute 

type ResourceAttribute struct {
	// Name is the name of an attribute.
	Name string `json:"name"`

	// Value is the value of an attribute.
	Value string `json:"value"`

	// Operator is the operator of an attribute.
	Operator string `json:"operator,omitempty"`
}

ResourceAttribute is an attribute associated with a resource.

func (*ResourceAttribute) DeepCopy 

func (in *ResourceAttribute) DeepCopy() *ResourceAttribute

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceAttribute.

func (*ResourceAttribute) DeepCopyInto 

func (in *ResourceAttribute) DeepCopyInto(out *ResourceAttribute)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RoleBinding 

type RoleBinding struct {
	// Role defines a set of permissions that should be associated with the minted credential.
	Role string `json:"role"`
}

RoleBinding models part of the Azure RBAC Role Binding

func (*RoleBinding) DeepCopy 

func (in *RoleBinding) DeepCopy() *RoleBinding

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleBinding.

func (*RoleBinding) DeepCopyInto 

func (in *RoleBinding) DeepCopyInto(out *RoleBinding)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type StatementEntry 

type StatementEntry struct {
	// Effect indicates if this policy statement is to Allow or Deny.
	Effect string `json:"effect"`
	// Action describes the particular AWS service actions that should be allowed or denied. (i.e. ec2:StartInstances, iam:ChangePassword)
	Action []string `json:"action"`
	// Resource specifies the object(s) this statement should apply to. (or "*" for all)
	Resource string `json:"resource"`
	// PolicyCondition specifies under which condition StatementEntry will apply
	PolicyCondition IAMPolicyCondition `json:"policyCondition,omitempty"`
}

StatementEntry models an AWS policy statement entry.

func (*StatementEntry) DeepCopy 

func (in *StatementEntry) DeepCopy() *StatementEntry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StatementEntry.

func (*StatementEntry) DeepCopyInto 

func (in *StatementEntry) DeepCopyInto(out *StatementEntry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type VSpherePermission 

type VSpherePermission struct {
	// Privileges is the list of access being requested.
	Privileges []string `json:"privileges"`
}

VSpherePermission captures the details of the privileges being requested for the list of entities.

func (*VSpherePermission) DeepCopy 

func (in *VSpherePermission) DeepCopy() *VSpherePermission

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VSpherePermission.

func (*VSpherePermission) DeepCopyInto 

func (in *VSpherePermission) DeepCopyInto(out *VSpherePermission)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type VSphereProviderSpec 

type VSphereProviderSpec struct {
	metav1.TypeMeta `json:",inline"`

	// Permissions contains a list of groups of privileges that are being requested.
	Permissions []VSpherePermission `json:"permissions"`
}

VSphereProviderSpec contains the required information to create RBAC role bindings for VSphere. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*VSphereProviderSpec) DeepCopy 

func (in *VSphereProviderSpec) DeepCopy() *VSphereProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VSphereProviderSpec.

func (*VSphereProviderSpec) DeepCopyInto 

func (in *VSphereProviderSpec) DeepCopyInto(out *VSphereProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*VSphereProviderSpec) DeepCopyObject 

func (in *VSphereProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type VSphereProviderStatus 

type VSphereProviderStatus struct {
	metav1.TypeMeta `json:",inline"`

	// SecretLastResourceVersion is the resource version of the secret resource
	// that was last synced. Used to determine if the object has changed and
	// requires a sync.
	SecretLastResourceVersion string `json:"secretLastResourceVersion"`
}

VSphereProviderStatus contains the status of the credentials request in VSphere. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*VSphereProviderStatus) DeepCopy 

func (in *VSphereProviderStatus) DeepCopy() *VSphereProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VSphereProviderStatus.

func (*VSphereProviderStatus) DeepCopyInto 

func (in *VSphereProviderStatus) DeepCopyInto(out *VSphereProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*VSphereProviderStatus) DeepCopyObject 

func (in *VSphereProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.